tv.okezone.com Open in urlscan Pro
2606:4700:10::6816:3144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tv.okezone.com/
Effective URL:
https://tv.okezone.com/
Submission: On September 03 via api (September 3rd 2021, 1:13:50 pm UTC) from SG

Summary HTTP 193 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 26 domains to perform 193 HTTP transactions. The main IP is 2606:4700:10::6816:3144, located in United States and belongs to CLOUDFLARENET, US. The main domain is tv.okezone.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 15th 2019. Valid for: 2 years.

This is the only time tv.okezone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 54	2606:4700:10:... 2606:4700:10::6816:3144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:f600:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:3::729 2a04:4e42:3::729	54113 (FASTLY) (FASTLY)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.118 18.66.97.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 3	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.112.71 18.66.112.71	16509 (AMAZON-02) (AMAZON-02)
1	3.142.157.144 3.142.157.144	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5 7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	52.31.222.185 52.31.222.185	16509 (AMAZON-02) (AMAZON-02)
1	18.135.147.11 18.135.147.11	16509 (AMAZON-02) (AMAZON-02)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
193	45

54 2606:4700:10::6816:3144 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tv.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.118 (United States)

ASN16509 (AMAZON-02, US)

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.71 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.142.157.144 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-157-144.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
havasfrorangedcmdisplay758646212611.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.222.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.147.11 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-147-11.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	okezone.com 1 redirects tv.okezone.com cdn.okezone.com a.okezone.com	404 KB
32	googlesyndication.com f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	153 KB
27	2mdn.net s0.2mdn.net	1 MB
20	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	223 KB
14	moatads.com z.moatads.com geo.moatads.com mb.moatads.com px.moatads.com	112 KB
10	moatpixel.com havasfrorangedcmdisplay758646212611.s.moatpixel.com	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	5 KB
5	google.com adservice.google.com www.google.com	1 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	131 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	googletagservices.com www.googletagservices.com	125 KB
3	openx.net 2 redirects us-u.openx.net	829 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	teads.tv sync.teads.tv	344 B
2	google.de adservice.google.de www.google.de	272 B
2	histats.com s10.histats.com s4.histats.com	5 KB
2	googletagmanager.com www.googletagmanager.com	90 KB
2	zencdn.net vjs.zencdn.net	340 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com	603 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jwplatform.com content.jwplatform.com	40 KB
193	26

	Domain	Requested by
44	cdn.okezone.com	tv.okezone.com cdn.okezone.com
27	s0.2mdn.net	tv.okezone.com s0.2mdn.net
15	pagead2.googlesyndication.com	tv.okezone.com f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
11	px.moatads.com	f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com tv.okezone.com
10	havasfrorangedcmdisplay758646212611.s.moatpixel.com	f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com tv.okezone.com
10	tpc.googlesyndication.com	tv.okezone.com f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
7	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	tv.okezone.com	1 redirects tv.okezone.com static.cloudflareinsights.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	maxcdn.bootstrapcdn.com	tv.okezone.com maxcdn.bootstrapcdn.com
4	ade.googlesyndication.com	tv.okezone.com
4	googleads4.g.doubleclick.net	tv.okezone.com
4	www.google.com	tv.okezone.com f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	a.okezone.com	tv.okezone.com
4	www.googletagservices.com	tv.okezone.com securepubads.g.doubleclick.net f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	tv.okezone.com www.googletagservices.com securepubads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	tv.okezone.com f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
3	f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects tv.okezone.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	tv.okezone.com www.googletagmanager.com
2	vjs.zencdn.net	tv.okezone.com
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	s0.2mdn.net
1	z.moatads.com	s0.2mdn.net
1	www.google.de	tv.okezone.com
1	s4.histats.com	s10.histats.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	tv.okezone.com
1	certify.alexametrics.com	tv.okezone.com
1	s10.histats.com	tv.okezone.com
1	d31qbv1cthcecs.cloudfront.net	tv.okezone.com
1	static.cloudflareinsights.com	tv.okezone.com
1	content.jwplatform.com	tv.okezone.com
193	41

This site contains links to these domains. Also see Links.

Domain
news.okezone.com
economy.okezone.com
lifestyle.okezone.com
celebrity.okezone.com
bola.okezone.com
sports.okezone.com
techno.okezone.com
muslim.okezone.com
foto.okezone.com
video.okezone.com
index.okezone.com
www.jobsmnc.co.id
www.misteraladin.com
brandoutlet.co.id
www.mnc-insurance.com
id.okezone.com
management.okezone.com
career.okezone.com
client.okezone.com
www.facebook.com
twitter.com
plus.google.com
instagram.com
www.youtube.com
itunes.apple.com
play.google.com
appworld.blackberry.com
mnc.co.id
www.mncplaymedia.com

Subject Issuer	Validity	Valid
*.okezone.com RapidSSL RSA CA 2018	`2019-10-15` - `2021-10-25`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2020-09-10` - `2021-10-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://tv.okezone.com/
Frame ID: 10333F8BB03CC92BEDBD0F6D1424B560
Requests: 91 HTTP requests in this frame

Frame: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39DDC04F367A159E2014610D215A6458
Requests: 1 HTTP requests in this frame

Frame: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7418ADB7F7392E80B6327071C756914F
Requests: 1 HTTP requests in this frame

Frame: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 95C7C52BC1A72C6352EA47E728DD585D
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8
Frame ID: 6B2CBDBD5D8D8613992C5450FA095A54
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Frame ID: 167CCF375C3C70170627E63CF56AED42
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU
Frame ID: 26658FA6EACD4A78D7B7DA576B317E3B
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
Frame ID: B909CC5C5B9D336578DFCBF954EE41D2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B7D8B75BFE0641AF363544F706131845
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8365738/1629827842829/index.html
Frame ID: AA8F3284394332A52BAEADC6E22B1166
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 837A6E25CDCEAC66B68D5104EF6DAC82
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F71140521ACF314C73955EEA47378DA5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2602E7ECB9BFB98A0DFB498E8F392CF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Okezone Live Streaming Online - Okezone TV

Page URL History Show full URLs

http://tv.okezone.com/ HTTP 301
https://tv.okezone.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

193
Requests

99 %
HTTPS

61 %
IPv6

26
Domains

41
Subdomains

45
IPs

8
Countries

2728 kB
Transfer

6009 kB
Size

0
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://news.okezone.com/
Title: News

Search URL Search Domain Scan URL

URL: https://economy.okezone.com/
Title: Finance

Search URL Search Domain Scan URL

URL: https://lifestyle.okezone.com/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://celebrity.okezone.com/
Title: Celebrity

Search URL Search Domain Scan URL

URL: https://bola.okezone.com/
Title: Bola

Search URL Search Domain Scan URL

URL: https://sports.okezone.com/
Title: Sports

Search URL Search Domain Scan URL

URL: https://techno.okezone.com/
Title: Techno

Search URL Search Domain Scan URL

URL: https://lifestyle.okezone.com/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://lifestyle.okezone.com/food/
Title: Food

Search URL Search Domain Scan URL

URL: https://lifestyle.okezone.com/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://news.okezone.com/autos/
Title: Autos

Search URL Search Domain Scan URL

URL: http://muslim.okezone.com/
Title: Muslim

Search URL Search Domain Scan URL

URL: https://foto.okezone.com/
Title: Foto

Search URL Search Domain Scan URL

URL: https://video.okezone.com/
Title: Video

Search URL Search Domain Scan URL

URL: http://index.okezone.com/
Title: Indeks

Search URL Search Domain Scan URL

URL: http://www.jobsmnc.co.id/
Title: Lowongan Kerja

Search URL Search Domain Scan URL

URL: https://www.misteraladin.com/
Title: Booking Hotel

Search URL Search Domain Scan URL

URL: https://brandoutlet.co.id/
Title: Fashion Online

Search URL Search Domain Scan URL

URL: https://www.mnc-insurance.com/
Title: Asuransi Kendaraan

Search URL Search Domain Scan URL

URL: https://id.okezone.com/oauth/authorize?response_type=code&client_id=b1a153383f08cd0bab710b1109a4c4edcf06b4283bbb9144fe9917152db1cf52&redirect_uri=http%3A%2F%2Ftv2016.okezonedev.com%2F&back_to=http%3A%2F%2Ftv2016.okezonedev.com%2F
Title:

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/08/27/1/138421/ledakan-di-dekat-bandara-kabul-tewaskan-13-tentara-as-dan-60-warga-afghanistan
Title: Ledakan Di Dekat Bandara Kabul Tewaskan 13 Tentara AS Dan 60 Warga Afghanistan 27 Agustus 2021

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/08/28/1/138455/kepala-bnpt-tinjau-vaksinasi-untuk-mantan-napi-teroris
Title: Kepala BNPT Tinjau Vaksinasi Untuk Mantan Napi Teroris 28 Agustus 2021

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/08/29/1/138487/satu-rumah-warga-terbakar-belasan-damkar-dikerahkan
Title: Satu Rumah Warga Terbakar, Belasan Damkar Dikerahkan 29 Agustus 2021

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/08/30/1/138522/honor-fantastis-pemakaman-covid-19-empat-pejabat-kembalikan-uang
Title: Honor Fantastis Pemakaman Covid 19, Empat Pejabat Kembalikan Uang 30 Agustus 2021

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/08/31/1/138554/tak-kuat-nanjak-truk-mundur-dan-terguling-di-flyover-ancol
Title: Tak Kuat Nanjak, Truk Mundur Dan Terguling Di Flyover Ancol 31 Agustus 2021

Search URL Search Domain Scan URL

URL: https://video.okezone.com/play/2021/09/01/1/138586/memperingati-hari-jadi-polwan-bagikan-sembako-ke-petugas-penyapu-jalan
Title: Memperingati Hari Jadi, Polwan Bagikan Sembako Ke Petugas Penyapu Jalan 1 September 2021

Search URL Search Domain Scan URL

URL: http://management.okezone.com/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: http://management.okezone.com/redaksi
Title: REDAKSI

Search URL Search Domain Scan URL

URL: http://management.okezone.com/pos
Title: KOTAK POS

Search URL Search Domain Scan URL

URL: http://career.okezone.com/
Title: KARIER

Search URL Search Domain Scan URL

URL: http://client.okezone.com/advertising
Title: INFO IKLAN

Search URL Search Domain Scan URL

URL: http://management.okezone.com/disclaimer
Title: DISCLAIMER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OkezoneCom
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/okezonenews
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+okezone
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/okezonecom
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/okezoneindonesia
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/id570615156
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/id624468351
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=linktone.okezone.android
Title:

Search URL Search Domain Scan URL

URL: https://appworld.blackberry.com/webstore/content/28852888
Title:

Search URL Search Domain Scan URL

URL: https://mnc.co.id/
Title:

Search URL Search Domain Scan URL

URL: https://www.mncplaymedia.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tv.okezone.com/ HTTP 301
https://tv.okezone.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1

Request Chain 111

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTIfclRk1nIFmLbttPmdSQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1&C=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqBxQ22Q23Q4zY-uakWJdc&google_cver=1

Request Chain 113

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk5NDgxOTM2MTYyMzgwMTk4NQ%3D%3D

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIUyIA7iD42mOGa0SAqA3E&google_cver=1

Request Chain 115

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDhlMzkwOWQtOWU2Zi0yZTI2LWQ5YjQtYzA2ZDdiZTJmY2Y3

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPqZ_yHfPPi2g9rFzCGxCq4&google_cver=1

193 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tv.okezone.com/
Redirect Chain

http://tv.okezone.com/
https://tv.okezone.com/

33 KB
9 KB

1495ms
1477ms

Document
text/html

2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.20

Resource Hash

d4454a358634f59fc61f16741cf30cb77d98700b51b9e1a3cce0b91945deecfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tv.okezone.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:19 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.20
expires: Fri, 03 Sep 2021 13:13:19 GMT
cache-control: max-age=0
pragma: no-cache
vary: User-Agent
x-cache: MISS
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-served-by: okz
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 688f3c12cbb24e5c-FRA
content-encoding: br

Redirect headers

Date: Fri, 03 Sep 2021 13:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Sep 2021 14:13:18 GMT
Location: https://tv.okezone.com/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 688f3c127cd15b74-FRA

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 27ms
24ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 906018
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 203451c6c050184245ebe231729b4b5c
cf-ray: 688f3c1cfa384eaf-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 26ms
23ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 2567434
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 688f3c1cfa3a4eaf-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 fonts.css
cdn.okezone.com/www/2016/css/ 5 KB
698 B 39ms
27ms Stylesheet
text/css 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/www/2016/css/fonts.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9158174a3da1ce8b68209499137616c3f7b6b4403abcaef0437b64d624a972e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 5764
age: 172436
cf-polished: origSize=5033
vary: Accept-Encoding, User-Agent,Save-Data
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-x2vkkMjNp6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=869842
cf-ray: 688f3c1cfa514e5c-FRA
expires: Sat, 11 Sep 2021 14:56:47 GMT

GET
H2 200 jquery.bxslider.css
cdn.okezone.com/tv/2016/plugin/bxslider/ 3 KB
1 KB 36ms
24ms Stylesheet
text/css 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/plugin/bxslider/jquery.bxslider.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79983cdbb5711be4846b863ba60fc47398e1394e068794e37d95c80b39be78ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 4098
age: 1547054
cf-polished: origSize=3148
vary: Accept-Encoding, User-Agent,Save-Data
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-gg_iaUCpGw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=2142185
cf-ray: 688f3c1cfa544e5c-FRA
expires: Fri, 10 Sep 2021 10:32:11 GMT

GET
H2 200 style.css
cdn.okezone.com/tv/2016/css/ 42 KB
8 KB 780ms
769ms Stylesheet
text/css 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/css/style.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d36aa1c5ab0a54df35bc34b6bbc400d6e1a38a5085321910e7a66eec4a0ee22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 42314
date: Fri, 03 Sep 2021 13:13:20 GMT
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-Jy44ctTFTI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Save-Data
content-type: text/css
cache-control: max-age=8071
cf-ray: 688f3c1cfa534e5c-FRA
expires: Fri, 03 Sep 2021 15:27:52 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
cdn.okezone.com/tv/2016/js/ 90 KB
33 KB 37ms
26ms Script
application/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/js/jquery-1.9.1.min.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c99a96502963ceff01477b07e7c295405f8d7a30faf4b86294be282abb8c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 92629
age: 1446721
date: Fri, 03 Sep 2021 13:13:20 GMT
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-roLDJ9nOeu"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2587205
cf-ray: 688f3c1cfa584e5c-FRA
expires: Thu, 16 Sep 2021 18:01:25 GMT

GET
H2 200 modernizr.min.js Show response
cdn.okezone.com/tv/2016/js/ 8 KB
3 KB 44ms
33ms Script
application/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/js/modernizr.min.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c24119c8e325a49a9b79de24b0612a6b9fb116ecf74b04adecb7870b1f40a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 7950
age: 891156
date: Fri, 03 Sep 2021 13:13:20 GMT
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-f_5FfaGPPm"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1583722
cf-ray: 688f3c1cfa564e5c-FRA
expires: Sat, 11 Sep 2021 13:36:07 GMT

GET
H2 200 i08xVRRN.js Show response
content.jwplatform.com/libraries/ 125 KB
40 KB 35ms
14ms Script
text/javascript 2600:9000:223f:f600:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/i08xVRRN.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: e2026af0c1863c6bea27349b25ffa15b3c51f2d60bb6544212a272881f7c18b0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:12:16 GMT
content-encoding: gzip
server: openresty
age: 64
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA56-P5
content-length: 40895
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-amz-cf-id: 6CwERlsJmPkvQ_6YVtaZbV-Z7DV77b8u9HDJHog9BhXsta3jY9iNxw==
expires: Fri, 03 Sep 2021 13:14:46 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 33ms
31ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 14228030
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 688f3c1cfa3c4eaf-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.panelslider.min.js Show response
cdn.okezone.com/tv/2016/plugin/menuslide/ 1 KB
649 B 36ms
26ms Script
application/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/plugin/menuslide/jquery.panelslider.min.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2606c11a8775dafbb864ebaf90bb6a137078bb160a8f433bf8b8e8fdbeda685

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 1318
age: 1783839
date: Fri, 03 Sep 2021 13:13:20 GMT
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-2gWUCWpNVs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2385870
cf-ray: 688f3c1cfa554e5c-FRA
expires: Fri, 10 Sep 2021 12:27:12 GMT

GET
H2 200 jquery.bxslider.min.js Show response
cdn.okezone.com/tv/2016/plugin/bxslider/ 23 KB
6 KB 35ms
25ms Script
application/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/tv/2016/plugin/bxslider/jquery.bxslider.min.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f10f18ebeeecad931883bb1c802eb120eabd8cc3426d917f1f758a1d67ad0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 23631
age: 1654916
date: Fri, 03 Sep 2021 13:13:20 GMT
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-yaMn814dBC"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2590408
cf-ray: 688f3c1cfa5a4e5c-FRA
expires: Tue, 14 Sep 2021 09:04:53 GMT

GET
H2 200 api.js Show response
tv.okezone.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 9ms
8ms Script
text/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.okezone.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tv.okezone.com
referer: https://tv.okezone.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 688f3c1ede644e5c-FRA
vary: Accept-Encoding

GET
H2 200 logo_wp1.gif
cdn.okezone.com/underwood/img/ 1 KB
2 KB 18ms
18ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/logo_wp1.gif

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdfcc6b2a7c844923c60ca1e1581cc7c8f218e7b6729fb5d1ef80d20dfa80e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1728562
cf-polished: origFmt=gif, origSize=2004
content-disposition: inline; filename="logo_wp1.webp"
vary: Accept
content-length: 1502
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jul 2018 08:07:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5ad2bc-7d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
expires: Mon, 13 Sep 2021 10:30:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 688f3c1eee954e5c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 user.png
cdn.okezone.com/m/2016/img/ 174 B
352 B 15ms
14ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/m/2016/img/user.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d0b8b75a634e9d72b20cbcee56274b37fe162b5c293679b6ffc7ee74fc96c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 528944
cf-polished: origFmt=png, origSize=318
content-disposition: inline; filename="user.webp"
vary: Accept
content-length: 174
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jul 2018 08:05:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5ad24d-13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
expires: Sat, 11 Sep 2021 13:21:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 688f3c1f0edc4e5c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 okezonetv_2018.png
cdn.okezone.com/underwood/img/ 4 KB
4 KB 31ms
31ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/okezonetv_2018.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a907fee3b581ca626003353b6260038867441e857406d779fac5762c037cf403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 4682
age: 1733160
vary: User-Agent, Accept-Encoding
content-length: 3726
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-6tWqHTAT44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2506159
accept-ranges: bytes
cf-ray: 688f3c1f2f0d4e5c-FRA
expires: Sun, 12 Sep 2021 11:56:40 GMT

GET
H2 200 video-js.css
vjs.zencdn.net/7.1.0/ 40 KB
10 KB 122ms
6ms Stylesheet
text/css 2a04:4e42:3::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.1.0/video-js.css
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
last-modified: Wed, 25 Jul 2018 21:02:43 GMT
etag: "20e19d889dd8fa46e8035262bf8fb3ab"
x-served-by: cache-fra19137-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 10082
x-cache-hits: 8722

GET
H2 200 video-js-hls.css
cdn.okezone.com/underwood/css/videojs/streaming/ 35 KB
9 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/underwood/css/videojs/streaming/video-js-hls.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a7e88c559a7d9ac7c6c46ffd8783f1678fce6f148325cf107bb3a16aa12e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 41939
age: 1705099
cf-polished: origSize=36129
vary: Accept-Encoding, User-Agent,Save-Data
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-bIk8gRSzTv"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=2584046
cf-ray: 688f3c1e0cad4e5c-FRA
expires: Mon, 13 Sep 2021 17:22:28 GMT

GET
H2 200 vast.plugin.css
cdn.okezone.com/underwood/css/videojs/streaming/plugin/ 786 B
435 B 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/underwood/css/videojs/streaming/plugin/vast.plugin.css

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8caa4af04c48a9dd7af9a0c811c0ae657fc34bd886a936153880b3d82f44868e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 1168
age: 1689586
vary: Accept-Encoding, User-Agent,Save-Data
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-imBbqzA_4Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=2468955
cf-ray: 688f3c1e3d1d4e5c-FRA
expires: Sun, 12 Sep 2021 13:42:50 GMT

GET
H2 200 life.png
cdn.okezone.com/underwood/img/tv/ 4 KB
4 KB 18ms
17ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/life.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4b65a77368925febfe35d58a06a3d7c061de3355ac29d037195db9d3f5d012

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 4163
age: 1727629
cf-polished: origSize=3929, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 3922
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-FWuJdVxs1Z"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1843954
accept-ranges: bytes
cf-ray: 688f3c1f5f864e5c-FRA
expires: Sat, 04 Sep 2021 21:32:06 GMT

GET
H2 200 idx.png
cdn.okezone.com/underwood/img/tv/streaming/new/ 12 KB
12 KB 15ms
14ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/streaming/new/idx.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94e406d031ddcfe75a077812c0043519b69744cc1842bb372155fdba16b2885

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 16393
age: 1641825
cf-polished: origSize=15296, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 12235
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-NXy9yO23ZT"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2577744
accept-ranges: bytes
cf-ray: 688f3c1fb8324e5c-FRA
expires: Tue, 14 Sep 2021 09:12:00 GMT

GET
H2 200 mnctv.png
cdn.okezone.com/underwood/img/tv/streaming/ 3 KB
3 KB 18ms
18ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/streaming/mnctv.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08239e7656e813d1ce97e9a701b82781c0425b62a22c8250829e72759999bc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 5078
age: 347143
vary: User-Agent, Accept-Encoding
content-length: 2640
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj--xDfJHa9f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2576805
accept-ranges: bytes
cf-ray: 688f3c1fd8764e5c-FRA
expires: Wed, 29 Sep 2021 08:34:23 GMT

GET
H2 200 mncshop.png
cdn.okezone.com/underwood/img/tv/streaming/ 3 KB
3 KB 18ms
17ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/streaming/mncshop.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962fa58943c3ba02e722d9982438b25388b3e0d21c842b86dd921a51a11b64d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 5332
age: 1746853
vary: User-Agent, Accept-Encoding
content-length: 2766
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-XAcARhkXvl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2528626
accept-ranges: bytes
cf-ray: 688f3c1ff8ba4e5c-FRA
expires: Sun, 12 Sep 2021 14:22:54 GMT

GET
H2 200 mncnews.png
cdn.okezone.com/underwood/img/tv/ 4 KB
5 KB 19ms
18ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/mncnews.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23754f049415d16f1bdaa8fa702dc3d19757f4e9cd001dbac9484698fd91fd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 6190
age: 2506555
cf-polished: origSize=4385, status=vary_header_present
vary: User-Agent, Accept-Encoding
content-length: 4378
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-qzQWHQZkDi"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2511088
accept-ranges: bytes
cf-ray: 688f3c2019104e5c-FRA
expires: Fri, 03 Sep 2021 14:28:54 GMT

GET
H2 200 gtv.png
cdn.okezone.com/underwood/img/tv/streaming/ 5 KB
5 KB 25ms
25ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/streaming/gtv.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad8339557aeb8a12c598dfa085ae2ccf1c92ffcae114809ccc43a810690459dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 6682
age: 1470701
vary: User-Agent, Accept-Encoding
content-length: 4776
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-3kr6hyDvBU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2581787
accept-ranges: bytes
cf-ray: 688f3c2039574e5c-FRA
expires: Thu, 16 Sep 2021 09:51:27 GMT

GET
H2 200 INews.png
cdn.okezone.com/underwood/revamp/2020/img/ 20 KB
20 KB 25ms
24ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/revamp/2020/img/INews.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c06cf6f20fb9801c3121a0e1068554180e4b3c06c032bef9b3df879d3d20d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 528941
cf-polished: origFmt=png, origSize=28285
content-disposition: inline; filename="INews.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 20384
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Jun 2020 04:00:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ee1ac4f-6e7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 26 Sep 2021 01:12:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 688f3c2069c54e5c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 rcti.png
cdn.okezone.com/underwood/img/tv/streaming/ 3 KB
3 KB 18ms
18ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/streaming/rcti.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77cca91edcb0259160bfe211306b7deba6df1c2cfc3ce5c81783762bd9081000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 4063
age: 1746853
vary: User-Agent, Accept-Encoding
content-length: 3384
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-uUUlATHQ3M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2544064
accept-ranges: bytes
cf-ray: 688f3c208a144e5c-FRA
expires: Sun, 12 Sep 2021 18:40:12 GMT

GET
H2 200 slider.js Show response
cdn.okezone.com/underwood/revamp/2019/js/ 136 KB
35 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/underwood/revamp/2019/js/slider.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba894b64d074b9603be9b771279f18de9cf0fb5621c3c5c55f76ddbb34b2210

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 138801
age: 948745
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-4FEa_DyVVy"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1549298
cf-ray: 688f3c1e5d624e5c-FRA
expires: Fri, 10 Sep 2021 12:02:34 GMT

GET
H2 200 video.js Show response
vjs.zencdn.net/7.1.0/ 1 MB
330 KB 7ms
7ms Script
application/javascript 2a04:4e42:3::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.1.0/video.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 96d3349232417f89dec7f5c26a3872bb542fceaba22361b580b78f6e8d92ef2c

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
last-modified: Wed, 25 Jul 2018 21:02:43 GMT
etag: "9045e3df1785b61657789608f6afa807"
x-served-by: cache-fra19137-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 338048
x-cache-hits: 2

GET
H2 200 play-normal.png
cdn.okezone.com/tv/2016/img/logo/ 2 KB
2 KB 14ms
14ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/logo/play-normal.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6daee699471b9d8347c59a423296c37297b0fffecc2a15834dc284a8dd04cb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 3543
age: 101616
vary: User-Agent, Accept-Encoding
content-length: 2154
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-auoJM09Exg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=712853
accept-ranges: bytes
cf-ray: 688f3c20ba5a4e5c-FRA
expires: Fri, 10 Sep 2021 15:00:38 GMT

GET
H2 200 mnc-media-log.png
cdn.okezone.com/tv/2016/img/logo/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/logo/mnc-media-log.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e39696f1bc4d6f70294d8b7350b55d1902592c638c1655b89240f1250544eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 4282
age: 904076
cf-polished: status=not_needed
vary: User-Agent, Accept-Encoding
content-length: 2863
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-jjoiaOQDPp"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2565444
accept-ranges: bytes
cf-ray: 688f3c20ca874e5c-FRA
expires: Wed, 22 Sep 2021 18:42:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 138ms
48ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

2689e96f5832f25505a6741e6f283691b48315605bc1d1e29299518a9d81fc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "976 / 1 of 1000 / last-modified: 1630667466"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24948
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:20 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 75ms
59ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 22:03:28 GMT
server: cloudflare
etag: W/2021.8.2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 688f3c21eeaadff7-FRA

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 115ms
37ms Script
application/javascript 18.66.97.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 11127955
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3a3c1dcacd115187f53f40028ae4bd25.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: KsBBoF3zJY9UaQmqUnIvq1G3lg7faq2z9joTXUrV8SEAgAg1JpXbAA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ed84dafc8974dc21e85c5b71f88fbbb3f13280595a9b794fb00f4297f7b94be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40263
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 122ms
40ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Sep 2021 14:32:10 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 81672
etag: W/"1827f116c73f319409b97f10b8a58ade"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NrUw0RnMZ7FxdSBygxmSVM-LIYhnRgEfNYzlyXvCxag4DoCO269mkg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100b535af5d9015e322685a154171757a7c1a29ffd41ccd8bd097cf66cc6d079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "976 / 91 of 1000 / last-modified: 1630667466"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24954
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:20 GMT

GET
H2 200 logo-12-th-okz-menu.svg
cdn.okezone.com/underwood/revamp/2019/logo/12thokz/ 11 KB
4 KB 28ms
27ms Image
image/svg+xml 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/revamp/2019/logo/12thokz/logo-12-th-okz-menu.svg

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34df6b3a9512dc991adb94ed4eece7f22cd1e9ab0e7894625ebf4327a779c126

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 871117
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Mar 2019 02:27:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c7dde75-2bb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 688f3c21fcfe4e5c-FRA
link: <https://cdn.okezone.com/underwood/revamp/2019/logo/12thokz/logo-12-th-okz-menu.svg>; rel="canonical"
expires: Thu, 23 Sep 2021 11:14:42 GMT

GET
H2 200 xlogo-wp.png.pagespeed.ic.OLkNt1PsL4.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 12 KB
12 KB 18ms
17ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/xlogo-wp.png.pagespeed.ic.OLkNt1PsL4.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca1c387ec0c495d7e61ac302e3e470c872717da74096f5b19a8dddf284aa87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 23160
age: 1351647
cf-polished: origFmt=png, origSize=19230
content-disposition: inline; filename="xlogo-wp.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 12362
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Wed, 18 Aug 2021 17:56:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 17:56:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c220d024e5c-FRA
link: <https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-wp.png>; rel="canonical"
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-dropdown.png.pagespeed.ce.vALBXWDWmd.png
cdn.okezone.com/www/2016/img/ 120 B
538 B 17ms
16ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/www/2016/img/icon-dropdown.png.pagespeed.ce.vALBXWDWmd.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7db0bad59789b932d37ce719039a7647154755b7220b86ac1fddfb77836202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 230
age: 136164
cf-polished: origFmt=png, origSize=230
content-disposition: inline; filename="icon-dropdown.webp"
vary: Accept
content-length: 120
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Fri, 27 Jul 2018 08:01:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
expires: Thu, 01 Sep 2022 23:23:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c220d074e5c-FRA
link: <https://cdn.okezone.com/www/2016/img/icon-dropdown.png>; rel="canonical"
cf-bgj: imgq:100,h2pri

GET
H2 200 futumd__-webfont.woff2
cdn.okezone.com/www/2016/font/ 18 KB
19 KB 833ms
802ms Font
application/octet-stream 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/www/2016/font/futumd__-webfont.woff2

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/www/2016/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad25fe54dc58cc4db787bcd3d5c0c250a244ca2ee6137d1929ca13cf3e4f9094

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://tv.okezone.com
Referer: https://cdn.okezone.com/www/2016/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 18572
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jul 2018 08:01:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5ad16c-488c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
cf-ray: 688f3c223ca34eb0-FRA
link: <https://cdn.okezone.com/www/2016/font/futumd__-webfont.woff2>; rel="canonical"
expires: Sun, 03 Oct 2021 13:13:21 GMT

GET
H2 200 search.png.pagespeed.ce.z3nXwZ88DC.png
cdn.okezone.com/m/2016/img/ 232 B
502 B 18ms
15ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/m/2016/img/search.png.pagespeed.ce.z3nXwZ88DC.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e06bc4f4c0c3c5a6f1305608e5e9cff24ee16aed219868b97a03e88349c3feb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 368
age: 143041
cf-polished: origFmt=png, origSize=368
content-disposition: inline; filename="search.webp"
vary: Accept
content-length: 232
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Fri, 27 Jul 2018 08:05:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
expires: Thu, 01 Sep 2022 21:29:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c223d624e5c-FRA
link: <https://cdn.okezone.com/m/2016/img/search.png>; rel="canonical"
cf-bgj: imgq:100,h2pri

GET
H2 200 cover_new.png
cdn.okezone.com/underwood/img/tv/ 48 KB
48 KB 17ms
17ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/cover_new.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96fa732dd7342c860857f11a5f9fbd17303c1134935d629a99f5c88c9fdd10df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 107535
age: 27382
vary: User-Agent, Accept-Encoding
content-length: 48714
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-2UnA72-AyP"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=218926
accept-ranges: bytes
cf-ray: 688f3c223d6b4e5c-FRA
expires: Sun, 05 Sep 2021 18:25:45 GMT

GET
H2 200 logorcti_2018.png
cdn.okezone.com/underwood/img/ 2 KB
2 KB 14ms
13ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/logorcti_2018.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4a3152da3892747e903889e79becf867ba8969c9538681e3074159a7a703ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1028542
cf-polished: origFmt=png, origSize=2489
content-disposition: inline; filename="logorcti_2018.webp"
vary: Accept
content-length: 1754
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Sep 2018 07:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b98befa-9b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
expires: Tue, 14 Sep 2021 20:26:20 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 688f3c223d6c4e5c-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mnctv_new.png
cdn.okezone.com/underwood/img/tv/ 5 KB
6 KB 19ms
19ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/mnctv_new.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d4e27918f4658658333a5a66cb14c9f4101d0bf4f96fc576689e45fed5a067

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 9907
age: 94142
cf-polished: status=not_needed
vary: User-Agent, Accept-Encoding
content-length: 5392
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-GCWlpdy80o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2582132
accept-ranges: bytes
cf-ray: 688f3c223d6f4e5c-FRA
expires: Sat, 02 Oct 2021 08:19:52 GMT

GET
H2 200 gtv_new.png
cdn.okezone.com/underwood/img/tv/ 6 KB
6 KB 22ms
19ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/img/tv/gtv_new.png

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9daa8fb64120ef9c71ded13f117b45ad0856f7191fa0a1c8367b1721ce0da427

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 12227
age: 428980
vary: User-Agent, Accept-Encoding
content-length: 5636
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"PSA-aj-XeCBJPdO5C"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=2582202
accept-ranges: bytes
cf-ray: 688f3c224d884e5c-FRA
expires: Tue, 28 Sep 2021 11:20:24 GMT

GET
H2 200 INews.svg
cdn.okezone.com/underwood/revamp/2020/img/ 7 KB
5 KB 12274ms
12272ms Image
image/svg+xml 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/underwood/revamp/2020/img/INews.svg

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0ac6554d440726e84f8fa62624ecbe51d532edf68958a7d42704001962bda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Jun 2020 04:27:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ee1b296-1a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
cf-ray: 688f3c224d8b4e5c-FRA
link: <https://cdn.okezone.com/underwood/revamp/2020/img/INews.svg>; rel="canonical"
expires: Sun, 03 Oct 2021 13:13:33 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://tv.okezone.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 1705099
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 756f89fe686bd517cfabc814f97e05cd
accept-ranges: bytes
cf-ray: 688f3c2249cad6f9-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3-29 200 pubads_impl_2021083101.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
116 KB 104ms
58ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:21 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 463 B
222 B 98ms
54ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tv.okezone.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

72074c9abac4e7f638d7b4b9cbaa177dea1e1fcbc98474a7af77e1bc43955aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:21 GMT

GET
H2 200 138421_medium.jpg
a.okezone.com/videos/2021/08/27/1/138421/ 20 KB
20 KB 1864ms
1853ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.okezone.com/videos/2021/08/27/1/138421/138421_medium.jpg

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df82c08acac1259a8d24bc4340f1c3323f26aecf4dd99a2151e8d2355a35eeee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 108296
server: cloudflare
etag: W/"PSA-aj-CRRpfCHP1M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: max-age=30936839
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 688f3c228e094e5c-FRA
content-length: 20790
expires: Sat, 27 Aug 2022 14:47:22 GMT

GET
H2 200 138455_medium.jpg
a.okezone.com/videos/2021/08/28/1/138455/ 19 KB
20 KB 1609ms
1598ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.okezone.com/videos/2021/08/28/1/138455/138455_medium.jpg

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca0afd3f01f66744ab31e53dd9b493fea689e5e6c639853f494707d60622d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 103679
server: cloudflare
etag: W/"PSA-aj-8O6jIBn7AI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: max-age=31023568
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 688f3c228e054e5c-FRA
content-length: 19880
expires: Sun, 28 Aug 2022 14:52:51 GMT

GET
H2 200 138487_medium.jpg
a.okezone.com/videos/2021/08/29/1/138487/ 13 KB
13 KB 1838ms
1828ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.okezone.com/videos/2021/08/29/1/138487/138487_medium.jpg

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2d904f781fa8d1cfcb437fda3b842a654182a1e1c1c72925d9aebecaa3d9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 88388
server: cloudflare
etag: W/"PSA-aj-9BGeHNwmuR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: max-age=31111550
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 688f3c228e014e5c-FRA
content-length: 13058
expires: Mon, 29 Aug 2022 15:19:13 GMT

GET
H2 200 138522_medium.jpg
a.okezone.com/videos/2021/08/30/1/138522/ 23 KB
23 KB 5159ms
5148ms Image
image/webp 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.okezone.com/videos/2021/08/30/1/138522/138522_medium.jpg

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

043b0837ca5d3c2799610f9e270a11e9957f247fda22670778fd22a3c4c9ec96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:26 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-original-content-length: 115926
server: cloudflare
etag: W/"PSA-aj-sohLfwnG6s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: max-age=31185443
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 688f3c228e064e5c-FRA
content-length: 23462
expires: Tue, 30 Aug 2022 11:50:49 GMT

GET
H2 200 futuhv__-webfont.woff2
cdn.okezone.com/www/2016/font/ 18 KB
19 KB 1814ms
1813ms Font
application/octet-stream 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/www/2016/font/futuhv__-webfont.woff2

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/www/2016/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d65d223ebebbe249c352c9ffb806bd31e5ba30dc3ff33485e28555c0cf590ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://tv.okezone.com
Referer: https://cdn.okezone.com/www/2016/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 18800
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jul 2018 08:01:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5ad16c-4970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
cf-ray: 688f3c227d484eb0-FRA
link: <https://cdn.okezone.com/www/2016/font/futuhv__-webfont.woff2>; rel="canonical"
expires: Sun, 03 Oct 2021 13:13:22 GMT

GET
H3-29 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 54ms
52ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://tv.okezone.com
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617, 617
age: 11491320
cdn-cachedat: 2021-04-23 15:04:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: bf3a8080803d26a0ca9d27decf83b92a
accept-ranges: bytes
cf-ray: 688f3c227d17bed3-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 futurabt-book-opentype-webfont.woff2
cdn.okezone.com/underwood/fonts/ 18 KB
18 KB 1744ms
1743ms Font
font/woff2 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.okezone.com/underwood/fonts/futurabt-book-opentype-webfont.woff2

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/www/2016/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e29d04c5b6049b3eb0309647db9725e3ab2b6db557f7f494bc09e7330e992999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://tv.okezone.com
Referer: https://cdn.okezone.com/www/2016/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 18512
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jul 2018 08:06:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b5ad27e-4850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
cf-ray: 688f3c227d4e4eb0-FRA
link: <https://cdn.okezone.com/underwood/fonts/futurabt-book-opentype-webfont.woff2>; rel="canonical"
expires: Sun, 03 Oct 2021 13:13:22 GMT

GET
H2 200 xlogo-fb.png.pagespeed.ic.qIr5g_i7uD.png
cdn.okezone.com/tv/2016/img/icon/ 416 B
672 B 2460ms
2456ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-fb.png.pagespeed.ic.qIr5g_i7uD.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72da429d292cc376d2e74f0ba431fc69bdfb5489d113bb29fec99067891180f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 673
vary: Accept-Encoding
content-length: 416
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Wed, 01 Sep 2021 06:42:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eec64e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-fb.png>; rel="canonical"
expires: Thu, 01 Sep 2022 06:42:25 GMT

GET
H2 200 xlogo-twitter.png.pagespeed.ic.i8WjjoGN54.png
cdn.okezone.com/tv/2016/img/icon/ 635 B
836 B 1313ms
1310ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-twitter.png.pagespeed.ic.i8WjjoGN54.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a8dbeb0dfec71c18250fb6786a18972fc70d07d3871775bb8aac9d05b3125a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 827
vary: Accept-Encoding
content-length: 635
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Sun, 08 Aug 2021 14:07:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eec94e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-twitter.png>; rel="canonical"
expires: Mon, 08 Aug 2022 14:07:40 GMT

GET
H2 200 xlogo-gp.png.pagespeed.ic.9WUnreDFCe.png
cdn.okezone.com/tv/2016/img/icon/ 739 B
983 B 816ms
814ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-gp.png.pagespeed.ic.9WUnreDFCe.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215c62eb7bee6b40d109919a645d88cc4c3f96a9acba8078ea4c8b59930eda19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 881
vary: Accept-Encoding
content-length: 739
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Fri, 13 Aug 2021 17:46:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eecb4e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-gp.png>; rel="canonical"
expires: Sat, 13 Aug 2022 17:46:12 GMT

GET
H2 200 xlogo-inst.png.pagespeed.ic.DWi_YEUYQp.png
cdn.okezone.com/tv/2016/img/icon/ 371 B
593 B 2678ms
2676ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-inst.png.pagespeed.ic.DWi_YEUYQp.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c1407bd1630723776cc713fdc5494334524ef652b5c082324fb5939489d2627

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 699
vary: Accept-Encoding
content-length: 371
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Wed, 11 Aug 2021 18:58:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eecd4e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-inst.png>; rel="canonical"
expires: Thu, 11 Aug 2022 18:58:54 GMT

GET
H2 200 xlogo-yt.png.pagespeed.ic.bEwhoi6-I_.png
cdn.okezone.com/tv/2016/img/icon/ 451 B
694 B 767ms
765ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-yt.png.pagespeed.ic.bEwhoi6-I_.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af1b37f4c1dc3aa717a2958e6bd902fc3ecca1d5a9af93069455e342015c39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 748
vary: Accept-Encoding
content-length: 451
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Fri, 13 Aug 2021 05:51:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eed04e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-yt.png>; rel="canonical"
expires: Sat, 13 Aug 2022 05:51:30 GMT

GET
H2 200 xlogo-phone1.png.pagespeed.ic.zUmxlMXXHO.png
cdn.okezone.com/tv/2016/img/icon/ 219 B
419 B 2920ms
2918ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-phone1.png.pagespeed.ic.zUmxlMXXHO.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde1760c9a593122af8310fb7c379cbbe97a720d2370c01ce57f5c070217dd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:24 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 444
vary: Accept-Encoding
content-length: 219
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Sat, 07 Aug 2021 22:29:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eed34e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-phone1.png>; rel="canonical"
expires: Sun, 07 Aug 2022 22:29:18 GMT

GET
H2 200 xlogo-phone2.png.pagespeed.ic.TUCaSNSIxq.png
cdn.okezone.com/tv/2016/img/icon/ 209 B
386 B 1430ms
1429ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-phone2.png.pagespeed.ic.TUCaSNSIxq.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3780603775ad6de77b27210aa0be851e72efee754ef83016a5ed75f74e20c0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 443
vary: Accept-Encoding
content-length: 209
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Sat, 14 Aug 2021 18:43:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eed64e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-phone2.png>; rel="canonical"
expires: Sun, 14 Aug 2022 18:43:38 GMT

GET
H2 200 xlogo-android.png.pagespeed.ic.URUqDySi7A.png
cdn.okezone.com/tv/2016/img/icon/ 515 B
713 B 1836ms
1834ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-android.png.pagespeed.ic.URUqDySi7A.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

246efbd3883ee81ad9c4d37facda04c7f39875800ffc77e3b58abcf2504c1b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 678
vary: Accept-Encoding
content-length: 515
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Tue, 10 Aug 2021 12:35:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eed84e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-android.png>; rel="canonical"
expires: Wed, 10 Aug 2022 12:35:24 GMT

GET
H2 200 xlogo-bb.png.pagespeed.ic.NtRHIq-wdZ.png
cdn.okezone.com/tv/2016/img/icon/ 750 B
948 B 3937ms
3936ms Image
image/png 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.okezone.com/tv/2016/img/icon/xlogo-bb.png.pagespeed.ic.NtRHIq-wdZ.png

Requested by

Host: cdn.okezone.com
URL: https://cdn.okezone.com/tv/2016/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb52419c6bbd1a2780a4b012387e9b5466e1a4df4cc02c5eb2aca2a311634976

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.okezone.com/tv/2016/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:25 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 786
vary: Accept-Encoding
content-length: 750
x-xss-protection: 1; mode=block
x-page-speed: Powered By okezone.com
last-modified: Sat, 14 Aug 2021 04:16:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 688f3c22eeda4e5c-FRA
link: <https://cdn.okezone.com/tv/2016/img/icon/logo-bb.png>; rel="canonical"
expires: Sun, 14 Aug 2022 04:16:02 GMT

GET
BLOB 200
OK e150f276-4f42-4157-8796-7d4e66746536
https://tv.okezone.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tv.okezone.com/e150f276-4f42-4157-8796-7d4e66746536
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 121ms
38ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:15 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 790987000

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MZ0Q248WBF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cd3f43c1be1ae18cda5a46f43c9f28fb8fce0d9e64f1b3bb573355b58e4ae55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51740
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6062
date: Fri, 03 Sep 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 03 Sep 2021 13:32:19 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 126ms
39ms Image
image/gif 18.66.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&time=1630674801147&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Ftv.okezone.com%2F&random_number=18640988512&sess_cookie=d5b8fda617babcad1f4ec113e24&sess_cookie_flag=1&user_cookie=d5b8fda617babcad1f4ec113e24&user_cookie_flag=1&dynamic=true&domain=okezone.com&account=iWd9l1aoHvD05T&jsv=20130128&user_lang=en-US
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 03:30:13 GMT
Via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 34988
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: gfHUZ8NFlBnUn-RoDOOk1k7U7ZxX-2Fsje6o_P-HxUmyRW0cpFITXQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 368ms
116ms Image
text/plain 3.142.157.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.142.157.144 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
server: Server

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9=

64 B
328 B

45ms
42ms

Image
image/gif

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9=
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: lj4qd3Clg0OT6k0JgYNmAFl-1xsy_xzGOttaehD5hx4ehtWlyht-6A==

Redirect headers

date: Fri, 03 Sep 2021 13:13:21 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&ns__t=1630674801153&ns_c=UTF-8&cv=3.5&c8=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&c7=https%3A%2F%2Ftv.okezone.com%2F&c9=
content-length: 208
x-amz-cf-id: NF_bkDFQbWMnjp7slTGu9RCFDsZPdcYSWX45QHL-6P2A4lh2KWx50A==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=154336389&t=pageview&_s=1&dl=https%3A%2F%2Ftv.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1662083669&gjid=1375337591&cid=117503577.1630674801&tid=UA-82922228-1&_gid=1287544039.1630674801&_r=1&gtm=2wg910T7STHLB&z=1190626705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=154336389&t=pageview&_s=1&dl=https%3A%2F%2Ftv.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=513784034&gjid=990891105&cid=117503577.1630674801&tid=UA-153789817-1&_gid=1287544039.1630674801&_r=1&gtm=2wg910T7STHLB&cd5=GTM-T7STHLB&cd6=1630674801131.dzoj3kih&cd8=2021-09-03T15%3A13%3A21.131%2B02%3A00&cd9=gtm.js&cd7=117503577.1630674801&z=1842364947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tv.okezone.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tv.okezone.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 162 KB
51 KB 425ms
424ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=638032847443521&correlator=3311856957678428&output=ldjh&impl=fifs&eid=31061423%2C21068863%2C31061425%2C31062297&vrg=2021083101&ptt=17&sc=1&sfv=1-0-38&ecs=20210903&iu_parts=7108725%2CDesktop-Home-Billboard%2CDesktop-Home-Leaderboard%2CHome-Rectangle4%2CDesktop-Home-SkinLeft%2CDesktop-Home-SkinRight&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x90%2C728x90%2C300x250%2C120x600%2C120x600&prev_scp=Kanal%3DTV%7CKanal%3DTV%7CKanal%3DTV%7CKanal%3DTV%7CKanal%3DTV&cookie_enabled=1&bc=31&abxe=1&lmt=1630674801&dt=1630674801281&dlt=1630674800138&idt=1111&frm=20&biw=1600&bih=1200&oid=3&adxs=10%2C313%2C-9%2C150%2C1330&adys=213%2C653%2C-9%2C173%2C173&adks=341882445%2C277207623%2C2457464853%2C530590342%2C1644079996&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Ftv.okezone.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x470%7C1024x519%7C0x-1%7C120x600%7C120x600&msz=1580x0%7C974x0%7C0x-1%7C120x-1%7C120x-1&ga_vid=117503577.1630674801&ga_sid=1630674801&ga_hid=154336389&ga_fc=false&fws=4%2C4%2C2%2C516%2C516&ohw=1600%2C1024%2C0%2C1600%2C1600&btvi=0%7C0%7C-1%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fac129d76baac5a69912d010f038803dd06557ca1ac881d8871ca396a117ce80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52162
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 39DD 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.okezone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://tv.okezone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 03 Sep 2021 13:13:21 GMT
expires: Sat, 03 Sep 2022 13:13:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 result Show response
tv.okezone.com/cdn-cgi/bm/cv/ 0
293 B 10ms
10ms XHR
text/plain 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.okezone.com/cdn-cgi/bm/cv/result?req_id=688f3c12cbb24e5c

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://tv.okezone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __asc=d5b8fda617babcad1f4ec113e24; __auc=d5b8fda617babcad1f4ec113e24; _ga=GA1.2.117503577.1630674801; _gid=GA1.2.1287544039.1630674801; _gat_UA-82922228-1=1; _gat_UA-153789817-1=1
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=688f3c12cbb24e5c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: tv.okezone.com
referer: https://tv.okezone.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: __cf_bm=fYEbYiEseWS9OyI.J9uJaFLSMnsW.NAN1BK90xF07s0-1630674801-0-AWP1QdK/N8LVmR6voyai/Z5tOgrxxfjnq1tLZUBqG55ZZaRzm3MUof76dlaf2rSAxoCAnDTCAErA+9JP0uZt+C12wp30JAHnHjTVyHY1wa0VYjDZSHW7aJ6WGc1zbK/izdSz67woiBekn1Jaaki2cPc=; path=/; expires=Fri, 03-Sep-21 13:43:21 GMT; domain=.okezone.com; HttpOnly; Secure; SameSite=None
cf-ray: 688f3c2439bf4e5c-FRA
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-82922228-1&cid=117503577.1630674801&jid=1662083669&gjid=1375337591&_gid=1287544039.1630674801&_u=YEBAAEAAAAAAAC~&z=2064187795

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 13:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-153789817-1&cid=117503577.1630674801&jid=513784034&gjid=990891105&_gid=1287544039.1630674801&_u=YEDAAEABAAAAAC~&z=43675982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Sep 2021 13:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=2oe910&_p=154336389&sr=1600x1200&ul=en-us&cid=117503577.1630674801&_s=1&dl=https%3A%2F%2Ftv.okezone.com%2F&dt=Okezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&sid=1630674801&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 367ms
120ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4037955&@f16&@g1&@h1&@i1&@j1630674801337&@k0&@l1&@mOkezone%20Live%20Streaming%20Online%20-%20Okezone%20TV&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:70203628&@b3:1630674801&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Ftv.okezone.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 56002b0b3ba81d21df6495a13ce6d6c52f92cd9036602341c2d033a93b02e4cb

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 13:13:21 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82922228-1&cid=117503577.1630674801&jid=1662083669&_u=YEBAAEAAAAAAAC~&z=358857087

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82922228-1&cid=117503577.1630674801&jid=1662083669&_u=YEBAAEAAAAAAAC~&z=358857087

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7418 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.okezone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://tv.okezone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 03 Sep 2021 13:13:21 GMT
expires: Sat, 03 Sep 2022 13:13:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 95C7 6 KB
3 KB 12ms
12ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.okezone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://tv.okezone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 03 Sep 2021 13:13:21 GMT
expires: Sat, 03 Sep 2022 13:13:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6B2C 624 B
591 B 18ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 03 Sep 2021 13:13:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlmT-tt1nBWMhznnasyUH5UVII8lVKVL2SceAtiqls1VquSIRGUgmLraYv2; expires=Wed, 28-Sep-2022 13:13:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Sep 2021 13:13:21 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 167C 114 KB
40 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Sep 2021 10:04:49 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 167C 6 KB
3 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:08:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 167C 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:01:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 167C 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:04:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 167C 122 KB
37 KB 399ms
393ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 167C 14 KB
6 KB 12ms
1ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:10:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 167C 0
0 24ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9eXhARuuoTAKtdU2cRcvaOuwCjE867JUgrUl65cHr97uqov0bwCSmVGhao1SAe9CqV95Ish4PsIVCjq5rD_-OuVyvuA
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 167C 42 B
63 B 61ms
51ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVF0ssph8BvRf0uQBLw7IlRBUNV79DwS1WS4098kJT3Pdf2xdvjGEw_U2xN8EbbJwsaX2MOu-p5to7g5oauUx_h3QMob6os_J4GfHCVnsPiNCS_6k

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2665 640 B
316 B 33ms
29ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlmT-tt1nBWMhznnasyUH5UVII8lVKVL2SceAtiqls1VquSIRGUgmLraYv2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 03 Sep 2021 13:13:21 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 95C7 70 KB
28 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bc77kmR88iXKoJC4wwvkqq1O5Ua8T1IDWjyY_IPNjnMu99k5vyYne_3epQg-xw9mSRJGziJlXGPJ4_0T-WhyRByJRdUCHT1YMPRw5j75SHk84N0ZXpIEc9k4AH41AHHVinavYpNsggIIoXZLUUandyM67vfA&dbm_d=AKAmf-DdzUjv3JXwgeQ1c3y0Y3u9m25Gni4POUzBFD6eCsxLn59LGhM08-TtvYIPKkbt5Swciom0xP-HhpG-EJRE1Jbr6fDKQ-wgZoJWO_RdLvBUo5dUsjx8MKT4pbTuTqeUEfWcJ75BUFTGvOKG79N7hh3G784OWAIH6v7JNsmL0iPa3Jyf-xkIjFcAC3Yk3xDy2gKQUvkZZbdifQHKWlI4WNx9p7Y4eNLAVZ0tG-t03_bvP0-v0qhB0WlZiyDO8UHXiU_E5o0EY-VEupneTs5cKrizpjsCAmXmu5l76Xnihy9IEDph2c55ywkoUNwYnnKzlEf2jPZohvGy2p2yzqWjlzHKbiN5tqQ4fq9wy518Ueiukv_vsZfUerQhxMrKUXQeNMLYpi2cxqvmnS_mfMp05SqqxlqBPFAA5IuWACmSL_u8rdLwsiEwzqghDlu7w8DVLXkopCzJS1W7Dgnl6f0Wj-nifcv-2AXtLNck5vyfMcvLJuLm_71VwZmGulB6rjq6wW7eiiGLTivAsKIUB6UFEUuOJAbJAI6xMDi6vrnVqstwbAsQDFYs96UZeZ4PdPDo11YMBe5Uga0JGKMvotiIN5AH0nFZD9pQoC8h3AtqrGMv9aQLN8ShfEeTfM0DcJE4O_YBEYShTXfbR32ubJrrAiWk5ftmx95C2NjUju5tgetigX6BXFQF6lMMz2WGW-_zFmbncUIU4jLn3gI-QBIOdqpLWIRhBfW3i5HO7GGHQSPs_LuAksRbGRK2prvklBCrkZKoujx7lY2VCuuCj1Cz60Bh2z2CdlClsWPyRAbyfRQ8GWMBNQNXb0n56bkNzauhWAhOx2UqmdhIQiqQH4jCq4jpHLbKQ3DXQVqlTU25BG7RDUFvNUVkDO6K18mZVNwOmI-Ji0nddgah1rN0k4ytL6EQxY5OiFqN7mIfYgoO_EhnCNA1zUGlix1RmXouN6NiLt6QlLijWCYI91WwvAbwL5U9oaS7YSJ5ATAxEZ0NqIlA3G3RNyVupfhoLto3lvmsFDqmKupDIDrko_W54Y7H2gl9sXGp7c8suxZAfK2t_LCbISMU7U5cretu2qZjyeid-Chcr_FGqjO3bIfjZx_o_8lKKjBeTuTWHigUaYAXbWQvF0UxziUFmKL79v4ki5QI3RkfM5UF2dyUsA-VxSnk6TSLRylnGwpkgUzEOqDiDQkvbGJdLtXkmAtrdIrOLsfF6tJQl7jdB3K7CVAoqbSK5gen59BVlpHBvcKc_k22xMyK-RVyOBoJqIWQgyjlgdv1AaLRbI1pUPncQ6jJeWUpjN7j8lBeqkbOrwxzTsrpt8y_c_BPNdV_zD3EM0zl7zRguzCaYMgwCl0UZ430cUANj-wr_9tRClUWR8PCnDt4SsZpiydOcFLmx1S_XqAh-AdQ63xKxOObIW1vfGD1TurFIcN14N7msVeDVZidpWlP9Vtn7Lel7u9DbOyaymJ6H4IIKdufqauonnxIUapThPL2-qOMPpy4griVf3quV8VFUTcKUnTw22lPz6fckfVKRZrqxUcf4FtW2RkF6bmuiXlAptvNS4Kg3bz86Win2IPQisJF2bKtRvuZkFJ2HSk1nbQ8HQdahw8LOedjsp9mpTsb1A6QE2q-Zz9FYjfuCbKL9RbS3SRXB4nnoGYyKYeu5OZ-RB70BbmLKT9vTb8IhMpq4obhtdeeDzL8_RPyvXXqRycAqDc4Wm66hYtKxHZODWsWZPqqYacidzkOc15CMyhc8W2YIWctd0AOd2ybacXZBC9XDxgueFet1DWHdhKCtouCu76IohV1FV6kBvq71yDBxhqrnU__fb3awHNB_Wx-FNXpSduKYm1Zd45jhB0_xVhkjBB1NJF-vi9QHJOHRLtThM_POHV_LpDE5Qza4XQnlY4YJueXYcrjHo5wjDGeWXboRXwpFscIdHJ0rgKTrkhtpZ246er4Bt39rhafRTCvsNkbjWzngS0Sjo0zvBnaXCb0laTo25xPDt-RbrUd2gvCrfHuUZbyEXywzyFPkmfuT5hUXaxepmicOM3dHITpHH56a_w_qKthvVYL_DLp2r9ReNhwgjP5_opCz3i2bYBh2aZIKYFKJm38PzJzV1GGcAnAjCjWfizm2Zh4ZpbtSJ7E1SofqZOFwqYJzmwBtl3OwrOOJcVnM_R7UAIsEejPWZ2R5ualZDqlKqXPWcYDYny8O6kvKI2UdFYcKjun_Pf63R0eqC-TqMWo_z6hapraYryJVeHWu8kRdK1IPNRN0NvD93XdweQtLKyJpThJYv5MdErkSk24Qe2eRVHoSwzFaoj0d5LguieC_efAV8ARO_D24O1z-n1q9zOYcbbp4iF19hb95yvzp9C3Xx9Z2hz5tpzZlPYKo-IW4xIlwoUGojfLNXoPywNAHPmB_JtqPKapjJCODiqwxivXMeNUdEaEhi9W_Qvy1XdZnW5GVA6aDgEwtd6eThsZDJ6uOTzTsy9bHviJvh9Lrihp_ekHQlR9drmzSTsOFpTlaHiu7m_jaJpTzaG5HrKMJbHXeiUXejqLpcymndJG1ZOu08bv2gE3c4ldDT3WK1uLYW-kTKObQEZ8HsD0JsiMcdKYI7QqmMpoEPFlU32mR2JwwDyRubOkTkiFeYOuvpjIM5Jn5hWfQk_i3jK7kS9nCGCDIFpLbfGbq4cS3DBD0mAXGA9bD4pLtFHlJzTIVLjqmSr591NFwmsblrAlE_bljj_A81N9xZIaVn5TK9lxkVIdwlY3cHloSFkLjyc72XxzdSwCrBzT6EPTzv5qkN4PK0VKIhGwq0Mcrtk7b3cTg6yUqs59WcEzq0TKuXXP6cHgK1nFMaViCP2INZOC1Bk7oaRgpz0GYs7GCAjuY9WcEg6wYdypDFd4xqtSYPp2ao6vX89w7rKDU8IS12Uo8b5Vi6ukM_Qp40UYoqM6CCkMIdcisViC0PFS-QPfGjkPIFgnGzkNBEkRfgTztpehwuX7Q1bEijBD7eimDmjckU2ic0Y&cid=CAASFeRoXvul2HeXt9HLtmoNsd4EOE9ytw&rfl=1%2Chttps%253A%252F%252Ftv.okezone.com%252F%240

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11aa1f0e5b623a90e24760563e868735e7f269fcaa31b01f63568f74e657d241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95C7 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUP2IEzKZ0aeOHdq78A4tWKU7CSYVsNfXFmCTql1P0Zhtm-y4gDwU6WIhPvMHZ0y5OeoE10Ezq1y7dg24vvHOcAT4BF7j18M_JgsMg-M5UiYgn6sA

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 95C7 2 KB
1 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:05:21 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95C7 122 KB
37 KB 369ms
368ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 95C7 14 KB
6 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:08:56 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 95C7 0
0 14ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeHRIml4M1F08VWe2AtIul0zsgGXT76NOC1xm7wykxkaPAa8M6GsXkn9udKa4nH6GqPulgRYat5sKKcboC7Mpd3op3rA
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 167C 41 KB
15 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 12:28:31 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 95C7 114 KB
39 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Sep 2021 10:04:49 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 95C7 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bc77kmR88iXKoJC4wwvkqq1O5Ua8T1IDWjyY_IPNjnMu99k5vyYne_3epQg-xw9mSRJGziJlXGPJ4_0T-WhyRByJRdUCHT1YMPRw5j75SHk84N0ZXpIEc9k4AH41AHHVinavYpNsggIIoXZLUUandyM67vfA&dbm_d=AKAmf-DdzUjv3JXwgeQ1c3y0Y3u9m25Gni4POUzBFD6eCsxLn59LGhM08-TtvYIPKkbt5Swciom0xP-HhpG-EJRE1Jbr6fDKQ-wgZoJWO_RdLvBUo5dUsjx8MKT4pbTuTqeUEfWcJ75BUFTGvOKG79N7hh3G784OWAIH6v7JNsmL0iPa3Jyf-xkIjFcAC3Yk3xDy2gKQUvkZZbdifQHKWlI4WNx9p7Y4eNLAVZ0tG-t03_bvP0-v0qhB0WlZiyDO8UHXiU_E5o0EY-VEupneTs5cKrizpjsCAmXmu5l76Xnihy9IEDph2c55ywkoUNwYnnKzlEf2jPZohvGy2p2yzqWjlzHKbiN5tqQ4fq9wy518Ueiukv_vsZfUerQhxMrKUXQeNMLYpi2cxqvmnS_mfMp05SqqxlqBPFAA5IuWACmSL_u8rdLwsiEwzqghDlu7w8DVLXkopCzJS1W7Dgnl6f0Wj-nifcv-2AXtLNck5vyfMcvLJuLm_71VwZmGulB6rjq6wW7eiiGLTivAsKIUB6UFEUuOJAbJAI6xMDi6vrnVqstwbAsQDFYs96UZeZ4PdPDo11YMBe5Uga0JGKMvotiIN5AH0nFZD9pQoC8h3AtqrGMv9aQLN8ShfEeTfM0DcJE4O_YBEYShTXfbR32ubJrrAiWk5ftmx95C2NjUju5tgetigX6BXFQF6lMMz2WGW-_zFmbncUIU4jLn3gI-QBIOdqpLWIRhBfW3i5HO7GGHQSPs_LuAksRbGRK2prvklBCrkZKoujx7lY2VCuuCj1Cz60Bh2z2CdlClsWPyRAbyfRQ8GWMBNQNXb0n56bkNzauhWAhOx2UqmdhIQiqQH4jCq4jpHLbKQ3DXQVqlTU25BG7RDUFvNUVkDO6K18mZVNwOmI-Ji0nddgah1rN0k4ytL6EQxY5OiFqN7mIfYgoO_EhnCNA1zUGlix1RmXouN6NiLt6QlLijWCYI91WwvAbwL5U9oaS7YSJ5ATAxEZ0NqIlA3G3RNyVupfhoLto3lvmsFDqmKupDIDrko_W54Y7H2gl9sXGp7c8suxZAfK2t_LCbISMU7U5cretu2qZjyeid-Chcr_FGqjO3bIfjZx_o_8lKKjBeTuTWHigUaYAXbWQvF0UxziUFmKL79v4ki5QI3RkfM5UF2dyUsA-VxSnk6TSLRylnGwpkgUzEOqDiDQkvbGJdLtXkmAtrdIrOLsfF6tJQl7jdB3K7CVAoqbSK5gen59BVlpHBvcKc_k22xMyK-RVyOBoJqIWQgyjlgdv1AaLRbI1pUPncQ6jJeWUpjN7j8lBeqkbOrwxzTsrpt8y_c_BPNdV_zD3EM0zl7zRguzCaYMgwCl0UZ430cUANj-wr_9tRClUWR8PCnDt4SsZpiydOcFLmx1S_XqAh-AdQ63xKxOObIW1vfGD1TurFIcN14N7msVeDVZidpWlP9Vtn7Lel7u9DbOyaymJ6H4IIKdufqauonnxIUapThPL2-qOMPpy4griVf3quV8VFUTcKUnTw22lPz6fckfVKRZrqxUcf4FtW2RkF6bmuiXlAptvNS4Kg3bz86Win2IPQisJF2bKtRvuZkFJ2HSk1nbQ8HQdahw8LOedjsp9mpTsb1A6QE2q-Zz9FYjfuCbKL9RbS3SRXB4nnoGYyKYeu5OZ-RB70BbmLKT9vTb8IhMpq4obhtdeeDzL8_RPyvXXqRycAqDc4Wm66hYtKxHZODWsWZPqqYacidzkOc15CMyhc8W2YIWctd0AOd2ybacXZBC9XDxgueFet1DWHdhKCtouCu76IohV1FV6kBvq71yDBxhqrnU__fb3awHNB_Wx-FNXpSduKYm1Zd45jhB0_xVhkjBB1NJF-vi9QHJOHRLtThM_POHV_LpDE5Qza4XQnlY4YJueXYcrjHo5wjDGeWXboRXwpFscIdHJ0rgKTrkhtpZ246er4Bt39rhafRTCvsNkbjWzngS0Sjo0zvBnaXCb0laTo25xPDt-RbrUd2gvCrfHuUZbyEXywzyFPkmfuT5hUXaxepmicOM3dHITpHH56a_w_qKthvVYL_DLp2r9ReNhwgjP5_opCz3i2bYBh2aZIKYFKJm38PzJzV1GGcAnAjCjWfizm2Zh4ZpbtSJ7E1SofqZOFwqYJzmwBtl3OwrOOJcVnM_R7UAIsEejPWZ2R5ualZDqlKqXPWcYDYny8O6kvKI2UdFYcKjun_Pf63R0eqC-TqMWo_z6hapraYryJVeHWu8kRdK1IPNRN0NvD93XdweQtLKyJpThJYv5MdErkSk24Qe2eRVHoSwzFaoj0d5LguieC_efAV8ARO_D24O1z-n1q9zOYcbbp4iF19hb95yvzp9C3Xx9Z2hz5tpzZlPYKo-IW4xIlwoUGojfLNXoPywNAHPmB_JtqPKapjJCODiqwxivXMeNUdEaEhi9W_Qvy1XdZnW5GVA6aDgEwtd6eThsZDJ6uOTzTsy9bHviJvh9Lrihp_ekHQlR9drmzSTsOFpTlaHiu7m_jaJpTzaG5HrKMJbHXeiUXejqLpcymndJG1ZOu08bv2gE3c4ldDT3WK1uLYW-kTKObQEZ8HsD0JsiMcdKYI7QqmMpoEPFlU32mR2JwwDyRubOkTkiFeYOuvpjIM5Jn5hWfQk_i3jK7kS9nCGCDIFpLbfGbq4cS3DBD0mAXGA9bD4pLtFHlJzTIVLjqmSr591NFwmsblrAlE_bljj_A81N9xZIaVn5TK9lxkVIdwlY3cHloSFkLjyc72XxzdSwCrBzT6EPTzv5qkN4PK0VKIhGwq0Mcrtk7b3cTg6yUqs59WcEzq0TKuXXP6cHgK1nFMaViCP2INZOC1Bk7oaRgpz0GYs7GCAjuY9WcEg6wYdypDFd4xqtSYPp2ao6vX89w7rKDU8IS12Uo8b5Vi6ukM_Qp40UYoqM6CCkMIdcisViC0PFS-QPfGjkPIFgnGzkNBEkRfgTztpehwuX7Q1bEijBD7eimDmjckU2ic0Y&cid=CAASFeRoXvul2HeXt9HLtmoNsd4EOE9ytw&rfl=1%2Chttps%253A%252F%252Ftv.okezone.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:10:40 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 95C7 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 13:12:51 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/10708412454653215439/ Frame B909 15 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f7bc2c535d730004ed2ffdda35f9d4ce901a9a25f8677535dc5b520260a667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/10708412454653215439/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4160
date: Thu, 02 Sep 2021 17:46:27 GMT
expires: Fri, 02 Sep 2022 17:46:27 GMT
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 167C 0
592 B 157ms
66ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBFcvV8m1hp6nbxseKstijY6q_8ctxL9lLVzKtB0MEVn0n1EB-YYWAe-8iyMP3_So-EFN-rHNC6zKH2hqDR1bGd0Jc9iXlrmOvb3nwVxzjOf6CCpnm7nlVBEh0k2Sx8IRZ1AJbJ5UvEyygOH73ziKsUixs3RJPi7YaX6OarJRxkyLi7HtBnjV_x2Cxvpw0f1qd17CsV58ng-Nv8zyoS_-T46iwTENwZvjYr_22LM4d9m4J7SQFFyqN6ffBSVj3CtGmofqnJFrZh7UNiivZv7NbF85HI52B6ACCKrEH0vzxmtYq5ixIKswTgxorNTr19AK8EgswSn-wU0NTOydgkwsgetgrSjG5lNWTVPT70BlSolM7mzc5BqZYE3hnpxul0RiEQyC6XROOeE4Rans05YlOyRZ_FGPSdFam9qEOgKkuMQoTA7aD8cH_z15CF6jZjunV_Lxz2tWAMH6i7HguE_j7KhHN-sprxHG1_D9DEovQzAaJ9O577r3rnR8V74pO84ZbF7KFVCGgK5VMUYSAu2IjQJ2ku-PR1Im90IhUnbFFSyFVruLC7x57QK3BXQEvdl4YOX2oRrOHv6hJnma3nzgk5Mu7kJLcp7yQaGDOWnGay9vaewDp6Znh27Z4tCgCPJoDF1JYOaGHOaOF2KjDagqcKmKlzYlj1dKUZhsUnxsqToueEgFfGD6STqhpM4d2Itgav_jh_4V42ihMRsilVIIxlsncJJPo8nAnl8OBg-FKZDdQRocCT_yLeJqJQpRFHeKVWJ2rqWnx_L0sZcI8ubyak-oTrT_PT-sqcxlZwXiQhf2lRHoXmH0L3qQGZhpZwdjlwxHmzEkqujzPcb5BP4cll9VU-IDTPfg7wKdaJQPQHsAYzABdHBP2tzvAUE4Df9ws_iTuVzJX6e1GAhubVKJnH5w6nM70wU1yzxneLEeYQ6j1vbQTlonx5cfLWFwFmOuq5D6soOVbn-u5N-V1xVbyNC9IPzvwfgHC8znN4z5ADi-sqsnGRjIErDPAJsgS8GyfpHOAovpCepgl4FCvEsW8u1YnIvN8Q8tg-KUyIrj0Ukh6ZQQhJHVF6PMVSzNfRZ40gjkoDytroTugRN9OsV0ToWO0Eg&sai=AMfl-YRZOuoTFGIN2YJbyE-GIc1kwTO8LK5ml8NhuF0frZdqnfwj_ZG1gjpsnoia7mpyG4kn4Vknv1T77nWSxJ7aWr81D4U1HPWejEoPvLIGPa9mHVKmeEwdiduVc210oZGA-MUld8Hyg2yMnMLYn4AIgjC2xJRy0Befz-JJMhN7CB6iHv0BuuA5JBVRmkaiSUe3D2wNGlVvqtOyZYM-pRfMT8-JgjXLlZJddWlKbHehp3f7U6WIYhmV72eDBzw9ec2YUhGBlnzbio71l31qt6PczxwABhJiBztFdThlCO0HOXlDc3yG-hrjEIT1phwMB2l7dr7JDfT_hmVGjC8StdGOWPegevNqPq_g8GOQM8NDmT38b-ykRLjV7GzOiR3fAsGtHQ&sig=Cg0ArKJSzAC0YSZ4rKSTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=137&cisv=r20210831.86645&adurl=

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 03 Sep 2021 13:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1

43 B
1014 B

59ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 13:13:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 03 Sep 2021 13:13:22 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B2C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YTIfclRk1nIFmLbttPmdSQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1&C=1

43 B
1014 B

54ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 13:13:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 03 Sep 2021 13:13:22 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 13:13:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAITQM89eS63w8j5JBRTKuM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6B2C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJqBxQ22Q23Q4zY-uakWJdc&google_cver=1

43 B
1004 B

80ms
61ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJqBxQ22Q23Q4zY-uakWJdc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJeSuJcCENKk26oCGIuJzZ8BMAE&v=APEucNXw-Z1IC-7Ul5g0MSao2yUFCzFx5JhMC6WAhKMNhjZhhfq90LmMgCciw_2PQrjP0UV0XZfDHteM99N5-j9kPJB4UrJPYIsZ-KMaSa9TlVcL6t7VgX10a23kvprE5zVR6GP8Lo7t_z4I6WlAueY1rjIwgkehWMDe6HNERpVYqz_vk8rbtH8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 13:13:22 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bf3370bc-9903-400b-b29a-b4f43807707a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJqBxQ22Q23Q4zY-uakWJdc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6B2C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk5NDgxOTM2MTYyMzgwMTk4NQ%3D%3D

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk5NDgxOTM2MTYyMzgwMTk4NQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Sep 2021 13:13:22 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 273bee90-5627-463c-8720-fe28b7e4fff4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk5NDgxOTM2MTYyMzgwMTk4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2665
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIUyIA7iD42mOGa0SAqA3E&google_cver=1

43 B
172 B

38ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIUyIA7iD42mOGa0SAqA3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHIUyIA7iD42mOGa0SAqA3E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 2665
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDhlMzkwOWQtOWU2Zi0yZTI2LWQ5YjQtYzA2ZDdiZTJmY2Y3

170 B
188 B

58ms
57ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDhlMzkwOWQtOWU2Zi0yZTI2LWQ5YjQtYzA2ZDdiZTJmY2Y3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Sep 2021 13:13:22 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDhlMzkwOWQtOWU2Zi0yZTI2LWQ5YjQtYzA2ZDdiZTJmY2Y3
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 2665
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPqZ_yHfPPi2g9rFzCGxCq4&google_cver=1

23 B
172 B

71ms
68ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPqZ_yHfPPi2g9rFzCGxCq4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 03 Sep 2021 13:13:22 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPqZ_yHfPPi2g9rFzCGxCq4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2665 23 B
172 B 182ms
66ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGKuG77IBMAE&v=APEucNW3zieKqHBslRui5ziwS0MGX5yw3ASyiEMTWylvCBK_gkTryRFmoVkWS5Q11yxFWMcBcmLeYmuS4WNJpXEDevy-ogS-U361J7NDACMkTHe23rjauMTjslUdyEmP78O4ZRYiVAkxF2VcKXNin6MjRtXag37Ufk0GVKNskokqxlQXWFW84PU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 03 Sep 2021 13:13:22 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B7D8 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 201581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 95C7 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 12:28:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/havasfrorangedcmdisplay758646212611/ Frame 95C7 322 KB
108 KB 154ms
46ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ed277dd1b4016dadf7689baf34e347ee04c30c40463038606d58f53dd928c7f6

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 14:40:50 GMT
server: AmazonS3
x-amz-request-id: G4HA9CEQNZSJ5K01
etag: "5e7b6b6ff9c70816a7cdcbc6d54fe867"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61773
accept-ranges: bytes
content-length: 110339
x-amz-id-2: xy3AVkE39C85Rzoalwlzo34xPTlb6B3BChJyLukBykjJP7V+A4oDqBUi6C1gVRvzsHyUbkOnNk4=

GET
H3-29 200 index.html Show response
s0.2mdn.net/8365738/1629827842829/ Frame AA8F 6 KB
2 KB 15ms
6ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8365738/1629827842829/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e99b3dcf3cbb6832b6166ed75018fe3d51484f8214904bf8f35a6b849da5081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8365738/1629827842829/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2120
date: Fri, 03 Sep 2021 11:06:18 GMT
expires: Sat, 04 Sep 2021 11:06:18 GMT
last-modified: Tue, 24 Aug 2021 17:57:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 7624
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95C7 0
61 B 86ms
67ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJOuR0f5Fb1TPXj-Aw58mgyEGgd20-cTew3DkxX3ldgTTWQA3MraQWjDASvE71fJ2WTwPC5p4pA143mnCURNh6QgdgmLSphQ-wvUu4aAsxZ2qa3VXyfv4W4eLziZe058LkpH17wiIrxjdak-iYavbUPbsYmasC-GdHFCwfbOXShIRv_HM4kczkPpBJjCeh6y9EeyHMUdnh8fHa0Iu1bSSQ1bXTf0mp8cl_88VDill9gWygypRi00JlHC9vVSzC9JI2LVsLHVR4q90ogY3rTXC1-B5lmQ_9kqYmMmE-f_i8xdlkT90SbouYICgOG_TXJr1rQYwjP0Sg-pc6h3AUDBZn19OzXs6v2CU5ajXjEaI9x9Y1CwdfbKc81VS9OtgO9lc689AZBBjfF4pKaE3guH_OYfGn3LgfY_6KktG8_Wbp2iAi7H6-apr9sukfeWgvL7T3V9lvrQqfsUDwX69Dk1waQoMu8iZluizBaoYyX88emlLLJ6WwLPHXGa3a5OrHio_CPyGgzvusyEnJxQuPW2uN57GXC_bNbR_OAd2j10q56s7_33w9293J7IhisDwUk119XKBuXB-cnoVk3wQM0Z9qna4abFvkYmnvAS2KMNitP8umEWqjv3RA-KFhjBzUoug8zA14uQaKJL19BtKW80AEP0DG8YKuDE5wP3Wa8ykd3CAMpOlF89SWDKZK1lZR7P_I0ariZCxuyJPQq2zz2nXxbR0d5RvS8JhEnj3g1u7pHKiMognqur_d7AZqiY5qebuvw-rtvDQdaV0jdAiXt_uhFWSJ2RLpvQ1TV7PlqpN7z0m6nx7h3NPQ2EfK2cbPpDR2A9Xz7UlFGQumJmrM9zjomfgYz7Z0zbfCeJas6WNNAOVZJ6u6oB8odsUeh8B1HS0EXk8FycJX3u_dbmpAR61PeY8SIC90ALMq3yJjYR-_0P1g-2KZaxoEOSnGPwa-0glzjlFYntxliLstglJCkPUXHErISe4UIles7qJoCj0s8rp-1FlcP1qPGxSuXHGpyDPOEW4nfM_W7doFtvIklZ4rjDAN1zvVE0GfYwOuTcoNoWrFvtCPuOhXPZVbixhMCPLWu33XGu-woo-mmIMpmR7ZjO88Fdvc9-vtnkJ1NGgG89xtDlphSxiKs_ipFjXBv2qJSOvEpWXeQSGudpROFg&sai=AMfl-YTI_hkrGrZ8aNl-hy5XESGiYUnC89mmoPGbgII7jIyaBPYPb2z6CQa-ceWML6CEPlP3CBO5zsZyoBDiddULI-KlF0-bS9NVq2KRoEBjrLsQ7j3Pm6FI9EQOVW-UlYCg6OoVkjn-G23l8GZHV7jzHC4VSQJJc0qBCIMymCA&sig=Cg0ArKJSzDeBOUAf07QyEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=85&cbvp=1&cstd=79&cisv=r20210831.60721&adurl=

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 03 Sep 2021 13:13:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 c9175d0c020eab6da5ca1f3efa8ce5bb.js Show response
s0.2mdn.net/sadbundle/10708412454653215439/ Frame B909 73 KB
19 KB 21ms
14ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/c9175d0c020eab6da5ca1f3efa8ce5bb.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6fd5cb2c984bd4a28fb9459006a5f7b306562c94ea04f0dda78b1353e77dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 18:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18969
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 18:16:37 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 837A 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 201581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame B7D8 35 KB
13 KB 14ms
2ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 13:05:40 GMT

GET
H3-29 200 user_uploaded_heldane_text_800_normal.ttf
s0.2mdn.net/sadbundle/10708412454653215439/fonts/ Frame B909 435 KB
435 KB 17ms
9ms Font
application/octet-stream 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/fonts/user_uploaded_heldane_text_800_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/c9175d0c020eab6da5ca1f3efa8ce5bb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4590f4a574770efb0a30651465a5dc8a2dcb48b94a152fdf23c64a80a5d3b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:14:18 GMT
x-content-type-options: nosniff
age: 28744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445036
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 05:14:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B909 2 KB
603 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/c9175d0c020eab6da5ca1f3efa8ce5bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

279fa3b3703e0098febc600c5be30e6c2f854d2518ffcf0f6e089e38673666cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 12:22:16 GMT
server: ESF
date: Fri, 03 Sep 2021 13:13:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H3-29 200 49cb031624d5e03b10e6aa69d470266a.svg
s0.2mdn.net/sadbundle/10708412454653215439/media/ Frame B909 8 KB
3 KB 8ms
6ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/media/49cb031624d5e03b10e6aa69d470266a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48b6aea5a2fa6f65a24343cb2d42d90a1ded1e329cb0839c2d09dcf76cafa0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3185
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 04:59:50 GMT

GET
H3-29 200 3b44c4776af85d8b956a02f3fef2a4fb.gif
s0.2mdn.net/sadbundle/10708412454653215439/media/ Frame B909 226 KB
226 KB 36ms
35ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/media/3b44c4776af85d8b956a02f3fef2a4fb.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29907e25b7ccbf87dec03ae68ca4dc0c69eb431dc0ccc27f7182520de6118536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:18:26 GMT
x-content-type-options: nosniff
age: 496496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231005
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 19:18:26 GMT

GET
H3-29 200 styles.min.css
s0.2mdn.net/8365738/1629827842829/ Frame AA8F 3 KB
1 KB 16ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8365738/1629827842829/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a493672da91d4b81e9c1caf8083a662b2f6e347dee7d361f51f5a9211c9cd01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1279
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 04 Sep 2021 01:21:54 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 456 B
478 B 17ms
6ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f59a37b6fbc65cd90d1f2df836965917b044bdda95e4a579061dcba5686f66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 456
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 galaxy-fold.jpg
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 11 KB
11 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/galaxy-fold.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9895c53b422db399a75359f1ee2e01738e12f13f489fae051aa72caa61b245cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 samsung.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 834 B
856 B 11ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/samsung.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d26463812f873dcbe14df144f22b9de165920a012c852622f634ec342b83882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 16:15:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 75468
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 834
x-xss-protection: 0
expires: Fri, 03 Sep 2021 16:15:34 GMT

GET
H3-29 200 txt.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 1 KB
1 KB 15ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1a6aa2cdb3997639c64da470c270fbd9f48ab1ffb8982f1c4b8c3ad041f56f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 01:21:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 42688
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
expires: Sat, 04 Sep 2021 01:21:54 GMT

GET
H3-29 200 txt1.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 582 B
604 B 15ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf2e2dd9c459a4d0080f578e759b048f1d2a15b18abb54e8f113d85cac2b3497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:22 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 txt2.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 683 B
705 B 14ms
11ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba270cc57d9cefede0f751edf166ddc1eaaf98740a6d41090b9951b465d9475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 16:15:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 75468
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 683
x-xss-protection: 0
expires: Fri, 03 Sep 2021 16:15:34 GMT

GET
H3-29 200 price.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 1 KB
1 KB 17ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/price.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7610e391cf46ea23ddb5d7f54132a679c2bf19a9bc9b7b1c285dc87fb69c6d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 16:39:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 74012
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1232
x-xss-protection: 0
expires: Fri, 03 Sep 2021 16:39:50 GMT

GET
H3-29 200 txt3.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 1 KB
1 KB 17ms
14ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5786799b44b720a90c746f11e28e1da55314ccb308baebd0bded381d6164db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1088
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 produits.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 2 KB
2 KB 17ms
14ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/produits.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28a3dcc1df7fc5f75aeb595d3daaf5b70674c80db5842b1c687bbfd1fe7c8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1750
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 kit.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 330 B
352 B 16ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/kit.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c11e0c3c7739a4df29fd6910c1d622c9fd2d49f2fae24f4adc364b9577f3825b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 footer.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 1 KB
1 KB 15ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/footer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485ad01e3e6da2a13c639804d9d35cb9acf7996253cf976c0bc2564946b05bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1282
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 price1.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 1013 B
1 KB 14ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/price1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

156eb5ceab24266673743b5486f2f45dfae789163153b90b7426c3b41a8c4f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 txt4.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 847 B
869 B 14ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

008819735fa652a6504764a70ee551d8113c844bf5a723eda53a5657cbfeaa97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 847
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 txt5.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 385 B
407 B 13ms
11ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/txt5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bc49076cb5e4c7298ef294306b0229ae1a7c607557d52ae43f538d7bfd811bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 385
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 ml.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 7 KB
7 KB 14ms
12ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfa3aa7375ef80ba8b42d58c16e10e20a0ea651cd73be8e1be14731dfdab77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:06:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 7624
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7582
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:06:18 GMT

GET
H3-29 200 scripts.min.js Show response
s0.2mdn.net/8365738/1629827842829/ Frame AA8F 68 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8365738/1629827842829/scripts.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfba7e1db69eb23e65f66443d1ff4dafc139e3ff3cf685e40f991e39c227cd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 15:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26502
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 03 Sep 2021 15:01:26 GMT

GET
DATA 200
OK truncated
/ Frame AA8F 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 837A 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/8365738/1629827842829/img/ Frame AA8F 615 B
639 B 12ms
7ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8365738/1629827842829/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8365738/1629827842829/styles.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fcc26c6ceddf52caa70bdecce9df40687d92e639a0da84083023c7d434f95a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8365738/1629827842829/styles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 13:46:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 17:57:23 GMT
server: sffe
age: 84400
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 615
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:46:42 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 167C 0
23 B 110ms
62ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 3b44c4776af85d8b956a02f3fef2a4fb.gif
s0.2mdn.net/sadbundle/10708412454653215439/media/ Frame B909 226 KB
226 KB 10ms
8ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10708412454653215439/media/3b44c4776af85d8b956a02f3fef2a4fb.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29907e25b7ccbf87dec03ae68ca4dc0c69eb431dc0ccc27f7182520de6118536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10708412454653215439/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:18:26 GMT
x-content-type-options: nosniff
age: 496496
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231005
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 16:52:39 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 19:18:26 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2
fonts.gstatic.com/s/rubik/v14/ Frame B909 17 KB
17 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c4e821117841b205d81cb500023bb9eacaa6c7327d81bf2d2a06341f7dc30b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:58:03 GMT
x-content-type-options: nosniff
age: 537319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17284
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:46:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 07:58:03 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95C7 0
23 B 66ms
66ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 167C 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e541b98e3cfeb97a6e34e698460b718c934a248338855f6a11e9f15cb51d3e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 95C7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d03480e0ce43a91f1a291f29625d9da149146fad498802448305635ab20bdabd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 95C7 98 B
271 B 165ms
49ms Script
text/html 52.31.222.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&m=0&ar=503c7d4-clean&iw=9c66a48&q=2&cb=0&ym=0&cu=1630674802400&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=26335949%3A4440622%3A312071326%3A156695214&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&bo=okezone.com&bd=tv.okezone.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A276%3A276%3A0%3A587&jk=-1&jm=-1&fs=194337&na=2143423527&cs=0&ord=1630674802400&jv=1096151701&callback=DOMlessLLDcallback_40479197
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.222.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: d2d18545b35732e31a75403fd31d6c99c539d118e9d6dc65bd983cc4d7920575

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "f4c765acd6c920ae181caa3eba53becc9918c5d6"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 95C7 198 B
373 B 133ms
42ms Script
text/html 18.135.147.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Ftv.okezone.com%2F&pcode=havasfrorangedcmdisplay758646212611&ord=1630674802400&jv=1928341964&callback=BrandSafetyNadoscallback_40479197
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.147.11 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-147-11.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: bd0bf965069674954c03fec50363d1e0811cb7de5f4134f1965d2ea022260861

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:22 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "c86098b639aa0386967a7d291c50e7c772b4aca5"
content-length: 198
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 46ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&m=0&ar=503c7d4-clean&iw=9c66a48&q=3&cb=0&ym=0&cu=1630674802400&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=26335949%3A4440622%3A312071326%3A156695214&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&bo=okezone.com&bd=tv.okezone.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A276%3A276%3A0%3A587&jk=-1&jm=-1&fs=194337&na=880943290&cs=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 44ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F8365738%2F1629827842829%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=85&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A276%3A276%3A0%3A587&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=0&ah=60&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=194337&na=160391869&cs=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7D8 0
121 B 54ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfEPwcR8yYdrJFdaox_APhvW6EAAAAAA4AeAEAg&bg=!QkGlQQXNAAYJpm41CaY7ACkAdvg8Wi2qirvkWYq_PoxaRJnApqpwtAIUN-ymgJFxO_Hq8C4JTp47JwIAAAHlUgAAABJoAQeZAwV5IfriEBMNm-mSBfPpzuSHT8KWXI7IlLASoayJ4X8j1OyC8CTzCLs2n7YtnAEdwGmTHxX5VdfOhzuxZ3uYcutygdYqbuAsK2sUee-igGjralC1yOBgyJzR0gIgoZzznl5xrkLw2cHlBgK1blDjsyN4QpLa-IV32wtsaWg5VsSSyps92i-vFhf1egHYZ0UaLQC903dkE8EIKykY0MaRCMK3nuZumtw_OMjf7EpLjh0aioaQNFPk8afrHk4lWgBckG5SRpbbysic___0VGlw3rzMX3hBDdRW_iZNQ2CDLnoLH-cQRnslSzE3drOQmOAXSeZzwUQQJnQxYUljt5U2TWhxdOQibWLvqJJDJshnVX1-LyUH94knP91wxA_pQgprx4FxSqS0F8ovBtLpCcHhNVD4aHoopkUXlw4NYz7ZC1PoF5-1DBAOyXoP8DYxU-2u8Ch6-KhypK5ZqoOBmjaqfPxx9L_dF3Q62vSFqpCe8UM9JHoZ2raoxleJNfWPzI_NmN0rjEU1oA6xVjjSaCDVhCEJ5fSIe8pugMn0uaB9T1BYI3_zFTHDuzqsm1i_mr8l93lSnl3Eym2b9Ki6CxVce_w8N4dDDzChWGscu-5hN2NefdcDgdyG2RTjZzdT0rv6vNw0LemNRSh36cJh4mZ4HRWdlyS8GI6VnP3uaX6Q4pypmk8yFIWFdVgiDGcKNUZd_0-uHZxCfUblQ4-LIKNucmswoMyYn2S0w3zxOB-iLlSEK_th1QEaKP5y53UYBcoqQx7ZsDajw3wmDKXqMgBwWL_9vTfiEMKCruzrp_K2aykXWGOBK2E_QN_42S3dOy7HPmJXlVySIwIznpfCBgYUh5SQbjO705LY3-0D8ttn46uoRc-oySSF44hr26dpOk546GUhyRWlpQJZwDs0wM9b8rSAhzhLwXzjFYaRTiKj2VKivkVHi4-7beaj186o-2FtdRRpq8hA9LVGlT6d-w2gilbIMQCyji8RUXNY-Cz4gnb7qu4AmKT_JegL-u4vBlQljgVH3gKGDQ

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 45ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=207&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A0%3A587&aa=0&ad=65&cn=0&gk=65&gl=0&ik=65&ic=65&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=60&cd=60&ah=60&am=60&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=194337&na=2002943519&cs=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 58ms
43ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=60&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=1&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 54ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=60&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=2&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 57ms
43ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=65&fi=1&apd=190&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=3&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 55ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=65&fi=1&apd=190&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=4&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 837A 0
20 B 46ms
44ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6440cR8yYeftM7-S9u8P9JC-kA4AAAAAOAHgBAI&bg=!k5ClkNTNAAYJpm41CaY7ACkAdvg8WtvAhS04Y_536L09F7cZ7pD1I6BDJNnYi5fqzTlAwg7Uk6TNKQIAAAHHUgAAABFoAQeZAreVW3wUJAoP6Oy_DpUaET6i0gWiXhT9Li_bkvtX-TcI6MPp9R5KYOFk8RWilYNDYHsw_OJO9iExqhoBMZTeAiru0y45vVmM_yBO4e0wDhnAbVErwdPFvDiQj4wgk2IFD68jyLa5W3qhthwBW8k2Tpt676Hom8oJUgjF08w-OVKWVmIEIhe5rHqY9cJqmiytiXxMHzCpTaQPTopvYL6BYYV4lmJMDFmkWuPW1frlprQq0VprFS5jnB-9X1O65fPBjRv8fXzJnxTiF0cYg9zMzsb3SjJAwn3kfDjkLS5f7JVp9S4cRmW28w41lt9sCQy7WCL7ujb2dtlpoC8LWtkWuXzrhLjCENfPAw-kso0luvw88-8cqHC9VJBeUrvTN6n3ynMSg03qLH41doTggrgwubS6EaO2Sbda1Wkk03i179yoF-a21GQ84G5E0lKx8EYR83pEO2IKa-WfGNnQrk_kAgZqbHjETq0D5rOYoCFCNf2nHmyPmAohGw8oCpILIcpIpRyJWcnqH5jO63qKggmqGxmJVLUE50OFNmmEaO2QQzQuaBE60RxBOh8gtWNJNI4agsBOxzwKAs-5dCBb7Gei1gAYbUmt93_7k6LLHj6YTNbyWFS8eSG-xBVFzS9zhCU-Q134g16n3fTBjo5xqUn6ImcXMGxWvUtTRA1eHx4JAU7Kbqv8jX0hHC7LduGsx_8A70A7jrkxnyQ2rz4q4V85YvmywMWNid2t8t9RdpxsRni2B5A7zH4Q6jUnHTyvFEVvwuzRvh_nSxWEoDnUyT-YjcrXmYC-WFUUOJWh9O63rhs8kw6qGah5ybfMiu4jr-az9h6BR6oiC7ytw2AWVBLZSeRQrn0vToG90b0WIeYcd_kipb3OX7Q2g_s7GXZKBCJPNtjLqlGZKozuQ8gjA0gue92FmGtuF4UgPg

Requested by

Host: f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
URL: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 43ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=269&fi=1&apd=394&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=5&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:22 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:22 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95C7 42 B
64 B 52ms
49ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyaoKVKG2zM4ZB2BtFgMFvZvqz9BLqwK1jvVDR1x5PDGAEN5Xb9ZzkNLRt5AI2N2cf9hrPS3ti1JXgwcvfanHFW5CVC1UgEmi-Lz8QRq98uoIsLdYBNpNWcfzFyA&sai=AMfl-YQ6tBWHVdH48rB574r6nIabdIdGYo4-_ONSp4AYwk1ABiDYveBtzIYurPlGATLA9aOYMis9LkdHREVxL2AiiNY6uh6RAfSIfXscPRaTPHmGWtFLtwv4nhG-slLp8dE&sig=Cg0ArKJSzPz7BZBq3yuSEAE&cid=CAASFeRoXvul2HeXt9HLtmoNsd4EOE9ytw&id=lidar2&mcvt=1001&p=753,436,843,1164&asp=753,436,843,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=277207623&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630674801755&rpt=584&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 167C 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsJxw5rWZtLKgg_CHTuieHbjT0FU1s_3XhRaZoSCrCMb9mbprt4wuhmqK74739g5pKh1gYzZmKrPF1ivPFktuMzktQFqV2Rlgj6FRvzTooKKnYYGHRvlIY6ghYPg&sai=AMfl-YToqGC0v-FQhAzdAueg7_hCnnARlMeaZW2icceGCdXCHEwolEhAc8ogl4xIveQBpCQ1ln-D0wpr1y53ERbirRTcjUyIHI9u-gAW8hPrLS5WZoLUBCjiKXDAGflSxqg&sig=Cg0ArKJSzMg850pA4q3FEAE&cid=CAASFeRo_SWwhRkiNLOIP9vbs3cGZL4u_Q&id=lidar2&mcvt=1003&p=213,315,303,1043&asp=213,315,303,1043&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=341882445&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630674801784&rpt=530&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 43ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=1231&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=1091&cn=65&gn=1&gk=1091&gl=65&ik=1091&ic=1091&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=60&ah=1012&am=60&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=194337&na=126309036&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:23 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 44ms
43ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=1091&fi=1&apd=1216&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=6&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 42ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=1232&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=1091&cn=1091&gn=1&gk=1091&gl=1091&ik=1091&ic=1091&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=194337&na=72014762&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 50ms
50ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=1233&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=1091&cn=1091&gn=1&gk=1091&gl=1091&ik=1091&ic=1091&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=194337&na=1776591181&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:23 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 67ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=2104&fi=1&apd=2229&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=civ&os=1&fi2=1&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=7&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:24 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 45ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=4923&fi=1&apd=5048&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=8&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 46ms
45ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=5266&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=5124&cn=1091&gn=1&gk=5124&gl=1091&ik=5124&ic=5124&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5048&cd=1012&ah=5048&am=1012&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=8&jm=-1&tc=0&fs=194337&na=521662436&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:27 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 43ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=5468&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=5328&cn=5124&gn=1&gk=5328&gl=5124&ik=5328&ic=5328&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5249&cd=5048&ah=5249&am=5048&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=8&jm=-1&tc=0&fs=194337&na=1418831626&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:27 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 40ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=9937&fi=1&apd=10062&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=page10&os=1&fi2=1&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=9&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:32 GMT

GET
H2 200 dc_oe=ChMImsadgvHi8gIVVtQRCB2Gug4CEAEYACDNvaNG;met=1;&timestamp=1630674812589;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 167C 42 B
515 B 156ms
72ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImsadgvHi8gIVVtQRCB2Gug4CEAEYACDNvaNG;met=1;&timestamp=1630674812589;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 41ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F8365738%2F1629827842829%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com%2F&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=10280&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=10140&cn=5328&gn=1&gk=10140&gl=5328&ik=10140&ic=10140&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10062&cd=5249&ah=10062&am=5249&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=9&jm=-1&tc=0&fs=194337&na=379718436&cs=0
Requested by: Host: tv.okezone.com
URL: https://tv.okezone.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:32 GMT

GET
H3-29 200 dc_oe=ChMIp-q7gvHi8gIVP4n9Bx10iA_iEAAYACCu9dtKQhMIm8adgvHi8gIVVtQRCB2Gug4C;met=1;&timestamp=1630674812749;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 95C7 42 B
63 B 115ms
71ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp-q7gvHi8gIVP4n9Bx10iA_iEAAYACCu9dtKQhMIm8adgvHi8gIVVtQRCB2Gug4C;met=1;&timestamp=1630674812749;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 24ms
24ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b8bc08d00d053688734dabcbcb327b8f6c0a79d75d1acc62538dcc8f18d19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 13:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8537
x-xss-protection: 0

POST
H2 404 ngx_pagespeed_beacon Show response
tv.okezone.com/ 2 KB
1 KB 776ms
776ms XHR
text/html 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.okezone.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fpilkada.okezone.com%2Fcountbanten

Requested by

Host: tv.okezone.com
URL: https://tv.okezone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.20

Resource Hash

b84892227cdbe42e3ece458a9c4cc0d411b00d09cffe9106080bf731f8a920c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://tv.okezone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 228
:path: /ngx_pagespeed_beacon?url=http%3A%2F%2Fpilkada.okezone.com%2Fcountbanten
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: tv.okezone.com
referer: https://tv.okezone.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Sep 2021 13:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
cf-ray: 688f3c6f1b414e5c-FRA

POST
H2 200 rum Show response
tv.okezone.com/cdn-cgi/ 0
199 B 17ms
17ms XHR
text/plain 2606:4700:10::6816:3144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.okezone.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3144 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://tv.okezone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 25902
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: tv.okezone.com
referer: https://tv.okezone.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 03 Sep 2021 13:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://tv.okezone.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 688f3c6f1b4f4e5c-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 197ms
196ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 13:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 03 Sep 2021 13:13:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F711 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.okezone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://tv.okezone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 03 Sep 2021 13:05:39 GMT
expires: Sat, 03 Sep 2022 13:05:39 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2602 783 B
770 B 22ms
19ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78621dcf316f61d8e24d1637e5c52663a386ac8f63ce0778a394843acf7ccd1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5GHdcRhfjgpbw1VG2Hlzow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tv.okezone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://tv.okezone.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 03 Sep 2021 13:13:33 GMT
date: Fri, 03 Sep 2021 13:13:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5GHdcRhfjgpbw1VG2Hlzow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame F711 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
106ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083101&jk=638032847443521&bg=!tbaltvLNAAYJpm41CaY7ACkAdvg8Wu7ot6VLKriKGAAM0VV-FIkNpN4xav1mbbTSVlOYmP2FQ9-K_wIAAABrUgAAABBoAQeZAnZiRB3Ue3Iv6NS8y_L74D-tZibNxhZW5970uyJHT6pzXiHWV174ptFEoToMN3m5g84LrfYxjZTGngt1CDeFx1j2hZFhtGasDNu4hhlqhFrvlapHMhBglx0gWVazddXQvnMO4iBZ11qZuf5S5SG9f3s2Yv9XNAZDKaVx43pThaJNR-JpUGxT6iQMgLxOW2e1RZefAko208CcrZS3ZIS0jsT0sovQatd2b5cGjKYlIGM6lcgbIU6n1zsPeD6250Rso7gegFk5aK8Cx2yMZNcqMUjqLEvG3iE4EA_OLarBQsR4m4zJOHIVjLzVnK2He7qd9Tg2ZTnxgPtwUjYqhtEhQYtHJm8nLmPQbDvs_50XpIcd9EY6oqlCvGyljH48aYodaXYW8i-A9mVJgAd-tehTdxhp5ITkngZfG71msfOvlgwLtk_M-Lnc2znyLqjMtKhLSF6jMCbjS4teoN7w_HnhhHx1V2Vo6pXiRmuvhKsF9xzTJBukgUAB0yGigUi4JiAbv9tlgQHMrbgJEG3MrmuquFJGNHDVmWrLeCVXrdyGlWKORJ6gpEVfFHap-qdIky7KpwqcPNtAyIxmZu7SPKPYa6EfEr0ijtsB6WuRmSGhqcCsAeofGOx1088jdpnHVFicrRHgysT4z1wCosQ3T8ycsfWTcugbsrbifcRO7jh20ItCpkLoFcV_wgzBCzXphkBkO6QJL__t6hZchkSFdsXk7YoqU0pi_-gWbQjXh19VW0c_VB4lw0VgSJp8-PKx_iOIcnANWsTh2zT4PimkG60NCeRxLwlnhpgZXZ83MYSCRZC6hNtveVfIEiga-rQpWb1tdvrvmLbQEpc
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tv.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 95C7 43 B
260 B 41ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1012&tet=14966&fi=1&apd=15091&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=tv.okezone.com&L1id=26335949&L2id=4440622&L3id=312071326&L4id=156695214&S1id=okezone.com&S2id=tv.okezone.com&ord=1630674802400&r=686781621081&t=page15&os=1&fi2=1&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Ftv.okezone.com%252F&bedc=1&q=10&BSD=safe&BSC=gs_entertain,gs_travel_misc,moat_safe,gs_travel&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 41ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=15307&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=15167&cn=10140&gn=1&gk=15167&gl=10140&ik=15167&ic=15167&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15091&cd=10062&ah=15091&am=10062&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=10&jm=-1&tc=0&fs=194337&na=1672341576&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 95C7 43 B
260 B 42ms
41ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=4&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3468792939&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjrJBDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-P0xt5D9Dn5upsGPVCywBEAhKBRM3uwndnCs78ABRGBCPEpDfmAqnEVFZ&sc=1&os=1-qw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ftv.okezone.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Ftv.okezone.com&lp=https%3A%2F%2Ftv.okezone.com&t=1630674802400&de=686781621081&cu=1630674802400&m=15509&ar=503c7d4-clean&iw=9c66a48&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=207&lg=1&lh=63&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A276%3A276%3A995%3A587&aa=1&ad=15368&cn=15167&gn=1&gk=15368&gl=15167&ik=15368&ic=15368&ez=1&co=1091&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15292&cd=15091&ah=15292&am=15091&xd=00&rf=0&re=1&wb=2&wm=1&wi=1&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=26335949%3A4440622%3A312071326%3A156695214&bo=okezone.com&bd=tv.okezone.com&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=55707912&zMoatDBMIOID=22437802&zMoatDBMCreaID=375112491&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=10&jm=-1&tc=0&fs=194337&na=674172114&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Sep 2021 13:13:37 GMT

GET
H2 200 dc_oe=ChMImsadgvHi8gIVVtQRCB2Gug4CEAEYACDNvaNG;met=1;&timestamp=1630674822589;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 167C 42 B
107 B 72ms
71ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImsadgvHi8gIVVtQRCB2Gug4CEAEYACDNvaNG;met=1;&timestamp=1630674822589;eid1=2;ecn1=0;etm1=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIp-q7gvHi8gIVP4n9Bx10iA_iEAAYACCu9dtKQhMIm8adgvHi8gIVVtQRCB2Gug4C;met=1;&timestamp=1630674822749;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 95C7 42 B
63 B 72ms
72ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp-q7gvHi8gIVP4n9Bx10iA_iEAAYACCu9dtKQhMIm8adgvHi8gIVVtQRCB2Gug4C;met=1;&timestamp=1630674822749;eid1=2;ecn1=0;etm1=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Sep 2021 13:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: index-test
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=970px, min-height=90px styles on the div element with id=div-gpt-ad-1464079991176-0. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=728px, min-height=90px styles on the div element with id=div-gpt-ad-1464080076541-0. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c DUREE : 9.8
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c BOUCLE : 1
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c DUREE TOTALE : 9.8
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: ------------------
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c DUREE : 9.8
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c BOUCLE : 2
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: c DUREE TOTALE : 19.6
console-api	log	URL: https://s0.2mdn.net/8365738/1629827842829/scripts.min.js(Line 1) Message: ------------------

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.okezone.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.okezone.com
certify.alexametrics.com
cm.g.doubleclick.net
content.jwplatform.com
d31qbv1cthcecs.cloudfront.net
dsum-sec.casalemedia.com
f7bada53ccd219ef09773764636d11bd.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
havasfrorangedcmdisplay758646212611.s.moatpixel.com
ib.adnxs.com
maxcdn.bootstrapcdn.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
s10.histats.com
s4.histats.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tv.okezone.com
us-u.openx.net
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
104.111.242.245
13.32.121.21
142.250.184.226
142.250.185.226
158.69.251.190
172.217.18.98
172.217.23.98
18.135.147.11
18.66.112.71
18.66.97.118
185.33.221.90
2.18.234.21
2.18.235.40
2600:9000:223f:f600:1:a3fa:7cc0:93a1
2606:4700:10::6816:3144
2606:4700::6810:5f41
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9d
2a04:4e42:3::729
3.142.157.144
34.98.64.218
46.105.201.240
52.31.222.185
008819735fa652a6504764a70ee551d8113c844bf5a723eda53a5657cbfeaa97
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
043b0837ca5d3c2799610f9e270a11e9957f247fda22670778fd22a3c4c9ec96
08239e7656e813d1ce97e9a701b82781c0425b62a22c8250829e72759999bc3e
0af1b37f4c1dc3aa717a2958e6bd902fc3ecca1d5a9af93069455e342015c39b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba270cc57d9cefede0f751edf166ddc1eaaf98740a6d41090b9951b465d9475
0bfa3aa7375ef80ba8b42d58c16e10e20a0ea651cd73be8e1be14731dfdab77e
0d0b8b75a634e9d72b20cbcee56274b37fe162b5c293679b6ffc7ee74fc96c84
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
100b535af5d9015e322685a154171757a7c1a29ffd41ccd8bd097cf66cc6d079
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
11aa1f0e5b623a90e24760563e868735e7f269fcaa31b01f63568f74e657d241
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156eb5ceab24266673743b5486f2f45dfae789163153b90b7426c3b41a8c4f20
1c6fd5cb2c984bd4a28fb9459006a5f7b306562c94ea04f0dda78b1353e77dd2
1ca1c387ec0c495d7e61ac302e3e470c872717da74096f5b19a8dddf284aa87b
1cd3f43c1be1ae18cda5a46f43c9f28fb8fce0d9e64f1b3bb573355b58e4ae55
215c62eb7bee6b40d109919a645d88cc4c3f96a9acba8078ea4c8b59930eda19
23754f049415d16f1bdaa8fa702dc3d19757f4e9cd001dbac9484698fd91fd35
246efbd3883ee81ad9c4d37facda04c7f39875800ffc77e3b58abcf2504c1b42
2689e96f5832f25505a6741e6f283691b48315605bc1d1e29299518a9d81fc71
279fa3b3703e0098febc600c5be30e6c2f854d2518ffcf0f6e089e38673666cf
28f10f18ebeeecad931883bb1c802eb120eabd8cc3426d917f1f758a1d67ad0e
29907e25b7ccbf87dec03ae68ca4dc0c69eb431dc0ccc27f7182520de6118536
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a7e88c559a7d9ac7c6c46ffd8783f1678fce6f148325cf107bb3a16aa12e87
34df6b3a9512dc991adb94ed4eece7f22cd1e9ab0e7894625ebf4327a779c126
36c24119c8e325a49a9b79de24b0612a6b9fb116ecf74b04adecb7870b1f40a7
3780603775ad6de77b27210aa0be851e72efee754ef83016a5ed75f74e20c0be
37b8bc08d00d053688734dabcbcb327b8f6c0a79d75d1acc62538dcc8f18d19c
3e99b3dcf3cbb6832b6166ed75018fe3d51484f8214904bf8f35a6b849da5081
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
485ad01e3e6da2a13c639804d9d35cb9acf7996253cf976c0bc2564946b05bbf
48b6aea5a2fa6f65a24343cb2d42d90a1ded1e329cb0839c2d09dcf76cafa0e0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba894b64d074b9603be9b771279f18de9cf0fb5621c3c5c55f76ddbb34b2210
4bc49076cb5e4c7298ef294306b0229ae1a7c607557d52ae43f538d7bfd811bc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e76177722cff7661c6bf7cc77b62223a75a62b8238d029001b6a5c25e78a417
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56002b0b3ba81d21df6495a13ce6d6c52f92cd9036602341c2d033a93b02e4cb
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
5786799b44b720a90c746f11e28e1da55314ccb308baebd0bded381d6164db12
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5c1407bd1630723776cc713fdc5494334524ef652b5c082324fb5939489d2627
5d65d223ebebbe249c352c9ffb806bd31e5ba30dc3ff33485e28555c0cf590ce
5d7db0bad59789b932d37ce719039a7647154755b7220b86ac1fddfb77836202
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f59a37b6fbc65cd90d1f2df836965917b044bdda95e4a579061dcba5686f66c
63f7bc2c535d730004ed2ffdda35f9d4ce901a9a25f8677535dc5b520260a667
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2d904f781fa8d1cfcb437fda3b842a654182a1e1c1c72925d9aebecaa3d9bf
6c4e821117841b205d81cb500023bb9eacaa6c7327d81bf2d2a06341f7dc30b4
6cdfcc6b2a7c844923c60ca1e1581cc7c8f218e7b6729fb5d1ef80d20dfa80e9
6daee699471b9d8347c59a423296c37297b0fffecc2a15834dc284a8dd04cb5b
6ed84dafc8974dc21e85c5b71f88fbbb3f13280595a9b794fb00f4297f7b94be
72074c9abac4e7f638d7b4b9cbaa177dea1e1fcbc98474a7af77e1bc43955aa3
7610e391cf46ea23ddb5d7f54132a679c2bf19a9bc9b7b1c285dc87fb69c6d19
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77cca91edcb0259160bfe211306b7deba6df1c2cfc3ce5c81783762bd9081000
78621dcf316f61d8e24d1637e5c52663a386ac8f63ce0778a394843acf7ccd1a
79983cdbb5711be4846b863ba60fc47398e1394e068794e37d95c80b39be78ff
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a8dbeb0dfec71c18250fb6786a18972fc70d07d3871775bb8aac9d05b3125a0
7c06cf6f20fb9801c3121a0e1068554180e4b3c06c032bef9b3df879d3d20d97
7f4a3152da3892747e903889e79becf867ba8969c9538681e3074159a7a703ae
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ca0afd3f01f66744ab31e53dd9b493fea689e5e6c639853f494707d60622d5d
8caa4af04c48a9dd7af9a0c811c0ae657fc34bd886a936153880b3d82f44868e
8fcc26c6ceddf52caa70bdecce9df40687d92e639a0da84083023c7d434f95a9
962fa58943c3ba02e722d9982438b25388b3e0d21c842b86dd921a51a11b64d7
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96d3349232417f89dec7f5c26a3872bb542fceaba22361b580b78f6e8d92ef2c
96fa732dd7342c860857f11a5f9fbd17303c1134935d629a99f5c88c9fdd10df
9895c53b422db399a75359f1ee2e01738e12f13f489fae051aa72caa61b245cd
9daa8fb64120ef9c71ded13f117b45ad0856f7191fa0a1c8367b1721ce0da427
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a493672da91d4b81e9c1caf8083a662b2f6e347dee7d361f51f5a9211c9cd01f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a907fee3b581ca626003353b6260038867441e857406d779fac5762c037cf403
a9158174a3da1ce8b68209499137616c3f7b6b4403abcaef0437b64d624a972e
ad25fe54dc58cc4db787bcd3d5c0c250a244ca2ee6137d1929ca13cf3e4f9094
ad8339557aeb8a12c598dfa085ae2ccf1c92ffcae114809ccc43a810690459dd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2606c11a8775dafbb864ebaf90bb6a137078bb160a8f433bf8b8e8fdbeda685
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b72da429d292cc376d2e74f0ba431fc69bdfb5489d113bb29fec99067891180f
b84892227cdbe42e3ece458a9c4cc0d411b00d09cffe9106080bf731f8a920c9
bd0bf965069674954c03fec50363d1e0811cb7de5f4134f1965d2ea022260861
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bfba7e1db69eb23e65f66443d1ff4dafc139e3ff3cf685e40f991e39c227cd71
c11e0c3c7739a4df29fd6910c1d622c9fd2d49f2fae24f4adc364b9577f3825b
c1a6aa2cdb3997639c64da470c270fbd9f48ab1ffb8982f1c4b8c3ad041f56f3
c4590f4a574770efb0a30651465a5dc8a2dcb48b94a152fdf23c64a80a5d3b1d
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
c7c99a96502963ceff01477b07e7c295405f8d7a30faf4b86294be282abb8c0d
cb52419c6bbd1a2780a4b012387e9b5466e1a4df4cc02c5eb2aca2a311634976
cde1760c9a593122af8310fb7c379cbbe97a720d2370c01ce57f5c070217dd20
cf2e2dd9c459a4d0080f578e759b048f1d2a15b18abb54e8f113d85cac2b3497
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03480e0ce43a91f1a291f29625d9da149146fad498802448305635ab20bdabd
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d26463812f873dcbe14df144f22b9de165920a012c852622f634ec342b83882b
d28a3dcc1df7fc5f75aeb595d3daaf5b70674c80db5842b1c687bbfd1fe7c8fd
d2d18545b35732e31a75403fd31d6c99c539d118e9d6dc65bd983cc4d7920575
d36aa1c5ab0a54df35bc34b6bbc400d6e1a38a5085321910e7a66eec4a0ee22a
d4454a358634f59fc61f16741cf30cb77d98700b51b9e1a3cce0b91945deecfc
d7d4e27918f4658658333a5a66cb14c9f4101d0bf4f96fc576689e45fed5a067
d94e406d031ddcfe75a077812c0043519b69744cc1842bb372155fdba16b2885
db0ac6554d440726e84f8fa62624ecbe51d532edf68958a7d42704001962bda8
db4b65a77368925febfe35d58a06a3d7c061de3355ac29d037195db9d3f5d012
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df82c08acac1259a8d24bc4340f1c3323f26aecf4dd99a2151e8d2355a35eeee
e06bc4f4c0c3c5a6f1305608e5e9cff24ee16aed219868b97a03e88349c3feb3
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e2026af0c1863c6bea27349b25ffa15b3c51f2d60bb6544212a272881f7c18b0
e29d04c5b6049b3eb0309647db9725e3ab2b6db557f7f494bc09e7330e992999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e541b98e3cfeb97a6e34e698460b718c934a248338855f6a11e9f15cb51d3e79
ed277dd1b4016dadf7689baf34e347ee04c30c40463038606d58f53dd928c7f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e39696f1bc4d6f70294d8b7350b55d1902592c638c1655b89240f1250544eb
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fac129d76baac5a69912d010f038803dd06557ca1ac881d8871ca396a117ce80
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

tv.okezone.com Open in urlscan Pro 2606:4700:10::6816:3144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

99 %HTTPS

61 %IPv6

26 Domains

41 Subdomains

45 IPs

8 Countries

2728 kBTransfer

6009 kBSize

0 Cookies

43 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tv.okezone.com Open in urlscan Pro
2606:4700:10::6816:3144 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

99 %
HTTPS

61 %
IPv6

26
Domains

41
Subdomains

45
IPs

8
Countries

2728 kB
Transfer

6009 kB
Size

0
Cookies

193 HTTP transactions
3 data transactions