urlscan.io logo urlscan.io
SecurityTrails logo

techno.okezone.com Open in urlscan Pro
2600:9000:20d7:ce00:9:b40:d800:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://techno.okezone.com/
Effective URL: https://techno.okezone.com/
Submission: On October 02 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 8 countries across 41 domains to perform 296 HTTP transactions. The main IP is 2600:9000:20d7:ce00:9:b40:d800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is techno.okezone.com. The Cisco Umbrella rank of the primary domain is 457960.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on September 29th 2021. Valid for: a year.
This is the only time techno.okezone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2600:9000:20d... 16509 (AMAZON-02)
50 2600:9000:212... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
19 2600:9000:225... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
6 13.32.121.72 16509 (AMAZON-02)
2 23.35.236.201 16625 (AKAMAI-AS)
4 2600:1901:0:8... 15169 (GOOGLE)
2 216.139.248.131 32400 (HWSERVICE...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:402... 15169 (GOOGLE)
1 185.64.190.77 62713 (AS-PUBMATIC)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
3 2600:9000:212... 16509 (AMAZON-02)
2 64.185.181.185 40009 (BITGRAVITY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
8 202.147.193.157 17670 (MNCKABELM...)
1 79.133.177.228 24429 (TAOBAO Zh...)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 74.125.140.156 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 54.194.94.16 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
4 79.133.177.225 24429 (TAOBAO Zh...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
2 65.9.95.17 16509 (AMAZON-02)
2 65.9.95.91 16509 (AMAZON-02)
2 3.12.50.160 16509 (AMAZON-02)
6 163.181.57.232 24429 (TAOBAO Zh...)
5 2a00:1450:400... 15169 (GOOGLE)
4 142.251.39.2 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 185.64.189.226 62713 (AS-PUBMATIC)
296 66
6    2600:9000:20d7:ce00:9:b40:d800:93a1 (United States)

ASN16509 (AMAZON-02, US)
techno.okezone.com
50    2600:9000:2127:9a00:11:320f:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.okezone.com
6    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
19    2600:9000:2251:ec00:1f:824e:58c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
img.okezone.com
7    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    2600:1901:0:802f::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
stakingsmile.com
2    216.139.248.131 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-131.aus.us.siteprotect.com
hbs.ph.affinity.com
10    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
15    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:2127:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2600:9000:2127:a000:9:965a:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)
sindikasi.okezone.com
2    64.185.181.185 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b-d.bitgravity.com
cdn4-hbs.affinitymatrix.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
20    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
tpc.googlesyndication.com
8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com
12    2a00:1450:4009:81e::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
16    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    202.147.193.157 (Jakarta, Indonesia)

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-157.mncplaymedia.com
www.visionplus.id
cluster-images.visionplus.id
1    79.133.177.228 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
www.rctiplus.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2600:9000:206e:1600:e:c3de:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.mnctrijaya.com
1    2600:9000:2127:cc00:c:5e3e:d280:93a1 (United States)

ASN16509 (AMAZON-02, US)
img.inews.co.id
1    2600:9000:2050:3200:1f:4c6b:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)
pict.sindonews.net
1    2606:4700::6812:1c64 (United States)

ASN13335 (CLOUDFLARENET, US)
img.celebrities.id
1    2600:9000:2127:f200:15:c3e:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
img.idxchannel.com
1    2606:4700::6812:a80 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sportstars.id
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net
bid.g.doubleclick.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    54.194.94.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-94-16.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
4    79.133.177.225 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.rctiplus.id
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.rctiplus.com
1    2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:d::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5edn6k.c.2mdn.net
3    2606:4700:3031::6815:3e1a (United States)

ASN13335 (CLOUDFLARENET, US)
statics.indozone.news
1    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
17    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    65.9.95.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-17.prg50.r.cloudfront.net
certify-js.alexametrics.com
2    65.9.95.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-91.prg50.r.cloudfront.net
certify.alexametrics.com
2    3.12.50.160 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-50-160.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
6    163.181.57.232 (London, United Kingdom)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.mncnow.id
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
4    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
Apex Domain
Subdomains		 Transfer
78 okezone.com
techno.okezone.com — Cisco Umbrella Rank: 457960
cdn.okezone.com — Cisco Umbrella Rank: 157995
img.okezone.com — Cisco Umbrella Rank: 133437
sindikasi.okezone.com — Cisco Umbrella Rank: 174634
2 MB
40 googlesyndication.com
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 273
231 KB
26 criteo.net
static.criteo.net — Cisco Umbrella Rank: 636
pix.eu.criteo.net — Cisco Umbrella Rank: 8597
csm.eu.criteo.net — Cisco Umbrella Rank: 8499
380 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
bid.g.doubleclick.net — Cisco Umbrella Rank: 435
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299
453 KB
15 gstatic.com
csi.gstatic.com
fonts.gstatic.com
48 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 2852
59 KB
8 visionplus.id
www.visionplus.id — Cisco Umbrella Rank: 155091
cluster-images.visionplus.id — Cisco Umbrella Rank: 203859
92 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 76
2 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 402
mug.criteo.com — Cisco Umbrella Rank: 2810
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12829
ads.eu.criteo.com — Cisco Umbrella Rank: 8466
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10279
54 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
339 KB
6 mncnow.id
static.mncnow.id — Cisco Umbrella Rank: 175125
228 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
7 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3308
onesignal.com — Cisco Umbrella Rank: 1213
img.onesignal.com — Cisco Umbrella Rank: 7300
87 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 406
ajax.googleapis.com — Cisco Umbrella Rank: 284
160 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 457
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431
image6.pubmatic.com — Cisco Umbrella Rank: 647
t.pubmatic.com — Cisco Umbrella Rank: 3545
112 KB
4 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 10952
certify.alexametrics.com — Cisco Umbrella Rank: 6150
10 KB
4 rctiplus.id
static.rctiplus.id — Cisco Umbrella Rank: 97485
69 KB
4 stakingsmile.com
stakingsmile.com — Cisco Umbrella Rank: 79340
28 KB
3 indozone.news
statics.indozone.news — Cisco Umbrella Rank: 316998
139 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 877
r4---sn-4g5edn6k.c.2mdn.net — Cisco Umbrella Rank: 408641
2 MB
3 google.de
www.google.de — Cisco Umbrella Rank: 6301
adservice.google.de — Cisco Umbrella Rank: 8962
1 KB
2 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
95 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 784
40 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 191
88 KB
2 rctiplus.com
www.rctiplus.com — Cisco Umbrella Rank: 133845
analytics.rctiplus.com — Cisco Umbrella Rank: 190583
7 KB
2 affinitymatrix.com
cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 39960
121 KB
2 affinity.com
hbs.ph.affinity.com — Cisco Umbrella Rank: 43341
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 208
5 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 344
392 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1385
339 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 456
628 B
1 sportstars.id
img.sportstars.id — Cisco Umbrella Rank: 172088
19 KB
1 idxchannel.com
img.idxchannel.com — Cisco Umbrella Rank: 180632
15 KB
1 celebrities.id
img.celebrities.id — Cisco Umbrella Rank: 187719
26 KB
1 sindonews.net
pict.sindonews.net — Cisco Umbrella Rank: 41173
49 KB
1 inews.co.id
img.inews.co.id — Cisco Umbrella Rank: 110191
60 KB
1 mnctrijaya.com
www.mnctrijaya.com — Cisco Umbrella Rank: 202895
27 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 389
2 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
464 B
0 rlcdn.com Failed
api.rlcdn.com Failed
0 mncdigital.id Failed
account.mncdigital.id Failed
296 41
Domain Requested by
50 cdn.okezone.com techno.okezone.com
cdn.okezone.com
sindikasi.okezone.com
19 img.okezone.com techno.okezone.com
17 pix.eu.criteo.net ads.eu.criteo.com
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
www.googletagservices.com
15 securepubads.g.doubleclick.net techno.okezone.com
securepubads.g.doubleclick.net
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
www.visionplus.id
www.googletagservices.com
12 csi.gstatic.com securepubads.g.doubleclick.net
imasdk.googleapis.com
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 static.criteo.net ads.eu.criteo.com
7 www.visionplus.id cdn.okezone.com
www.visionplus.id
7 www.googletagmanager.com techno.okezone.com
www.googletagmanager.com
www.rctiplus.com
www.visionplus.id
6 static.mncnow.id www.visionplus.id
6 sb.scorecardresearch.com techno.okezone.com
www.visionplus.id
www.rctiplus.com
6 techno.okezone.com 1 redirects cdn.okezone.com
5 www.google.com techno.okezone.com
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 googleads.g.doubleclick.net
4 ade.googlesyndication.com
4 static.rctiplus.id www.rctiplus.com
4 stats.g.doubleclick.net www.google-analytics.com
4 stakingsmile.com techno.okezone.com
stakingsmile.com
3 statics.indozone.news www.rctiplus.com
3 fonts.gstatic.com fonts.googleapis.com
3 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sindikasi.okezone.com cdn.okezone.com
3 onesignal.com cdn.onesignal.com
2 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.rctiplus.com
certify-js.alexametrics.com
2 certify.alexametrics.com www.rctiplus.com
www.visionplus.id
2 certify-js.alexametrics.com techno.okezone.com
www.visionplus.id
2 csm.eu.criteo.net ads.eu.criteo.com
2 r4---sn-4g5edn6k.c.2mdn.net
2 unpkg.com 1 redirects sindikasi.okezone.com
2 imasdk.googleapis.com 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
2 fonts.googleapis.com 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
cdnjs.cloudflare.com
2 www.googletagservices.com 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 cdn4-hbs.affinitymatrix.com hbs.ph.affinity.com
2 mug.criteo.com techno.okezone.com
2 gum.criteo.com 1 redirects
2 hbs.ph.affinity.com techno.okezone.com
cdn4-hbs.affinitymatrix.com
2 ads.pubmatic.com techno.okezone.com
ads.pubmatic.com
2 cdn.onesignal.com techno.okezone.com
cdn.onesignal.com
1 t.pubmatic.com ads.pubmatic.com
1 googleads4.g.doubleclick.net
1 8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cluster-images.visionplus.id www.visionplus.id
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 ajax.googleapis.com www.visionplus.id
1 gcdn.2mdn.net 1 redirects
1 analytics.rctiplus.com www.rctiplus.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 img.sportstars.id sindikasi.okezone.com
1 img.idxchannel.com sindikasi.okezone.com
1 img.celebrities.id sindikasi.okezone.com
1 pict.sindonews.net sindikasi.okezone.com
1 img.inews.co.id sindikasi.okezone.com
1 www.mnctrijaya.com sindikasi.okezone.com
1 ads.eu.criteo.com 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com techno.okezone.com
1 www.rctiplus.com cdn.okezone.com
1 cdn.jsdelivr.net cdn4-hbs.affinitymatrix.com
1 image6.pubmatic.com ads.pubmatic.com
1 img.onesignal.com techno.okezone.com
1 static.adsafeprotected.com stakingsmile.com
1 www.google.de techno.okezone.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 region1.google-analytics.com www.googletagmanager.com
0 api.rlcdn.com Failed ads.pubmatic.com
0 account.mncdigital.id Failed techno.okezone.com
296 73
Subject Issuer Validity Valid
*.okezone.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-29 -
2022-10-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
stakingsmile.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.ph.affinity.com
Go Daddy Secure Certificate Authority - G2		 2022-04-08 -
2023-05-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.affinitymatrix.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.visionplus.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-30 -
2022-11-29		 a year crt.sh
*.rctiplus.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-24 -
2023-08-24		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
mnctrijaya.com
Amazon		 2021-11-10 -
2022-12-09		 a year crt.sh
*.inews.co.id
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-06-28		 a year crt.sh
*.sindonews.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-27 -
2023-03-30		 a year crt.sh
*.celebrities.id
Sectigo RSA Domain Validation Secure Server CA		 2022-02-27 -
2023-02-27		 a year crt.sh
*.idxchannel.com
AlphaSSL CA - SHA256 - G2		 2022-06-08 -
2023-07-10		 a year crt.sh
*.sportstars.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-28 -
2023-04-28		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.rctiplus.id
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-29 -
2023-08-29		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
*.mncnow.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-19 -
2022-11-18		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-09-20 -
2022-11-29		 2 months crt.sh

This page contains 16 frames:

Primary Page: https://techno.okezone.com/
Frame ID: 62E8119B8F634AB3C1E27A304E77214C
Requests: 118 HTTP requests in this frame

Frame: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27BA61BCA2ADAA0DB7B5EB50DD95E7C0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 138D45346AA77869CFC397AFCEC85845
Requests: 2 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Frame ID: 69BCC85A880BE156C0F627406CDEB27D
Requests: 21 HTTP requests in this frame

Frame: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Frame ID: B273326C2C43BF51354C1E44A2FD14E7
Requests: 40 HTTP requests in this frame

Frame: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Frame ID: CA9CF88B6F302CBA2B3C5E1E30ED880B
Requests: 17 HTTP requests in this frame

Frame: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84E689DADAF22171088EE8E208E21564
Requests: 11 HTTP requests in this frame

Frame: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20DDD95B06C2ECED298E2A25BBA7871F
Requests: 34 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Frame ID: 38CCF9E90B12102E0C9F22C82AA42D5F
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FD705F65F2F8D52D7E9E6F9EC5805AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38609748FA58DE49E278F0F08DE6E042
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 216B72434E90688393F1CF068A99EE90
Requests: 3 HTTP requests in this frame

Frame: https://8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 32FCA7392E8DA08793F188A9CC11E857
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Frame ID: 555E8DD9E2EA8F755D3341678082FF31
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC8959525B471E540CC7E5CB65FB12AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D61017CAE2D973918E1CFA3AA2A797E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Okezone Techno :: Berita Teknologi Dan Science Terbaru

Page URL History Show full URLs

  1. http://techno.okezone.com/ HTTP 301
    https://techno.okezone.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

296
Requests

98 %
HTTPS

64 %
IPv6

41
Domains

73
Subdomains

66
IPs

8
Countries

6417 kB
Transfer

10951 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://techno.okezone.com/ HTTP 301
    https://techno.okezone.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftechno.okezone.com%2F&domain=techno.okezone.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GiSIM3xmRG5GUTdXa1dtdFFuYzJuVkU0WWtvakl3Mm5WMkF4MFczczFFS1lOY2VyMFduSnB0SkVBN0VmQ3o3YVF5dnBiSjdBYytSZllIS09ML2NkSlhydzhwSm9MWVk2ZUtFNDlYY0xmMFV3MndtTnp2RWxyQ1ArRzRrbHpUbXA0SVdyRkUzSk80T3FUOFVmaXdRSG5weUtuS0MzRnppQi9KbFhxZVpHbUEyZU1BOUxEaTZoa3R3WU9HbitBd3BQeE1JVjAzQVBtdFJ6ckpOQy9VT1VEVWRhZEJJSUFHYzBIVG9hNXV4NzcxVmwrbVFkM1pUckRUZ2liNHQ2bGlWcUlSNWp0fA&cppv=2
Request Chain 153
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.2/swiper-bundle.min.js
Request Chain 181
  • https://gcdn.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2F3ADAC2C9A945D013045AB65831D18158338EC8.4890F0098004F6FCC48AD51B58502A3831D348FA/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/368595F0DFD21A5610C65C47CB6839D4DB2CC9A3.098A30F06DA534D36BD722F61F26B7C4B423DF55/key/cms1/cms_redirect/yes/mh/Wy/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1664675825/mv/m/mvi/4/pl/49/file/file.mp4

296 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
techno.okezone.com/
Redirect Chain
  • http://techno.okezone.com/
  • https://techno.okezone.com/
175 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ce00:9:b40:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4043207c027bee663fb754e88de36fdcc9888b47cc40bc8d51878afe860e3f23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 02 Oct 2022 02:04:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding,User-Agent
via
1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
x-amz-cf-id
va8NidicPmYfepW0E_7Wy682LvaA5WXYeEn2V0OZcHPjriWF8Kss-A==
x-amz-cf-pop
ZAG50-C1
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sun, 02 Oct 2022 02:04:49 GMT
Location
https://techno.okezone.com/
Server
CloudFront
Via
1.1 0921eae154c93e666b192fa267ea4bfa.cloudfront.net (CloudFront)
X-Amz-Cf-Id
HwuBaQE9lSFobOWOHu4ygSnRHoY_BmR3JlKU0ioUpKpCoav9iAv6Hw==
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
style.min.css
cdn.okezone.com/underwood/revamp/2018/home/css/01/ 		592 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3cf071ea3a0a29d5437d49a30f784dbf27e88439918e13bb64aebdef4a79a4f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
606709
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"62d500a9-941f5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
content-length
89587
x-amz-cf-id
47MK_UaXYp-BYxeejPcWtHPnjnhrunpWYJROIPYE-kbBai1v71FVKg==
expires
Thu, 27 Oct 2022 16:39:53 GMT
widget-desktop-ai-ml.css
cdn.okezone.com/underwood/revamp/2022/widget-ai-ml/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2022/widget-ai-ml/css/widget-desktop-ai-ml.css
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6e1c92aa22ec38716d7b92171ab1e79ead281b8e0ca603147fa691a35dff8412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
18953
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"630870d8-4a09"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
content-length
2820
x-amz-cf-id
JcqZ3AS5c7cPyoK-nhfljg4MAVRCxIA6VMCIAoS7Fw9L2wF4fVDjww==
expires
Tue, 25 Oct 2022 07:38:42 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
597
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7539dea1c83f6910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 02:04:50 GMT
mncdig.min.js
account.mncdigital.id/public/js/ 		0
0
ic_logo.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/ic_logo.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bfc4a082238c7c4304d0a8fcf6038061ac3bb3ac9defceddb43048c1ad7e8a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 09:01:04 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
147826
etag
"616410db-514"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1300
x-amz-cf-id
2pYhWdf1fz00jYJe2vQwT5xddr3J1j9ua8TbuPVvmzq1LCcELGtfQw==
expires
Thu, 27 Oct 2022 09:59:41 GMT
pengguna-windows-patut-waspada-ada-malware-bersembunyi-untuk-spionase-j8hVGJ6X0O.jpg
img.okezone.com/okz/400/content/2022/10/01/54/2678693/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/54/2678693/pengguna-windows-patut-waspada-ada-malware-bersembunyi-untuk-spionase-j8hVGJ6X0O.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
85bf37cfa1e9edb285b6e25c897634b1f6de256dfe144c8ce3b47c8678a8acf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
13468
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 06:07:30 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/54/2678693/pengguna-windows-patut-waspada-ada-malware-bersembunyi-untuk-spionase-j8hVGJ6X0O.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/54/2678693/pengguna-windows-patut-waspada-ada-malware-bersembunyi-untuk-spionase-j8hVGJ6X0O.jpg>; rel="canonical"
x-amz-cf-id
60bJVlhLEmPUSixag4F4xc8flydG2dubSpO2Tb8_gvfgiyXg0Iuc4w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-v2.min.js
cdn.okezone.com/underwood/revamp/2017/home/js/01/ 		317 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c562ac1e333810fb5f9ae057ae04a344a93223e5a48e8a1d1a3b2ec45230eebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
324709
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-DGVmCt1aX7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2188419
content-length
93760
x-amz-cf-id
N37p6rt1313pgZnNZv5_vilwydSGxxryMD_i_mp_TrjTo1BHWm0hGg==
expires
Thu, 27 Oct 2022 09:58:30 GMT
swiper.min.js
cdn.okezone.com/underwood/revamp/2022/widget-ai-ml/js/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2022/widget-ai-ml/js/swiper.min.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
59d0448c99f92ed37f9533a859e5a3c4147b0709cffcd16b470f6f4a9ad420d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
139493
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-QVcjeAZjeA"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2212193
content-length
35314
x-amz-cf-id
vb5o_VnRld_D2EAiuf0mMBhXRLOepErOIGHgvdIN-D8j4stIuKfrWQ==
expires
Thu, 27 Oct 2022 16:34:44 GMT
widget-iframe-master.js
cdn.okezone.com/underwood/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/js/widget-iframe-master.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
de2fb3d2acf464261b4f8c94155b6125b0820968a24bdc9bc7e89242ccbd8736
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
2200
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-cN_Y6b1iZZ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
max-age=2212203
content-length
659
x-amz-cf-id
3HEd5wDMPaJ70FZUTwjIBSRFTwftwsh2fSC31TdhMJdnAxOVYw6I8Q==
expires
Thu, 27 Oct 2022 16:34:55 GMT
socket.js
cdn.okezone.com/underwood/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/js/socket.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bf8e07403675e702d9fed6b5bb43783814e6d00d21b55648f382eed3d4385cdd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 09:01:04 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
2571
x-amz-cf-pop
PRG50-C1
age
147826
x-cache
Hit from cloudfront
content-length
644
server
nginx/1.20.1
etag
W/"PSA-aj-E2AmE_Ge0m"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2359969
x-amz-cf-id
V_4df-B7KDSxzFxvhmAZaZ_KYTAD4tW5JtKSkBwr-PMrY0S2VtaEUQ==
expires
Thu, 27 Oct 2022 16:33:54 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06e0840356c4d63f37b7ef9760c3402b98216a420c434fa62717af36b8120158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51328
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 05:28:17 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
74222
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
JGEWe6rNi2otwT5pDyHOzKQD8wE5n35FkZ45MqLU9NSLh1KdRNIQ5Q==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159495/2450/ 		319 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74e98b74615da62276a4eab5d14fffb18d6203c5856ca228fd9ac64f74241df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:40:27 GMT
server
Apache
etag
"10a1230-4fddc-5cf4f080d1f93"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=79946
accept-ranges
bytes
content-length
99148
expires
Mon, 03 Oct 2022 00:17:16 GMT
v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
stakingsmile.com/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stakingsmile.com/v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
190e4b7ffae4aab1377589a8d8094364013943831b0e0e390179470f5c5bcfb3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 02 Oct 2022 02:04:50 GMT
x-datacenter
gce-europe-west1
etag
"cfc76b47a036541e02ad0c3b09772de86371d835cd4441768708690fcc651601"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.php
hbs.ph.affinity.com/v5/okezone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbs.ph.affinity.com/v5/okezone.com/index.php?t=292
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-131.aus.us.siteprotect.com
Software
nginx / PHP/7.3.6
Resource Hash
c21423e8304f6f42925063298ed5820f5b1b8089657d26db30639ea33322236c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 02:04:51 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.3.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/Javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
Expires
Mon, 02 Oct 2023 02:04:51 GMT
icon.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/icon.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e2aabe43d885a6052148686b4a661cdc9e394c5df79f31e6baef859d28899a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410e1-580"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1408
x-amz-cf-id
gwWOOI4UUoIK47QfRwj73aRA3UkW4rUVQxo8Cvu0YbtYz17P7U_25A==
expires
Tue, 01 Nov 2022 02:04:51 GMT
icon-dropdown.png
cdn.okezone.com/www/2016/img/ 		230 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/www/2016/img/icon-dropdown.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aa0a295660f159606aaf184459c2efdce0b9674411905b0884707cce4ce23234
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:27:05 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"61641179-e6"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
230
x-amz-cf-id
wG1TQQFQ3x4p4zg7tPrTm_9GK7FwzIvEwyOOEv-peXE9KNTRjq0C5w==
expires
Tue, 01 Nov 2022 02:04:50 GMT
roboto-bold-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-bold-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
71cedce3e82185a1b5ffe23f4b4b2ae2f32b26c7616719ab631731d520881b8a

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-48f4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
18676
x-amz-cf-id
NJ7oWO5uiOSHPH39wvbUMpj_numH8I-Q8VNvlhVjODi4aMdihhjWIQ==
expires
Tue, 01 Nov 2022 02:04:51 GMT
overpass-regular-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-regular-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0623c22d7c4c71a3f6a7829e7936d3970d1bc62ed20b0dd35cd7a048c1029a23

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-59a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
22948
x-amz-cf-id
4HUR3u6d1chNd6qTYUEL0QGGuLl5EftobRUmy8_XtR-Vb7kqsC1_LA==
expires
Tue, 01 Nov 2022 02:04:51 GMT
search.png
cdn.okezone.com/m/2016/img/ 		368 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/m/2016/img/search.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
86c4b6c92752f01e526244a3b1f0faa63efe5d1cfceaec8b73025ff297732459
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:38 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410aa-170"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
368
x-amz-cf-id
tS4nXGrYaMo9crdZazKYd7XZP4qJU56scl1iXArFqqDFe5uZTV5Acg==
expires
Tue, 01 Nov 2022 02:04:51 GMT
follow-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		192 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/follow-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7368b808366157c04aa433a1e913bcf2e07584dbf09a3578b3278b24afcbc197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410dd-c0"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
192
x-amz-cf-id
6s-6Qfxsn7KrNTh-MOALD0VqqGygvWrihF7m59oFMM9kW5P2wsBfuA==
expires
Sun, 30 Oct 2022 17:43:58 GMT
fb-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		413 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/fb-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
47f1e5908be88e33fff7ed5e8684786b914edfe5c39d324c4a78d535e78436e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410dd-19d"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
413
x-amz-cf-id
5Yez-s_b_KIg3HEoknYe89UduLiCT1WWzl6XRhLO3LYcRSM5W-nCxA==
expires
Thu, 27 Oct 2022 16:56:41 GMT
twitter-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		489 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/twitter-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2905f6466b563cfab96451f14df6a914a6c09c2bdf1dc21914025c0017e24610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410dc-1e9"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
489
x-amz-cf-id
XAhsCzB6qVbuCDRW-ow7Ykeqpw-nmCQGi_KN337orCuqsgJLjGpc7A==
expires
Thu, 27 Oct 2022 16:36:28 GMT
gplus-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		589 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/gplus-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f0e55db35d3396494019102a8d1413a0740e848e07070cd213a6930aae984449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410dc-24d"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
589
x-amz-cf-id
ItZKR5ajJyKhC9F90FITjLmIeVlnKRR_8CDZ2uSM3dX1FT2FhdKxUA==
expires
Sun, 30 Oct 2022 19:00:49 GMT
ig-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		538 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/ig-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
296e4fa6895898a2b00b59108fda4d3aa48f156ea7ee4627012b8580969af3ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410de-21a"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
538
x-amz-cf-id
FdUDAOjnXONVqS8Jqef5hZLSvHzsK_0-0Je8ffgKEY-3OSXQ96LVPg==
expires
Sun, 30 Oct 2022 23:00:58 GMT
logo-techno.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-techno.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
4c02a6b037e6a848cb04cf9278a10d8b51a8e1eed7b101bc67d469205435b031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
7700
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-EyA4KCEKmm"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2480568
accept-ranges
bytes
content-length
4443
x-amz-cf-id
PTOk5_Y5g-NPj8vqX_kiNL5Agj8-zL0j3oL_-XM0huIQ_mk4k2YXig==
expires
Sun, 30 Oct 2022 19:07:40 GMT
5-fakta-menarik-ustaz-dakwah-di-mobile-legends-hingga-ada-yang-mualaf-lObmRAeJxj.jpg
img.okezone.com/okz/400/content/2022/10/01/326/2678652/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/326/2678652/5-fakta-menarik-ustaz-dakwah-di-mobile-legends-hingga-ada-yang-mualaf-lObmRAeJxj.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6e7d7dbb3c9ccc637deec1fb720f631d35a779c885b948e8b587f5ec1be8fe25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
12690
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 03:53:19 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/326/2678652/5-fakta-menarik-ustaz-dakwah-di-mobile-legends-hingga-ada-yang-mualaf-lObmRAeJxj.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/326/2678652/5-fakta-menarik-ustaz-dakwah-di-mobile-legends-hingga-ada-yang-mualaf-lObmRAeJxj.jpg>; rel="canonical"
x-amz-cf-id
TVGPP60ASAeqZY15CsN2YIflG7STVIqW3EDsgltuj5nmiXLUVyJtLg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-EhnXchtwac.jpg
img.okezone.com/okz/400/content/2022/10/01/54/2678620/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/54/2678620/anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-EhnXchtwac.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b890961787caff4d51d234dfa6e577e54288ab9d94bff2e39f3305ffc44e7a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
34369
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 02:23:02 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/54/2678620/anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-EhnXchtwac.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/54/2678620/anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-EhnXchtwac.jpg>; rel="canonical"
x-amz-cf-id
WNwdAy3Wm8jwCa6_qB-Gdi_hol60kHPnNRk-1iLnfRUjLjB4QldFig==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lokasi-yang-dipercaya-jadi-bukti-sejarah-alien-pernah-mampir-ke-bumi-nxpKSt6ABS.jpg
img.okezone.com/okz/400/content/2022/09/30/56/2678354/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/09/30/56/2678354/lokasi-yang-dipercaya-jadi-bukti-sejarah-alien-pernah-mampir-ke-bumi-nxpKSt6ABS.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fc30949e989cdeab9f8bd7b005a708c8d63c76bbe0b898b1dca404509bbe5e68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
18854
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 30 Sep 2022 10:49:01 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/09/30/56/2678354/lokasi-yang-dipercaya-jadi-bukti-sejarah-alien-pernah-mampir-ke-bumi-nxpKSt6ABS.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/09/30/56/2678354/lokasi-yang-dipercaya-jadi-bukti-sejarah-alien-pernah-mampir-ke-bumi-nxpKSt6ABS.jpg>; rel="canonical"
x-amz-cf-id
kmI9WKBwFvbD-PVjKqm0CwaupAoNKMz7vMxJYqnCykwk0B43R620ew==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ukraina-tuding-rusia-bakal-lakukan-serangan-siber-besar-besaran-rk5c3tCjzs.jpg
img.okezone.com/okz/400/content/2022/09/30/54/2678080/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/09/30/54/2678080/ukraina-tuding-rusia-bakal-lakukan-serangan-siber-besar-besaran-rk5c3tCjzs.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8a5d0db5f595c7e4832bcf3089a065fcb90c9cd0523f81ec3dd9e1e6e2743c0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
14158
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 30 Sep 2022 06:44:25 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/09/30/54/2678080/ukraina-tuding-rusia-bakal-lakukan-serangan-siber-besar-besaran-rk5c3tCjzs.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/09/30/54/2678080/ukraina-tuding-rusia-bakal-lakukan-serangan-siber-besar-besaran-rk5c3tCjzs.jpg>; rel="canonical"
x-amz-cf-id
WdaHavyQSqbvcj5VaRzRzYhel9qRCDTF2GiKbQlxSPCQJ6lMiTBbgw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-ihPHOZfWmG.jpg
img.okezone.com/content/2022/10/01/56/2678886/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/10/01/56/2678886/populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-ihPHOZfWmG.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
03d8d64eb3f875a18128b7dfab5392ed3fb8a1c59de4d0ffa1950d625c4591a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
47345
x-xss-protection
1; mode=block
last-modified
Sat, 01 Oct 2022 15:07:22 GMT
server
nginx/1.20.1
etag
"633857aa-b8f1"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/10/01/56/2678886/populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-ihPHOZfWmG.jpg>; rel="canonical"
x-amz-cf-id
wuZ1aHZx9_21CNlzSM0LAloap5TL7EWyzw_lLYpzORy3O6-tsatQ-Q==
expires
Mon, 02 Oct 2023 02:04:51 GMT
fakta-menakjubkan-laut-merah-dan-laut-mati-berdasarkan-alquran-dan-sains-KUJTuZjiMq.jpg
img.okezone.com/content/2022/09/30/56/2678432/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/09/30/56/2678432/fakta-menakjubkan-laut-merah-dan-laut-mati-berdasarkan-alquran-dan-sains-KUJTuZjiMq.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
533fee721f0db54d48861c00cc0d3acd0461490324cd810613760cc7d49d93cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
67471
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 12:29:39 GMT
server
nginx/1.20.1
etag
"6336e133-1078f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/09/30/56/2678432/fakta-menakjubkan-laut-merah-dan-laut-mati-berdasarkan-alquran-dan-sains-KUJTuZjiMq.jpg>; rel="canonical"
x-amz-cf-id
LGBx1apauL_9Vd6OpjM4gHjE4zw3W0isIZjfPy6COn1o3RWHAVLJSg==
expires
Mon, 02 Oct 2023 02:04:51 GMT
bos-qualcomm-yakin-kualitas-kamera-smartphone-bakal-lampaui-dslr-U8ey6f3zJv.jpg
img.okezone.com/content/2022/10/01/57/2678750/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/10/01/57/2678750/bos-qualcomm-yakin-kualitas-kamera-smartphone-bakal-lampaui-dslr-U8ey6f3zJv.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fba4c9a965e67a5e3ae192cb2d54ae1078a26a422776551c6ec78c74039e1849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
30238
x-xss-protection
1; mode=block
last-modified
Sat, 01 Oct 2022 08:30:42 GMT
server
nginx/1.20.1
etag
"6337fab2-761e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/10/01/57/2678750/bos-qualcomm-yakin-kualitas-kamera-smartphone-bakal-lampaui-dslr-U8ey6f3zJv.jpg>; rel="canonical"
x-amz-cf-id
KWWdETOyFU7N_BJnhDKl9_2oLvTdwJMQtYecEK9KpiDHyqIZ0Qnj2A==
expires
Mon, 02 Oct 2023 02:04:50 GMT
teknologi-ai-kini-lebih-pintar-dari-manusia-untuk-baca-gerak-bibir-de78SxxKlt.jpg
img.okezone.com/content/2022/10/01/56/2678609/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/10/01/56/2678609/teknologi-ai-kini-lebih-pintar-dari-manusia-untuk-baca-gerak-bibir-de78SxxKlt.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
23818ee2bc8813924d58bddfff423dc1d589e9baf35be3145a3f6fff99a8d11e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
68175
x-xss-protection
1; mode=block
last-modified
Sat, 01 Oct 2022 01:41:26 GMT
server
nginx/1.20.1
etag
"63379ac6-10a4f"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/10/01/56/2678609/teknologi-ai-kini-lebih-pintar-dari-manusia-untuk-baca-gerak-bibir-de78SxxKlt.jpg>; rel="canonical"
x-amz-cf-id
v92E9pV8WOt-oIuJusrT_dEBbNyc-HR4kHPjLNcqItuqYfXeSzLp9A==
expires
Mon, 02 Oct 2023 02:04:51 GMT
5-negara-yang-jadi-target-teratas-serangan-ransomware-PDbyeGdYm8.png
img.okezone.com/content/2022/09/30/54/2677972/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/09/30/54/2677972/5-negara-yang-jadi-target-teratas-serangan-ransomware-PDbyeGdYm8.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
72d19c42ddd90e4aa3a0b26a601c80b9e0ac10f69b4dd25947502644ef82b475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
26682
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 04:29:21 GMT
server
nginx/1.20.1
etag
"633670a1-683a"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/09/30/54/2677972/5-negara-yang-jadi-target-teratas-serangan-ransomware-PDbyeGdYm8.png>; rel="canonical"
x-amz-cf-id
qww6bsED8WZqqaK4guCDbgtDTur5nfhud4mEUXC4BV1O2zi43Szfpg==
expires
Mon, 02 Oct 2023 02:04:50 GMT
anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-dwO38n2P8E.jpg
img.okezone.com/content/2022/10/01/54/2678620/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/10/01/54/2678620/anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-dwO38n2P8E.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c4ef516940e255d2e5fe514d1b52139dab7701f05f0098f2efa2fee2b4edc5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
105592
x-xss-protection
1; mode=block
last-modified
Sat, 01 Oct 2022 02:23:02 GMT
server
nginx/1.20.1
etag
"6337a486-19c78"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/10/01/54/2678620/anonymous-serang-pemerintah-iran-respons-gugurnya-mahsa-amino-dwO38n2P8E.jpg>; rel="canonical"
x-amz-cf-id
hcjwvvHTHr5NgrfdgMjqZbstFnLXAnboZdvgtY9Wnp408mYszsYZHw==
expires
Mon, 02 Oct 2023 02:04:51 GMT
astronom-temukan-kuburan-bintang-mati-di-bima-sakti-YlVBFw6LZm.jpg
img.okezone.com/content/2022/10/01/56/2678709/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/10/01/56/2678709/astronom-temukan-kuburan-bintang-mati-di-bima-sakti-YlVBFw6LZm.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6bc6f3891237e93ef797325783a68771dc40f036d9fad0d865c45984771986ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
68566
x-xss-protection
1; mode=block
last-modified
Sat, 01 Oct 2022 06:47:45 GMT
server
nginx/1.20.1
etag
"6337e291-10bd6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/10/01/56/2678709/astronom-temukan-kuburan-bintang-mati-di-bima-sakti-YlVBFw6LZm.jpg>; rel="canonical"
x-amz-cf-id
DUOs3lANpqvxNSx62V3dSYIYc_IMpPwaveOwvtRcesP2bMd1JGWPXw==
expires
Mon, 02 Oct 2023 02:04:50 GMT
layanan-streaming-game-google-stadia-perlahan-dimatikan-apa-penyebabnya-7X8uRPlkPi.jpg
img.okezone.com/content/2022/09/30/326/2678446/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/09/30/326/2678446/layanan-streaming-game-google-stadia-perlahan-dimatikan-apa-penyebabnya-7X8uRPlkPi.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5a200bbdc989094633d845ccce7cd3103136610973ea12cec1e5ccba665018a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
48781
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 12:48:15 GMT
server
nginx/1.20.1
etag
"6336e58f-be8d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/09/30/326/2678446/layanan-streaming-game-google-stadia-perlahan-dimatikan-apa-penyebabnya-7X8uRPlkPi.jpg>; rel="canonical"
x-amz-cf-id
tBe1w7Uoza9BPJccEp5eHgk6JNLERgLMLbV2ymv7w9pOtC43fl62IQ==
expires
Mon, 02 Oct 2023 02:04:51 GMT
malware-yang-belum-pernah-diketahui-serang-ratusan-perangkat-linux-dan-windows-AHgod30Cd2.jpg
img.okezone.com/content/2022/09/30/54/2678326/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/09/30/54/2678326/malware-yang-belum-pernah-diketahui-serang-ratusan-perangkat-linux-dan-windows-AHgod30Cd2.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b809fe4b5e9f6e6550a9e68813000fc33e78175696588a1f712c5bf0081254a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
61561
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 10:13:02 GMT
server
nginx/1.20.1
etag
"6336c12e-f079"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/09/30/54/2678326/malware-yang-belum-pernah-diketahui-serang-ratusan-perangkat-linux-dan-windows-AHgod30Cd2.jpg>; rel="canonical"
x-amz-cf-id
QBBPNRdi57XCivsvlofiJeF6xFrwvFqIghIKnHAQFzY29oR9lXVEsw==
expires
Mon, 02 Oct 2023 02:04:51 GMT
daftar-7-aplikasi-pemblokir-iklan-terbaik-di-android-ez6mPMWraM.jpg
img.okezone.com/content/2022/09/30/57/2678004/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2022/09/30/57/2678004/daftar-7-aplikasi-pemblokir-iklan-terbaik-di-android-ez6mPMWraM.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bc2c48cbaf4f8387f3353865d624c68470d1ec9513bb04153118a4937d3da640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
32571
x-xss-protection
1; mode=block
last-modified
Fri, 30 Sep 2022 04:59:04 GMT
server
nginx/1.20.1
etag
"63367798-7f3b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2022/09/30/57/2678004/daftar-7-aplikasi-pemblokir-iklan-terbaik-di-android-ez6mPMWraM.jpg>; rel="canonical"
x-amz-cf-id
yHiYEmcTydvUI7iGPAVFup4xZ-226CKmQWgPmOowkBf6QtCI2W7pCA==
expires
Mon, 02 Oct 2023 02:04:50 GMT
next.svg
cdn.okezone.com/underwood/revamp/2019/img/headline/ 		936 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/img/headline/next.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8612cda75121d16330a454458c073c53e3699308f447b08f61933ef607d63046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:31 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"616410df-3a8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
cHjxOvlQ7G9Qoix7c3N8N1173OlocugQYWAnnwiSIx5CCo1hlNXWvQ==
expires
Tue, 01 Nov 2022 02:04:51 GMT
prev.svg
cdn.okezone.com/underwood/revamp/2019/img/headline/ 		928 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/img/headline/prev.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9ef45f12c8c70e0efce63fc8c0d0f0ea366521da05593a6445b82a9b1e7ae917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:31 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"616410df-3a0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-amz-cf-id
Y9DaNon4NtNm4jKyVXEgAsDWBxF7FGuQoNBcKbzmG-m8DdzomTf6vg==
expires
Tue, 01 Nov 2022 02:04:51 GMT
blank.jpg
cdn.okezone.com/underwood/assets/images/ 		283 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/assets/images/blank.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d73436973f27a6dcabafddcfac701b2344365280b98232296fc1cbce26ea5332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
x-original-content-length
338
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
283
x-xss-protection
1; mode=block
server
nginx/1.20.1
etag
W/"PSA-aj-U0NTfkTMsj"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2479847
accept-ranges
bytes
link
<http://cdn.okezone.com/underwood/assets/images/blank.jpg>; rel="canonical"
x-amz-cf-id
qG2ztmdJPOUsYiLXrd6vVA--oLlke3WAXKnQ5LdKf3nHg-TL-v8ZKw==
expires
Sun, 30 Oct 2022 18:55:38 GMT
roboto-medium-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-medium-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f7cec4cd8f2b83766b6c8c4bd514186c5e23e96e6d327546ff7ac2c80bfc02c2

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:45 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b1-492c"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
18732
x-amz-cf-id
MGjscTpFYW9ZEyr_7-9kDXCFHEH-Gt1RLIyqrQj76FNsYPGlILrByw==
expires
Tue, 01 Nov 2022 02:04:51 GMT
roboto-regular-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-regular-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d92f2d3f9c6dbf5571b787b387034f121fa55b4b22c66ae057531b4a038b20de

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-4a48"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
19016
x-amz-cf-id
ir70V4Xa94n6VDE1O9WDd9GKAHj3qpJi1AzndcdRzB06ZD_rmmGonw==
expires
Tue, 01 Nov 2022 02:04:51 GMT
overpass-light-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-light-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
66669a175c1a9f1c8424abeaa084e340b621abb65c375e117b21a164e76d9acc

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-61c0"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
25024
x-amz-cf-id
1d8u67TbAp4PBPXOcs5uD4mnwvYyr1Sm5P1NKXF237Lv21hnMPrvlw==
expires
Tue, 01 Nov 2022 02:04:51 GMT
overpass-bold-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-bold-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
05684cf92cad6ae0e8e53e2de7ef08e0f6bfe8ef337779f99f9af4d0215a1041

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-5858"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
22616
x-amz-cf-id
GjiLmjHiyco7bmUyZl9q9URNly5BTIpBkCJs5ix5gL80ohqh0OwHbQ==
expires
Tue, 01 Nov 2022 02:04:51 GMT
logo-wp-footer.svg
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-wp-footer.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
002dc3cce74f753869c357fb411cd7df90d6bb0c96dc7cc569875947161bede9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"616410e1-2bd9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
Mt9QfbshBLin-gcJRu3bGryruVNg15d8fTDBXzmZ6MKb1ejUUl7YRA==
expires
Tue, 01 Nov 2022 02:04:51 GMT
sprites-fot.png
cdn.okezone.com/underwood/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/img/sprites-fot.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f786379a23ccc3bd7bd84111b2b2237a7e759ad40fb0628214b292119bac4779
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:25:21 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"61641111-e73"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3699
x-amz-cf-id
9fPq1qI0rl1A1VMLTfJSFhN5Tnmt7AI33GMPpa0-dVnuKaOf-VSr4w==
expires
Tue, 01 Nov 2022 02:04:51 GMT
mnc-media-log.png
cdn.okezone.com/underwood/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/img/mnc-media-log.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b47ec721017e692a55cea350222c082fe654f140a289ba22b932806350ad4346
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:25:20 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"61641110-8c4"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2244
x-amz-cf-id
V2rrH2Yr4KNYgtcSYxDgCiq22bYu46T1OOWTpreaqqk8xX0PGaKh6Q==
expires
Tue, 01 Nov 2022 02:04:51 GMT
play-normal.png
cdn.okezone.com//underwood/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com//underwood/img/play-normal.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ecca83e1c4d9a1de89b4afec8843dce564b8c3f5061aefb451818a3318e5b9ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"61641110-84d"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2125
x-amz-cf-id
CpSM4w73tF5zOEOFv13iIoZe142qcN8GUFCoSYTyquUNWUtEbbZVvw==
expires
Sun, 23 Oct 2022 00:30:42 GMT
ajax-loader.gif
cdn.okezone.com/news/news_2015a/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/news/news_2015a/img/ajax-loader.gif
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"6164114b-a30"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2608
x-amz-cf-id
Tj6c8UdeXjQjN4omfkymCeII4ba1SRHJwNeWhBHas5k0JnbiM37_qA==
expires
Sun, 30 Oct 2022 15:40:05 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
599
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7539dea248a96910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Oct 2022 02:04:50 GMT
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1664676290929&ns_c=UTF-8&c7=https%3A%2F%2Ftechno.okezone.com%2F&c8=Okezone%20Techno%20%3A%3A%20Berita%20Teknologi%20Dan%20Science%20Terbaru&c9=
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
4X-KLPLU6nnr2IJwxTaTLJHSMb4S91ordCLJNrQhHCvxK3k_WXZ24w==
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 00:27:31 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5840
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 02 Oct 2022 02:27:31 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c40205243a2a0f4d13bd1f9c539cfceeb687e751bda06f2a66b38750582c2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75676
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 02 Oct 2022 02:04:50 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftechno.okezone.com%2F&domain=techno.okezone.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://techno.okezone.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 02 Oct 2022 02:04:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
486444
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftechno.okezone.com%2F&domain=techno.okezone.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=GiSIM3xmRG5GUTdXa1dtdFFuYzJuVkU0WWtvakl3Mm5WMkF4MFczczFFS1lOY2VyMFduSnB0SkVBN0VmQ3o3YVF5dnBiSjdBYytSZllIS09ML2NkSlhydzhwSm9MWVk2ZUtFNDlYY0xmMFV3MndtTnp2RWxyQ1ArRzRrbH...
367 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GiSIM3xmRG5GUTdXa1dtdFFuYzJuVkU0WWtvakl3Mm5WMkF4MFczczFFS1lOY2VyMFduSnB0SkVBN0VmQ3o3YVF5dnBiSjdBYytSZllIS09ML2NkSlhydzhwSm9MWVk2ZUtFNDlYY0xmMFV3MndtTnp2RWxyQ1ArRzRrbHpUbXA0SVdyRkUzSk80T3FUOFVmaXdRSG5weUtuS0MzRnppQi9KbFhxZVpHbUEyZU1BOUxEaTZoa3R3WU9HbitBd3BQeE1JVjAzQVBtdFJ6ckpOQy9VT1VEVWRhZEJJSUFHYzBIVG9hNXV4NzcxVmwrbVFkM1pUckRUZ2liNHQ2bGlWcUlSNWp0fA&cppv=2
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f0f3ab18d074dc103f09bc1913a7d5526c1697e607b4e980bcd9a05ddd6a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1072561
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=GiSIM3xmRG5GUTdXa1dtdFFuYzJuVkU0WWtvakl3Mm5WMkF4MFczczFFS1lOY2VyMFduSnB0SkVBN0VmQ3o3YVF5dnBiSjdBYytSZllIS09ML2NkSlhydzhwSm9MWVk2ZUtFNDlYY0xmMFV3MndtTnp2RWxyQ1ArRzRrbHpUbXA0SVdyRkUzSk80T3FUOFVmaXdRSG5weUtuS0MzRnppQi9KbFhxZVpHbUEyZU1BOUxEaTZoa3R3WU9HbitBd3BQeE1JVjAzQVBtdFJ6ckpOQy9VT1VEVWRhZEJJSUFHYzBIVG9hNXV4NzcxVmwrbVFkM1pUckRUZ2liNHQ2bGlWcUlSNWp0fA&cppv=2
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
683913
content-length
0
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae388e90d1d107bada200f4a5aed66e979bc034fa6ebe7c45aa3fbecdcde0e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27695
x-xss-protection
0
server
sffe
etag
"1351 / 605 of 1000 / last-modified: 1664575578"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Oct 2022 02:04:51 GMT
web
onesignal.com/api/v1/sync/d8030541-4f75-4d3b-b8fa-7ab7d403b807/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d8030541-4f75-4d3b-b8fa-7ab7d403b807/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04cf6db1a239aaef15506fbf376288956662389c50544c6328e1c300383951a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
29
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
72a62bde-f979-4ceb-8d20-a3f3570c5da6
x-runtime
0.028005
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c04cf6db1a239aaef15506fbf3762889"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7539dea2c9146910-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 02 Oct 2022 03:04:51 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=2oe9s0&_p=249405341&cid=1345555137.1664676291&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664676291&sct=1&seg=0&dl=https%3A%2F%2Ftechno.okezone.com%2F&dt=Okezone%20Techno%20%3A%3A%20Berita%20Teknologi%20Dan%20Science%20Terbaru&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=249405341&t=pageview&_s=1&dl=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Techno%20%3A%3A%20Berita%20Teknologi%20Dan%20Science%20Terbaru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1221967269&gjid=1659620733&cid=1345555137.1664676291&tid=UA-82922228-1&_gid=445768872.1664676291&_r=1&gtm=2wg9s0T7STHLB&z=693834663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=249405341&t=pageview&_s=1&dl=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Techno%20%3A%3A%20Berita%20Teknologi%20Dan%20Science%20Terbaru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1267557470&gjid=292028499&cid=1345555137.1664676291&tid=UA-153789817-1&_gid=445768872.1664676291&_r=1&gtm=2wg9s0T7STHLB&cd5=GTM-T7STHLB&cd6=1664676290940.ncsvggsh&cd8=2022-10-02T02%3A04%3A50.940%2B00%3A00&cd9=gtm.js&cd7=1345555137.1664676291&z=1462142337
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022092801.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 18:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130694
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 01 Oct 2023 18:29:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		667 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=techno.okezone.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce27a4b27dcd244e6e70e4b8b9ad304f65f35a7731759cccf6dba55602bb1a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
expires
Sun, 02 Oct 2022 02:04:51 GMT
16
techno.okezone.com/leftsidebar/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://techno.okezone.com/leftsidebar/16
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ce00:9:b40:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
74170063b14d881042515e86b3c4008753d36009a02986c35e624b32e2935560

Request headers

Accept
*/*
Referer
https://techno.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-robots-tag
noindex, nofollow
x-amz-cf-id
kPhfUC376FUU1kKUeuzyRr2acUBP7L9HqtHP4u1LTNCrsGyJPpSeOQ==
home
techno.okezone.com/rightsidebar/16/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://techno.okezone.com/rightsidebar/16/home?page=
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ce00:9:b40:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2c4c8a333ecdc81159e60a056f7e6a6d9fe8d62b765d49e8fc63e37801778224

Request headers

Accept
*/*
Referer
https://techno.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-robots-tag
noindex, nofollow
x-amz-cf-id
DfGfbH9Yu-CAPvfBttcSkteoCuuLbI1hg5pPgqgdR9_2ovG34BaDYQ==
okezoneid
techno.okezone.com/ 		460 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://techno.okezone.com/okezoneid
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ce00:9:b40:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5b36e8cd3e78df87297869d8eba190459f3e4aadc20d8d68042c51b594dfe7a4

Request headers

Accept
*/*
Referer
https://techno.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
content-encoding
gzip
via
1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
x-amz-cf-id
ty5pSszU5ZYF7EzC0n0rpw2bTyZY6vSQ9ymazblEXuPizKZRDLjhXA==
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-153789817-1&cid=1345555137.1664676291&jid=1267557470&gjid=292028499&_gid=445768872.1664676291&_u=YADAAEABAAAAAC~&z=386343836
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-82922228-1&cid=1345555137.1664676291&jid=1221967269&gjid=1659620733&_gid=445768872.1664676291&_u=YADAAEAAAAAAAC~&z=386751098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techno.okezone.com
date
Sun, 02 Oct 2022 02:04:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 01:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3213
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23582
x-xss-protection
0
server
cafe
etag
15429574133646473231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 02:11:18 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-82922228-1&cid=1345555137.1664676291&jid=1221967269&_u=YADAAEAAAAAAAC~&z=1938662668
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-82922228-1&cid=1345555137.1664676291&jid=1221967269&_u=YADAAEAAAAAAAC~&z=1938662668
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GiSIM3xmRG5GUTdXa1dtdFFuYzJuVkU0WWtvakl3Mm5WMkF4MFczczFFS1lOY2VyMFduSnB0SkVBN0VmQ3o3YVF5dnBiSjdBYytSZllIS09ML2NkSlhydzhwSm9MWVk2ZUtFNDlYY0xmMFV3MndtTnp2RWxyQ1ArRzRrbHpUbXA0SVdyRkUzSk80T3FUOFVmaXdRSG5weUtuS0MzRnppQi9KbFhxZVpHbUEyZU1BOUxEaTZoa3R3WU9HbitBd3BQeE1JVjAzQVBtdFJ6ckpOQy9VT1VEVWRhZEJJSUFHYzBIVG9hNXV4NzcxVmwrbVFkM1pUckRUZ2liNHQ2bGlWcUlSNWp0fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 02 Oct 2022 02:04:51 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
541560
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
skeleton.js
static.adsafeprotected.com/ 		17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: stakingsmile.com
URL: https://stakingsmile.com/v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
8035432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
5yV3GqkdcW2XXsytwFU3r3TX7sCKceoh0FzoKTH41KNCDJ49uUSVyg==
widgetrctiplus
sindikasi.okezone.com/widget/iframe/ 		203 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetrctiplus
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
a3d0fabedbb1a297fa42e5ef2a6e9bb77faba22076ba496daa6dc41119b75c31

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
server
Apache/2.4.9 (Unix)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
203
x-amz-cf-id
TdhokQPlaptEJfLxJI1q5YjFQFiwiDAJi3ngTZWRFdCcye1z45PswA==
widgetvisionplus
sindikasi.okezone.com/widget/iframe/ 		96 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetvisionplus
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
b13d659bcfe51fb1385d2e72f25b007a26d42a6899c4fc342bbb59a83180428f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
server
Apache/2.4.9 (Unix)
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
96
x-amz-cf-id
AG8hCscvAMt8kR7kkhfeSq_vUZ1Q09P3liRHmpp5g-POL8QZkgGVeA==
populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-XKIUKMRaDD.jpg
img.okezone.com/okz/400/content/2022/10/01/56/2678886/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/56/2678886/populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-XKIUKMRaDD.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a3c199d9806c265577f45e9bf26f2eed5c50d383801e578be49d9037fe20769d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
12139
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 15:07:22 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/56/2678886/populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-XKIUKMRaDD.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/56/2678886/populer-science-tanda-kiamat-di-timur-tengah-hingga-pesawat-nasa-tabrak-asteroid-XKIUKMRaDD.jpg>; rel="canonical"
x-amz-cf-id
yuIqQ45x6vuYQPOLMfAGjOh7XdQXQj622LmSB_-PUC5hqNC1vf5coA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2.js
cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/v2.js
Requested by
Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/okezone.com/index.php?t=292
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b-d.bitgravity.com
Software
v/6.5.0/6.5.14/v13fra1-www / PHP/7.3.6
Resource Hash
925484a7a64b0dbeeeb8bc856c5f4f29feae9fbe37a5720fb443042155c81f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-version
9
date
Tue, 27 Sep 2022 10:14:49 GMT
content-encoding
gzip
server
v/6.5.0/6.5.14/v13fra1-www
age
402857
x-tata-request-id
527f7d71ed7ba14fb07d037dac61be9c, 527f7d71ed7ba14fb07d037dac61be9c
x-powered-by
PHP/7.3.6
vary
Accept-Encoding
x-cache
HIT,v13fra1
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22673
expires
Mon, 02 Oct 2023 02:04:51 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
594
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7539dea5fbdd92a5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 01 Nov 2022 02:04:51 GMT
v2tubZXQe_RGACzGQ8uz7g6YqcD7V9vzOhxY7B4KJvpdUAKAFsQTUP3_TW_hjCO4N2mnk_SZA
stakingsmile.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stakingsmile.com/v2tubZXQe_RGACzGQ8uz7g6YqcD7V9vzOhxY7B4KJvpdUAKAFsQTUP3_TW_hjCO4N2mnk_SZA
Requested by
Host: stakingsmile.com
URL: https://stakingsmile.com/v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c09d1131e248bddfe45698bae72ed42b885541830eea3ef8590c46dd0f8f93b1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techno.okezone.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 02 Oct 2022 02:04:50 GMT
v2tubZXQe_RGACzGQ8uz7g6YqcD7V9vzOhxY7B4KJvpdUAKAFsQTUP3_TW_hjCO4N2mnk_SZA
stakingsmile.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stakingsmile.com/v2tubZXQe_RGACzGQ8uz7g6YqcD7V9vzOhxY7B4KJvpdUAKAFsQTUP3_TW_hjCO4N2mnk_SZA
Requested by
Host: stakingsmile.com
URL: https://stakingsmile.com/v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3a16acd984b671fef725ea202e1290e43c9eb1728d92e8a1343b3f1381a5e90f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techno.okezone.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 02 Oct 2022 02:04:50 GMT
icon
onesignal.com/api/v1/apps/d8030541-4f75-4d3b-b8fa-7ab7d403b807/ 		192 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d8030541-4f75-4d3b-b8fa-7ab7d403b807/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ac0240429fc5f6051e7901c8e752fc7d8980df6a75093cf460274e6a83d859
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f200a28e-6604-4e8c-8944-4c4d363cb578
x-runtime
0.005439
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"c5ac0240429fc5f6051e7901c8e752fc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7539dea71886bbd9-FRA
access-control-allow-headers
SDK-Version
user.png
cdn.okezone.com//m/2016/img/ 		318 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com//m/2016/img/user.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f5a810ce4656cf44e3014891569021111e7469440c181b48557880373bab538d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410aa-13e"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
318
x-amz-cf-id
y4qwGZ59Nb9ajjq5IVEWFNG4F4v5DMG-JI3HO2SjLhCx9klZUL_tog==
expires
Thu, 27 Oct 2022 16:33:58 GMT
logo-celebrity.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-celebrity.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
45eb7187396a9c44dbd8e03e572f10c8c32f9407068e9d1c622e63022925a40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
8077
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-3gdpH_nFTj"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2308265
accept-ranges
bytes
content-length
4648
x-amz-cf-id
mGyo1G-UX_JtPm7Ow301wb6dSiGTQL2xgJtPry2wfgGcxVKSE0aXGA==
expires
Fri, 28 Oct 2022 19:15:57 GMT
pinang-catherine-wilson-setelah-3-bulan-kenal-idham-mase-saya-langsung-jatuh-cinta-LBuP8QMjWV.jpg
img.okezone.com/okz/400/content/2022/10/01/33/2678814/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/33/2678814/pinang-catherine-wilson-setelah-3-bulan-kenal-idham-mase-saya-langsung-jatuh-cinta-LBuP8QMjWV.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e6e060a13d9a377711c95928456e46b463c33eedef20f6a3c2a5ed49b7c5618e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
18248
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 11:19:03 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/33/2678814/pinang-catherine-wilson-setelah-3-bulan-kenal-idham-mase-saya-langsung-jatuh-cinta-LBuP8QMjWV.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/33/2678814/pinang-catherine-wilson-setelah-3-bulan-kenal-idham-mase-saya-langsung-jatuh-cinta-LBuP8QMjWV.jpg>; rel="canonical"
x-amz-cf-id
kEh1iJbcMXvYveY1qjTEfWa-HKfD2jWTbS0nofrCWmLvq09I5n2u0Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-lifestyle.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-lifestyle.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a6f9ed9fafb28e7cd47b00e4a6bcff257d01ea603b4ce3b00dd78529effb5d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
8278
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
W/"PSA-aj-WEBdXDEFBS"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=90513
accept-ranges
bytes
content-length
4824
x-amz-cf-id
3kM2hQNlIvVZ7RaXyB1Vih1SfpCUGAPhaSB4GZraZJ1iYH0Tz8lYCQ==
expires
Mon, 03 Oct 2022 03:13:25 GMT
viral-emak-emak-nangis-dan-robek-foto-rizky-billar-gara-gara-kdrt-ke-lesti-kejora-MmSkMAHBGo.jpg
img.okezone.com/okz/400/content/2022/10/01/612/2678818/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/01/612/2678818/viral-emak-emak-nangis-dan-robek-foto-rizky-billar-gara-gara-kdrt-ke-lesti-kejora-MmSkMAHBGo.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1aabafc656a2f1779f50ca7a7184a5e1ef56999739f7cdb4b542a4a88a1d3a2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
10296
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 01 Oct 2022 11:26:23 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/01/612/2678818/viral-emak-emak-nangis-dan-robek-foto-rizky-billar-gara-gara-kdrt-ke-lesti-kejora-MmSkMAHBGo.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/01/612/2678818/viral-emak-emak-nangis-dan-robek-foto-rizky-billar-gara-gara-kdrt-ke-lesti-kejora-MmSkMAHBGo.jpg>; rel="canonical"
x-amz-cf-id
ibyoxJAorlN8QEpFatL5k7xpcGzRsNGwWrQXeEX6VsSy3Su3Q6szvw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
cdn.okezone.com/underwood/fonts/font-awesome/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:45 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b1-fbd0"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
64464
x-amz-cf-id
EeOz4os5JsAVXbVByOI5pqR_tyDHjzNcTtPIfuARydDrrStjatsNRQ==
expires
Tue, 01 Nov 2022 02:04:51 GMT
widget-logo-celeb.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/widget-logo-celeb.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c9f90c53d41847f2a843e30f3d8dc0286f33369ee3f466c3405e0b3a9ae1c370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410db-56f"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1391
x-amz-cf-id
w1jGVdlokVANW2Vq7gPAmzsrpfa712IpeUJAkC7uLgMbD_KRtLN-Bg==
expires
Thu, 27 Oct 2022 10:40:49 GMT
widget-logo-lifestyle.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/widget-logo-lifestyle.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c94dd39217e522af7ce28abc0191e6468c6dc53f47f8d2f87a30f3d9289b4ecc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410db-651"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1617
x-amz-cf-id
WRV9Jh7JiZ0KjnhkmfVYjVKmM-Kr-mzkUJ_qptxAGL2fy-Ok9F71fA==
expires
Thu, 27 Oct 2022 16:57:05 GMT
affhb.data.js.php
hbs.ph.affinity.com/v5/hvr_man_okezone.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbs.ph.affinity.com/v5/hvr_man_okezone.com/affhb.data.js.php?t=292
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-131.aus.us.siteprotect.com
Software
nginx / PHP/7.3.6
Resource Hash
346ecfe514802dbf36cdfd40881e981cb36553b0f274e4f6426a126e1f68ad7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 02:04:52 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.3.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/Javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
Expires
Mon, 02 Oct 2023 02:04:52 GMT
2e6da72c-86bd-4cbb-8391-e687a85a97d7.png
img.onesignal.com/permanent/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/2e6da72c-86bd-4cbb-8391-e687a85a97d7.png
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87943edd61495f679b4605b4bb2b6cc691e578c9deba7c46cc774eda2ef392c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
x-amz-meta-cache-control
public, maxage=604800
cf-cache-status
MISS
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
RHBFS9XJC9SGEB3H
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4746
x-amz-id-2
c7IogRuuQ4oZAFjhbLHwbT5zWMMIRrWLBQKMHC7QygWP3/S4TKD/Eo7lKWEdsszNszTtXc2vtu/QFPjhfxaxPA==
last-modified
Thu, 20 Feb 2020 07:26:45 GMT
server
cloudflare
etag
"70f091aa0cdc8b0b5c35e48454d3dabd"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7539dea7ad946910-FRA
expires
Wed, 02 Nov 2022 02:04:52 GMT
overpass-italic-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-italic-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a066558aecfa64d506dfdce39305e5d5acb00fcc9733fb45f15ed7a80d3685e9

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2022100209AM
Origin
https://techno.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
etag
"616410b2-6ed0"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
28368
x-amz-cf-id
h1CE92sUFIuTPIQHVNTuBIaTfI3Q6VbQpXiYPIgWOpwVLGCP7L2aWQ==
expires
Tue, 01 Nov 2022 02:04:51 GMT
beritaandawidget
techno.okezone.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://techno.okezone.com/beritaandawidget
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ce00:9:b40:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
23a36e310ba7f21c8876b6a95a0bf59c468eb590b397243aa1dc18d60340cc51

Request headers

Accept
*/*
Referer
https://techno.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
via
1.1 b63f332297d95bccb0f4e41c4aef0ab0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZAG50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-robots-tag
noindex, nofollow
x-amz-cf-id
XsEbN-nCGHZB9LpDVuaoOwNVbIsGl7YTrs7fRcS-lkN6p3Ejc7KZ_g==
bi-sebut-pengelolaan-utang-ri-sekarang-lebih-baik-dibanding-1998-ini-alasannya-BPqXXh5MCy.jpg
img.okezone.com/okz/400/content/2022/10/02/320/2679019/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2022/10/02/320/2679019/bi-sebut-pengelolaan-utang-ri-sekarang-lebih-baik-dibanding-1998-ini-alasannya-BPqXXh5MCy.jpg
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:ec00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cab14cef86a882c678fb751a090e2c6d5e1a6aa0b755eac778d484cd9844e03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:51 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
18628
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 02 Oct 2022 02:01:22 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2022/10/02/320/2679019/bi-sebut-pengelolaan-utang-ri-sekarang-lebih-baik-dibanding-1998-ini-alasannya-BPqXXh5MCy.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2022/10/02/320/2679019/bi-sebut-pengelolaan-utang-ri-sekarang-lebih-baik-dibanding-1998-ini-alasannya-BPqXXh5MCy.jpg>; rel="canonical"
x-amz-cf-id
6_TuQI84xMqCnGWXHz0L98JPvwYquLACfHfbYTxwU4gRMLV6iQlMKw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=techno.okezone.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=techno.okezone.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2199189116031204&correlator=1619061709275684&eid=31068500%2C31070024%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fifs&iu_parts=105246217%2Cokezone%2Cdesktop%2Ctechno%2Chome%2Ctopleaderboard%2Cbillboard%2Crectangle1%2Cgiantrec%2Cbottomrec%2Cleaderboard%2Chorizonad%2Cskinad%2COkezone_Desktop_Interstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9%2C%2F0%2F1%2F2%2F3%2F4%2F10%2C%2F0%2F1%2F2%2F3%2F4%2F11%2C%2F0%2F1%2F2%2F3%2F4%2F12%2C%2F0%2F1%2F2%2F13&prev_iu_szs=728x90%2C970x250%2C300x250%2C300x600%2C300x250%2C728x90%2C1100x50%2C120x600%2C1x1&ifi=1&adks=3824320099%2C1257959940%2C579229931%2C3772684540%2C3742291263%2C3993582874%2C2119085797%2C3788672477%2C3141112520&sfv=1-0-38&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=%7C%7C%7C%7C%7C%7C%7C%7CMPI%3DInterstitial&cust_params=aggr%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1664676291963&lmt=1664676291&dlt=1664676290116&idt=1080&adxs=592%2C280%2C1019%2C1019%2C1019%2C280%2C-12245933%2C150%2C-9&adys=60%2C208%2C233%2C233%2C1017%2C1070%2C-12245933%2C0%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftechno.okezone.com%2F&rumc=2199189116031204&rume=1&frm=20&vis=1&psz=748x0%7C1040x20%7C301x0%7C301x0%7C301x0%7C724x20%7C0x-1%7C120x-1%7C0x-1&msz=728x0%7C1040x0%7C301x0%7C301x0%7C301x0%7C724x0%7C0x-1%7C120x-1%7C0x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C644%2C516%2C2&ohw=748%2C1040%2C1600%2C1600%2C1600%2C724%2C1600%2C1600%2C0&ga_vid=1345555137.1664676291&ga_sid=1664676292&ga_hid=249405341&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b074bef3a038bdfd16ae677e47fea8a1b26d9ec944b79577189e2da27d9f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26336
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27BA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:52 GMT
expires
Mon, 02 Oct 2023 02:04:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022092801.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022092801.js?cb=31070024
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32b7afae904111614af9002270ba549d9d316e0355439981a120f05e3b0fa4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 18:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 01 Oct 2023 18:29:24 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 138D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112112
content-encoding
gzip
content-length
13946
content-type
text/html
date
Sun, 02 Oct 2022 02:04:51 GMT
expires
Mon, 03 Oct 2022 09:13:23 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l8qpa6y0&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.9=1.1pq~13.1rk~2.1se~9.0~3_1.2dv~7_1.0~7_2.0~7_3.0~7_4.0~7_5.0~7_6.0~7_7.0~7_8.0~7_9.0&met.3=947.1sl~74.1sm_1~947.1sn~43.1sn~74.1sn~947.1sn~43.1sn~74.1sn~947.1sn~43.1sn~74.1sn~947.1sn~43.1sn~74.1sn~947.1sn~43.1sn~74.1so~947.1so~43.1so~74.1so~947.1so~43.1so~74.1so~947.1so~43.1so~73.1so~49.1so~947.1sp~43.1sp~947.1sp~6.1sp~947.1sp~7.1sp~91.1sp~947.1sp~1.1sp~947.1sp~573.1sp~579.1sp~597.1sp~54.1sp~579.1sp~593.1sp~581.1sp~52.1sp~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~579.1sq~597.1sq~54.1sq~579.1sq~593.1sq~581.1sq~52.1sq~51.1sq~947.1su~947.1su~573.1su~54.1su~598.1su~54.1su~54.1su~598.1su~54.1su~598.1su~54.1su~54.1su~598.1su~54.1su~598.1su~54.1su~598.1su~54.1su~54.1su~598.1su~54.1su~598.1su~54.1su~598.1sv~54.1sv~598.1sv~54.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~598.1sv~54.1sv~947.1sy~573.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~947.1sy~573.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~947.1sy~573.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~579.1sy~597.1sy~95.1sy_1~947.1sz~573.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~947.1sz~573.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~579.1sz~597.1sz~77.1sl_e~724.1t0~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~724.1t1~112.1tm_2~947.1vy~573.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~579.1vy~597.1vy~95.1vy~76.1vx_1~334.1wb~947.280~86.280~947.280~86.280~76.280~947.283~573.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~581.283~54.283~598.283~76.282_2~947.28y~573.28y~579.28y~597.28y~579.28y~597.28y~579.28y~597.28y~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~76.28y_1~947.28z~573.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~579.28z~597.28z~76.28z_1~947.290~573.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~579.290~597.290~76.290_1~947.2d6~95.2d5_4~894.2db~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~808.2dw~947.2dz~95.2dy~947.2dz~95.2dz~947.2dz~95.2dz~947.2e2~95.2e2~947.2e2~95.2e2~947.2e2~95.2e2~340.2ej&met.10=1_6.IKoSEAAIABiAmHUoAQ~1_2.IKoSEAAIABiAmHUoAQ~1_7.IKoSEAAIABiAmHUoAA~1_8.IKoSEAAIABiAmHUoAQ~1_1.IKoSEAAIABiAmHUoAQ&met.7=CBsQCMAB4-PfjAY~CBsQByDYCTiNBcABwbGTmg4~CBsQByDZCTjOAsAB-rGBlQU~CBsQCiDuCTjTBcAB0d74gg0~CBsQCiDuCTjuBcABp7XGZA~CBsQBiDuCTjMBcAB8PiA_AE~CBsQBiDuCTimB8ABlKnU_Qg~CBsQCiDuCTjNBcABi_bRUQ~CBsQCiDuCTjyB8ABseygxwk~CBsQCiDvCTjlBcABrM_V_AU~CBsQChgBIPUOKPUOMNcPOGLAAdWe06YM~CBsQCiD1DjhUwAHRmKGXCQ~CBsQCiD1DjiNAcABxu3WxAc~CBsQCiD1DjjUAcABh8eigwQ~CBsQAiCIDziZAsAB1NnLmQU~CBsQAiCJDziqAsAB-b7IwQs~CBsQAiCJDzinAsAB7dD0-gY~CBsQAiCJDziZA8ABwOKy4AI~CBsQAiCKDzioA8ABmsmsmw8~CBsQAiCLDzivA8ABm_Tlnw0~CBsQAiCMDzjgAcABzL6BUg~CBsQCiD4Dzg0wAGi4bD4Ag~CBsQBiCFEDgSwAHV2LT9Dw~CBsQCiCPEDh1wAHZ67DzCg~CBsQChgBIJAQKJAQMOAQOFDAAYzV2OsE~CDsQChgBIKoQKKoQMKAROHZAqhBIxRBQxRBY7BBg0xBo7BBwkRF429oBgAGv2AGIAcz-BLABAbgBA8AB4s3qlgk~CBsQCiC9EDhSwAHvs6uIDQ~CBsQDSCOEThuwAGAkfKHCA~CBsQDSCUEThowAGAkfKHCA~CA4QChgBIK8RKK8RMIASOFFQrxFY0BFgrxFo0BFw3xF4sv8HgAGG_QeIAY_IF7ABAbgBA8AB0OmX2Q4~CDwQDRgBILERKLERMOwRODtQsRFY0RFgsRFo0RFw6xF4nwSAAfMBiAGbBbABAbgBA8AB6NSvzQk~CCgQChgBIKQSKKQSMLUSOBFopBJwtBJ4yroBgAGeuAGIAfj2A7ABAbgBA8ABm-H6cA~CCgQDRgBIP0RKP0RMMcSOEvAAeKygLkD~CCgQDRgBIP0RKP0RMMgSOEvAAeKygLkD~CBsQCiDvCTidCcAB07b1iw8~CBsQBhgBIMkSKMkSMI0TOERAyhJIyhJQyhJY8RJg2BJo8hJwjBN41gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBhgBIMoSKMoSMI4TOERAyhJIyhJQyhJY8hJg2RJo8hJwjRN41gKAASqIASqwAQG4AQPAAf23jOYB~CBsQAiCKDzi-BMABubvqvw0~CBsQBiDVDzifBMAB9JPlsQQ~CBsQCiD2DjjKBMABtqjGowg~CBsQCiCZEziNAcABrIjYww0~CBsQAiCJDzjmBcABnca0cg~CBsQByDLFDgcwAG8oc7CDw~CBsQAiCJDzj_BcABlqLo-Qs~CBsQDSCmEDjvBMAB4eudzQQ~~~CBsQBiCzFDjCAcABkOKWFA~CBsQAiCJDzjxBsABvrOl2A8~CBsQDSCuEzjPAsAB7JCAkws~CBsQAiCJDzj5BsAB1rLIxQY~CBsQDSCuEzjWAsAB1d6h7As~CBsQAiCKDziCB8ABnsf01Aw~CBsQDSDvETiiBMABgqDf2Aw~CBsQAiCKDzibB8ABtaKrtgs~CBsQDSDtETi4BMABjYjihAI~CBsQCiC5FDjsAcAB7a-A9AE~CBsQDSDuETjxBMAB2fXIlws~CBsQAiCKDzinCMABrdGy9wc~CBsQBiCSFjjQAcABsNi39QY~CBsQAiCqFjjBAcAB3NbGtAQ~CBsQAiCpFjjGAcAB-MjI-Qk~CBsQDSCiEjjPBcAB8bXgGA~CBsQBiC4FjjTAcABtviDCg~CCgQChgBIJYYKJYYMKgYOBNolxhwpxh4m2-AAe9siAGdqQKwAQG4AQPAAbre4uAI
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 138D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28961117&p=159495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-length
0
prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/ 		315 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Requested by
Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hvr_man_okezone.com/affhb.data.js.php?t=292
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b-d.bitgravity.com
Software
v/6.5.0/6.5.14/v13fra1-www /
Resource Hash
633065559d5e0556e61e092d53e39bffac867f7ea0b728cafd0d7a7313e5c3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-version
9
date
Thu, 22 Sep 2022 12:11:57 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 14:40:11 GMT
server
v/6.5.0/6.5.14/v13fra1-www
age
905467
x-tata-request-id
a35bee990d89345365be7f96bac5859b, a35bee990d89345365be7f96bac5859b
vary
Accept-Encoding
x-cache
HIT,v13fra1
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
100555
expires
Mon, 02 Oct 2023 02:04:52 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221002
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39837
x-jsd-version
1.0.1479
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-itm18830-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-Do8HjAt3pxrrXCdwF7oD/629uEM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp1DkhSTCq9gutIGdYmB8PlTh6W5zenAUu4a3%2Bcda9kykVsIdVHVgnNa%2F9yZuSNNPBxgXZ%2Fhf3CXLMN6%2Bt0JtzLQuMeITJBA5xGWTYcgy2SWkF4NtgD4sdZHs9Cuh%2FQyppn3a0uViBEvH82JMek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7539deab9ab55c20-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0042bde63d86338d48ab6ddeed2abae3a51d24be9734b5e292c08adfc695b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11181
x-xss-protection
0
vertikal
sindikasi.okezone.com/widget/portal/okezone/ Frame 69BC 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
04c54662d2768c19955ce3f2bb29e6768abb8b75567901edab3f4be03cefc14e

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sun, 02 Oct 2022 02:04:52 GMT
server
Apache/2.4.9 (Unix)
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-id
kmhqCF0ivJaUBUJmKqfeUPXNv_QSaZmXHikz_n2ZJV75ksiVXUKyWA==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
ind.html
www.visionplus.id/filmsx/mystoriesk/ Frame B273 		22 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Sun, 02 Oct 2022 02:04:52 GMT
etag
W/"631e9a8b-57ed"
expires
Sun, 02 Oct 2022 02:04:51 GMT
last-modified
Sunday, 02-Oct-2022 02:04:52 GMT
server
nginx
vary
Accept-Encoding
najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah
www.rctiplus.com/hiburan/3001791/ Frame CA9C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.228 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / Dark Phoenix
Resource Hash
92299e36e723f40784498bd4546d83cd4777a2dff60ee0b8bfbc8c8d03e7e7b3

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1664676292
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 02 Oct 2022 02:04:52 GMT
EagleId
4f85b19d16646762924812479e
Server
Tengine
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
Via
cache9.l2de2[510,510,200-0,M], cache25.l2de2[511,0], cache4.de3[513,513,200-0,M], cache9.de3[514,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Powered-By
Dark Phoenix
X-Robots-Tag
noindex
X-Swift-CacheTime
0
X-Swift-SaveTime
Sun, 02 Oct 2022 02:04:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=techno.okezone.com&doc=complete&pg_h=7782&pg_w=1600&pg_hs=7782&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~l8qpa7iy&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.7=CBsQBiDvFjjDAcABkLzW_Q0~CBsQBiC4Fjj8AcABs-DR7wo~CC8QBxgBIIIYKIIYMMQYOEJAghhIgxhQgxhYqhhgkRhoqxhwwxh4kAOAAWSIAWuwAQG4AQPAAe21srAK~CBsQBSCeGDgZwAHG8oPQBg~CC8QBxgBIIMYKIMYMIUZOIIBQIMYSIMYUIMYWNEYYJ8YaNIYcIQZeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBsQARgBIKwYKKwYMJ0ZOHHAAaSg_KUH~CBsQDSDuFjjhAsAB2dWSlwI~CBsQBRgBIJUYKJUYMIcaOPEBQJcYSPkYUPkYWMgZYJUZaMgZcIYaeNAagAGkGIgBzi-wAQG4AQPAAbqVn4sD~CBsQBiDFFjjbA8ABl8OyqgI~CBsQCiDBFjirBMAB5IW5iwU~CBsQCiDvGjgiwAHJ_oqjAg~CBsQCDixG8AB4-PfjAY&met.3=76.2nl~94.2pc~947.2pl~573.2pl~598.2pl~598.2pl~598.2pl~598.2pl~598.2pl~598.2pl~598.2pl~598.2pl~598.2pl~113.2pk_2~646.2po_1~646.2po~646.2pp~646.2pp~646.2pp~646.2pp~646.2pp~646.2pp~646.2pp~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2pq~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2ps~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~800.2pt~801.2py~825.2py~801.2py~825.2py~801.2py~825.2py~801.2py~825.2py~801.2py~825.2py~801.2py~825.2py~801.2py~825.2py~801.2py~355.2py~825.2py~801.2pz~355.2pz~825.2pz~801.2pz~355.2pz~825.2pz~801.2pz~355.2pz~825.2pz~801.2pz~355.2pz~825.2pz~801.2pz~355.2pz~825.2pz~801.2pz~355.2pz~825.2pz~598.2pz~54.2pz~581.2pz~54.2pz~598.2pz~598.2q0~581.2q0~598.2q0~54.2q0~54.2q0~598.2q0~583.2q0~947.2q0~573.2q0~598.2q0~581.2q0~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q2~573.2q2~598.2q2~581.2q2~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q3~598.2q3~581.2q3~947.2q3~573.2q4~598.2q4~581.2q4~947.2q4~573.2q4~598.2q4~581.2q4~708.2pz_5~598.2q5~54.2q5~581.2q5~54.2q5~598.2q5~598.2q5~581.2q5~598.2q5~54.2q5~54.2q5~598.2q5~583.2q5~947.2q5~573.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~581.2q5~947.2q5~573.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~581.2q5~947.2q5~573.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~54.2q5~598.2q5~581.2q5~947.2q5~573.2q5~598.2q5~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~581.2q6~947.2q6~573.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q6~54.2q6~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q7~573.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~54.2q7~598.2q7~581.2q7~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~581.2q8~947.2q8~573.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8~54.2q8~598.2q8&met.1=1.l8qpa54e~6.8m~7.8n~8.8n~9.8n~10.ai~11.9i~12.ai~13.yb~14.yj~15.ye~16.1w8~17.1wa~18.1wa~19.2p3~20.2p3~21.2pd~22.1hd~23.1hd&met.9=4_1.2po~5_1.2pt~5_4.2py~5_5.2py~5_6.2py~5_7.2py~5_8.2py~5_9.2py&qqid.1=COKYtLi6wPoCFeNM5Qod6x4Idg&qqid.2=COuetri6wPoCFeNM5Qod6x4Idg&qqid.3=COyetri6wPoCFeNM5Qod6x4Idg&qqid.4=COWYtLi6wPoCFeNM5Qod6x4Idg&qqid.5=COaYtLi6wPoCFeNM5Qod6x4Idg&qqid.6=COeYtLi6wPoCFeNM5Qod6x4Idg&qqid.7=COiYtLi6wPoCFeNM5Qod6x4Idg&qqid.8=COmYtLi6wPoCFeNM5Qod6x4Idg&qqid.9=COqYtLi6wPoCFeNM5Qod6x4Idg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~l8qpa7um&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.3=581.2q9~947.2q9~573.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~581.2q9~947.2q9~573.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~581.2q9~947.2q9~573.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~581.2q9~947.2q9~573.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~581.2q9~708.2q5_5~598.2q9~54.2q9~581.2q9~54.2q9~598.2q9~598.2q9~581.2q9~598.2q9~54.2q9~54.2q9~598.2q9~583.2q9~947.2q9~573.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~54.2q9~598.2q9~581.2q9~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~581.2qa~947.2qa~573.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qa~54.2qa~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qb~573.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~54.2qb~598.2qb~581.2qb~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~54.2qc~598.2qc~581.2qc~947.2qc~573.2qc~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~947.2qd~573.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~54.2qd~598.2qd~581.2qd~708.2q9_4~598.2qd~54.2qd~581.2qd~54.2qd~598.2qd~598.2qd~581.2qd~598.2qe~54.2qe~54.2qe~598.2qe~583.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qe~573.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~54.2qe~598.2qe~581.2qe~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf~581.2qf~947.2qf~573.2qf~598.2qf~54.2qf~598.2qf~54.2qf~598.2qf
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=4~l8qpa7ut&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.3=54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~581.2qg~947.2qg~573.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~581.2qg~947.2qg~573.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~581.2qg~947.2qg~573.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~581.2qg~947.2qg~573.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~54.2qg~598.2qg~581.2qg~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qh~573.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~54.2qh~598.2qh~581.2qh~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~581.2qi~947.2qi~573.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qi~598.2qi~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~947.2qj~573.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~947.2qj~573.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~947.2qj~573.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~947.2qj~573.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~708.2qd_6~598.2qj~54.2qj~581.2qj~54.2qj~598.2qj~598.2qj~581.2qj~598.2qj~54.2qj~54.2qj~598.2qj~583.2qj~947.2qj~573.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~54.2qj~598.2qj~581.2qj~708.2qj~598.2qj~54.2qj~581.2qj~54.2qj~598.2qj~598.2qj~581.2qj~598.2qk~54.2qk~54.2qk~598.2qk~583.2qk~947.2qk~573.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~54.2qk~598.2qk~581.2qk~947.2ql~573.2ql~598.2ql~54.2ql~598.2ql~54.2ql~598.2ql~54.2ql~598.2ql~54.2ql~598.2ql~54.2ql~598.2ql~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~54.2qm~598.2qm~581.2qm~947.2qm~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~581.2qn~947.2qn~573.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn~54.2qn~598.2qn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:52 GMT
expires
Mon, 02 Oct 2023 02:04:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20DD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:52 GMT
expires
Mon, 02 Oct 2023 02:04:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=5~l8qpa7v2&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.3=54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~581.2qo~947.2qo~573.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~581.2qo~947.2qo~573.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~54.2qo~598.2qo~581.2qo~947.2qo~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~54.2qp~598.2qp~581.2qp~947.2qp~573.2qp~598.2qp~54.2qp~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~947.2qq~573.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~54.2qq~598.2qq~581.2qq~708.2qj_7~598.2qq~54.2qq~581.2qq~583.2qq~51.2qq~54.2qq~598.2qq~708.2qq~801.2r1~825.2r1~801.2r1~825.2r1~801.2r1~355.2r1~825.2r1~801.2r1~355.2r1~825.2r1~598.2r1~54.2r1~54.2r1~598.2r1~598.2r1~54.2r1~598.2r1~583.2r1~947.2r1~573.2r1~598.2r1~54.2r1~598.2r1~581.2r1~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r2~598.2r2~581.2r2~947.2r2~573.2r2~598.2r2~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~947.2r3~573.2r3~598.2r3~54.2r3~598.2r3~581.2r3~708.2r1_3~598.2r4~54.2r4~54.2r4~598.2r4~598.2r4~54.2r4~598.2r4~583.2r4~947.2r4~573.2r4~598.2r4~54.2r4~598.2r4~54.2r4~598.2r4~581.2r4~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5&met.9=5_2.2qs~5_3.2qx
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 02:04:52 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 84E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CujumxPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgT9AU_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWu3M3vSEyKzWqNe6F8zxVpnR6t5u-cGafNoCcUxI-7a4Bka9TwKTvgBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODcyNDYwNzM1MDI1Mjk4GJmXFg&sigh=2EsElwUdPrk&uach_m=[UACH]&cid=CAQSPwCsnQUxZCbrtd8kILZH_FiOPgn8wwi8dHn86rlC_KSJ5e4-367Oar5sjKQMHlfgnvyxtS41KoRmb1WEql-jVxgBIBM
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 84E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kp2jDuv_CsoH-gGdg2ICAgAAAM1Wijaj-OLcCTmO2xDD8Thj3N5r2Ft0P9ZhLF4AEgAA&wp=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
286053
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 38CC 		182 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
696054c034565f11d975d1bc7b5ea85f12b1cb419698cfcce55a6d43690d086e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:52 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JVfzyQoE9uafnH7Xcr6NQ3lPrql93TvxD0NLxXLpnLeBjKoDsW-fTZCCaMUqzMd4OaMKlHdbuSff1qm97xsuX20sjfesXwfe69EN9Q1yHPUgdgx6aS2C3jb0ei7EQZ3oseRqdj9on4bCougnS0lm08luIZeviUfjEovS4fYECJoXJIa4ZyjX7btv3DEU3sMq-cVe06I8K1ECESdGPX9h4jjY38X189-NA4KQ2B0CnUcdbQJtXyMgZWiCdiE"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
98514761
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 84E6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 01:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 01:28:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 84E6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 00:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 00:56:23 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 84E6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 15:28:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Sep 2023 15:28:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84E6 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 02:04:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 20DD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 00:33:15 GMT
css
fonts.googleapis.com/ Frame 20DD 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 01:49:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 02:04:52 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/ Frame 20DD 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.css
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 13:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 10:44:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 13:30:52 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/ Frame 20DD 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2722b3b38a720fd300ee4ea4d72936749f7b6f1ae29317e083f5aa738f30b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 13:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126740
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 10:44:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 13:30:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 20DD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 00:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 00:56:23 GMT
l
www.google.com/ads/measurement/ Frame 20DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTa7Mng2H8swc7C3fHvYeEs4OPohWcgtVnHYm5L4ERGq7zSaJWytDdvdXwrWPh5IaT5MCw9
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FD7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
216766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 13:52:06 GMT
expires
Fri, 29 Sep 2023 13:52:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3860 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a670a99ce14a11d11848d562b2d382cf13d130f77ac14e926d739667ad752aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gV7maposXXizecMw8-C4_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techno.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-gV7maposXXizecMw8-C4_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:52 GMT
expires
Sun, 02 Oct 2022 02:04:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame 0FD7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 11:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 11:47:31 GMT
truncated
/ Frame 84E6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c24e4740b2cc29150edf021099198d5a48ed854bd8d39c743e999c19837f0441

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 3860 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=2199189116031204&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
v2eivvlZpAsI6Mk1tPt2vEmeYr-iAKo7O3fCprrxSqj9XNGiSrCnv4fsm-eJn4WP0AfgzDKu2oQ
stakingsmile.com/ 		2 B
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stakingsmile.com/v2eivvlZpAsI6Mk1tPt2vEmeYr-iAKo7O3fCprrxSqj9XNGiSrCnv4fsm-eJn4WP0AfgzDKu2oQ
Requested by
Host: stakingsmile.com
URL: https://stakingsmile.com/v2hhryRFJ1Un3Wh2IRSWRTvCafS8YuT8oKpuR0L2HzmvMIORjap3Kfwz6SHllipfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 02 Oct 2022 02:04:52 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techno.okezone.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 02 Oct 2022 02:04:51 GMT
styles.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/ Frame 69BC 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
37497
x-amz-cf-pop
PRG50-C1
age
170721
x-cache
Hit from cloudfront
content-length
1761
server
nginx/1.20.1
etag
W/"PSA-aj-8uD94D-oYB"
vary
Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2382862
x-amz-cf-id
M8UTcWsqO1QPV8YJS1l464KmvbdHm-lArT7MbXf7wHno4grxDNlHfQ==
expires
Thu, 27 Oct 2022 16:33:54 GMT
all.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/ Frame 69BC 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/all.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
73625
x-amz-cf-pop
PRG50-C1
age
170721
x-cache
Hit from cloudfront
content-length
12604
server
nginx/1.20.1
etag
W/"PSA-aj-3fi2KfM5qy"
vary
Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=47211
x-amz-cf-id
PqtXec1MiiWCeNWQPWQssqLlqs461_6gKjkVJXWK2w2BwI_dAEQLlw==
expires
Fri, 30 Sep 2022 15:46:23 GMT
edibjo.jpg
www.mnctrijaya.com/uploads/news/ Frame 69BC 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mnctrijaya.com/uploads/news/edibjo.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:1600:e:c3de:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
35dfd5382bd5380839150df0275f1b75700761f9cf48beca6310a6f57b2ac54b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:00:29 GMT
via
1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
last-modified
Sun, 02 Oct 2022 00:49:59 GMT
server
nginx
x-amz-cf-pop
VIE50-C1
age
262
etag
"6338e037-68f8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26872
x-amz-cf-id
Wg3u4k9I8Mx317JiUcVxtmYlvAhadgxQd1XrX8QGzrZ-Qu7vYEoqdQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mnctrijaya.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/mnctrijaya.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
13116
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-qAx-oOOL5R"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2382864
accept-ranges
bytes
content-length
10422
x-amz-cf-id
amoUD6Y1zUdXugBYASGTHeJhEhBbmrE73LLCmDcGGxQUmmRl-GxxCw==
expires
Thu, 27 Oct 2022 16:33:56 GMT
ilustrasi_rampok.jpg
img.inews.co.id/files/inews_new/2018/07/17/ Frame 69BC 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.inews.co.id/files/inews_new/2018/07/17/ilustrasi_rampok.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:cc00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e6dc9de720a8181f217353a353de17409e84800a4b7b347a2c3ea46772ee3b46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:00:29 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-original-content-length
62487
x-amz-cf-pop
PRG50-C1
age
262
x-cache
Hit from cloudfront
content-length
61263
server
nginx
etag
W/"PSA-aj-d7xKxMT_0l"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315359661
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
OWVYM9L669KkXGwQ2Rk4z9JfOzKvWu4rBNEsVriQTNCkKWkikxOx0g==
expires
Wed, 29 Sep 2032 01:54:51 GMT
inews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/inews.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80d9eee404d64277aedda2b2f4e24e6b45e49cd1fc84d5d0750d20135dee4241

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
1916
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-ItCA29iY0X"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=47243
accept-ranges
bytes
content-length
1902
x-amz-cf-id
I5oTaCNKhCrt3LpJyvkcclqmdLGLDxDKOZAHVhb7tKRd8Bec7ePkrA==
expires
Fri, 30 Sep 2022 15:46:55 GMT
bahas-tragedi-kanjuruhan-polda-jatim-kaji-penggunaan-gas-air-mata-pjx.jpg
pict.sindonews.net/dyn/620/pena/news/2022/10/02/15/901069/ Frame 69BC 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pict.sindonews.net/dyn/620/pena/news/2022/10/02/15/901069/bahas-tragedi-kanjuruhan-polda-jatim-kaji-penggunaan-gas-air-mata-pjx.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2050:3200:1f:4c6b:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f4a72062105c4b544657cb45a2adf0ee475eb65ecd42b3c6c8363a93dc18e291

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
public
date
Sun, 02 Oct 2022 02:04:53 GMT
via
1.1 893fede1f337b016b21f4e67bd00c72e.cloudfront.net (CloudFront)
last-modified
Sun, 02 Oct 2022 02:01:24 GMT
server
nginx
x-amz-cf-pop
BUD50-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
49461
x-amz-cf-id
Uhao987kC3ZRmOXPcyVmyS87Y0_O_cbYE2hx_V7IEQ-c7e0UAdsl8w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sindonews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sindonews.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
4018
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-scGGmu-WOv"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2382862
accept-ranges
bytes
content-length
4016
x-amz-cf-id
aAH9dBWBCdkB2J8IBOAxI1KpNOUk9InBb4PWd0EdvdYJJQdoTbl7bg==
expires
Thu, 27 Oct 2022 16:33:54 GMT
master_I3EE976g0e_730_presiden_jokowi.jpg
img.celebrities.id/okz/800/9x0oC5/ Frame 69BC 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.celebrities.id/okz/800/9x0oC5/master_I3EE976g0e_730_presiden_jokowi.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b2984c31be1e7fbccfd27589fc9deac6bc2c355ecccea1b8d62eb58211e5cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-original-content-length
47684
age
68
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25690
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-ISdfxFDzvu"
x-frame-options
SAMEORIGIN
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=315352376
accept-ranges
bytes
cf-ray
7539deadb9f8917c-FRA
link
<http://img.celebrities.id/okz/800/9x0oC5/master_I3EE976g0e_730_presiden_jokowi.jpg>; rel="canonical"
expires
Tue, 28 Sep 2032 23:57:48 GMT
celebrities.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/celebrities.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
1745
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-YBT1KxLyB6"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=47515
accept-ranges
bytes
content-length
1732
x-amz-cf-id
eQ2cml1QmxH6gBGWv1DFfRSd_HDxE1ohlvhok2x4219V91KRkN03Xw==
expires
Fri, 30 Sep 2022 15:51:27 GMT
wisata_indonesia.jpeg
img.idxchannel.com/media/439/images/idx/2020/07/29/ Frame 69BC 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.idxchannel.com/media/439/images/idx/2020/07/29/wisata_indonesia.jpeg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:f200:15:c3e:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
aaf058010d5b143d47c10d74d52530dc0d8e3418fc9bef67d8191bbb28a2c459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:03:26 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jul 2020 03:45:07 GMT
server
nginx/1.17.2
x-amz-cf-pop
PRG50-C1
age
86
etag
W/"5f20f0c3-1fe5c"
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
14943
x-amz-cf-id
HzHEMTd5GFOp7zlkCIQaEEhGtZ6oPdmXMZ_KyV4R6FyfDIzpWX7MDw==
idx_simple.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/idx_simple.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
13405
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-ynhC4ViFMt"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=47200
accept-ranges
bytes
content-length
4649
x-amz-cf-id
GQyQCd7u-ubU1J4RMBgx4SexSo4L_TJtDNmkMQBlto2ZsMb9uSDPMw==
expires
Fri, 30 Sep 2022 15:46:12 GMT
master_0MzHTq7384_205.jpg
img.sportstars.id//2021/06/4J5V2N/ Frame 69BC 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sportstars.id//2021/06/4J5V2N/master_0MzHTq7384_205.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e451a1926b593707c02f20cdab44b1dfed8aef043eb8d425c92402acadaf7f80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-original-content-length
44053
age
68
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18962
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-J9bxe2bHyv"
x-frame-options
SAMEORIGIN
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7539deae8d3a9bee-FRA
link
<http://img.sportstars.id//2021/06/4J5V2N/master_0MzHTq7384_205.jpg>; rel="canonical"
expires
Mon, 02 Oct 2023 02:04:52 GMT
sportstars.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 69BC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sportstars.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
1845
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
W/"PSA-aj-Py3HXLPLBk"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2382873
accept-ranges
bytes
content-length
1832
x-amz-cf-id
G5S6MW3deQZZSju9TNLpz-UGtQZWK3y-P5X79z9R0Do7Wr1SbgNEfg==
expires
Thu, 27 Oct 2022 16:34:05 GMT
jquery-3.6.0.min.js
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/ Frame 69BC 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/jquery-3.6.0.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
content-encoding
gzip
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
89501
x-amz-cf-pop
PRG50-C1
age
170721
x-cache
Hit from cloudfront
content-length
30812
server
nginx/1.20.1
etag
W/"PSA-aj-vSq_cOaZon"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2382864
x-amz-cf-id
4k27gg0pQMRskaDbJ6V1fr0MrQ0rZSmm-kv-kt20hsR_8KhyjCcT4w==
expires
Thu, 27 Oct 2022 16:33:56 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.4.2/ Frame 69BC
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.2/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.2/swiper-bundle.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b371923804cb98c5b848471f8b716055d223cd8c331bc2bd21ce87a1767dfa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1429958
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GD0K9XEAJTRX2Z67ZTHEY8N6-fra
server
cloudflare
etag
W/"230d2-JeiYYOmqApikOaC9pLPQCIwwqhA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7539deadcb4f9b64-FRA

Redirect headers

date
Sun, 02 Oct 2022 02:04:52 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GEB6Z5NC1HVJMV4JGEQA1YEQ-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
53
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.2/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7539deadab1c9b64-FRA
generate_204
tpc.googlesyndication.com/ Frame 0FD7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ns3VQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
xred.png.pagespeed.ic.jpXU9Y2YLq.png
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/ Frame 69BC 		122 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/xred.png.pagespeed.ic.jpXU9Y2YLq.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-original-content-length
135
x-amz-cf-pop
PRG50-C1
age
170721
x-cache
Hit from cloudfront
content-length
122
x-page-speed
Powered By okezone.com
last-modified
Thu, 22 Sep 2022 01:32:16 GMT
server
nginx/1.20.1
etag
W/"0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
link
<https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/red.png>; rel="canonical"
x-amz-cf-id
rMyNBd2diqQ7nRU0KJSU7KvBTwtgnicN7GIU7QY9jHRwhxighIT4bQ==
expires
Fri, 22 Sep 2023 01:32:16 GMT
Roboto-Medium.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 69BC 		175 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Medium.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
"61b743f1-2bc60"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
179296
x-amz-cf-id
PAERMTALmBwit5geYpfB_PKtWHLnFpUXYh8vK1ELaD9ODgL8kjyuYA==
expires
Sun, 30 Oct 2022 02:39:31 GMT
Roboto-Bold.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 69BC 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Bold.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:28 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
"61b743ec-297ec"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
169964
x-amz-cf-id
-aUT65KnKZU3usYOw_9HKghLcwn32VbwzQD1eVs--KGJa0Pe4hmJWg==
expires
Sun, 30 Oct 2022 02:39:31 GMT
Heebo-Regular.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/ Frame 69BC 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/Heebo-Regular.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9a00:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 02:39:31 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:27 GMT
server
nginx/1.20.1
x-amz-cf-pop
PRG50-C1
age
170721
etag
"61b743eb-8110"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
33040
x-amz-cf-id
u5oDFoIJvtBFIPFrc8hp-INe_DEtwabxZEZaNoeTCLUjZI_UkzObBg==
expires
Sun, 30 Oct 2022 02:39:31 GMT
csi
csi.gstatic.com/ Frame 20DD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l8qpa85n&c=1101766528973&slotId=550883264486.5&qqid=COyetri6wPoCFeNM5Qod6x4Idg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20DD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:59:47 GMT
x-content-type-options
nosniff
age
158705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 05:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20DD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:28:47 GMT
x-content-type-options
nosniff
age
398165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 11:28:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdWBfxPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMByAObBKoE9gFP0MbTon62DEur0sKWkKf_5lm6LXdTjom00EvnbrvrjfKifSldWy4Bdo4bkMJ57ijwweR5EfJtxGIpFO7hhYc2uUlDzP6K5ZjiIggIud6C3yEhxIhk0VrfldkwBcR9SL0lnsm6rfLmNARS2l2YhtYa012sCYpa8abTim0ZPyEyhjtTliePgrAj8iMjxcRRMCVYKozHdnh5vqSEt_PuWO0Kx4y2kZkr0Nv3RQlfWD8MQNCMT_kU7asG8a1OM9QzPRhDdjc5pMVOWjVQL0za3brU8KGgw3SPYyvoLFhisbnUjrEZvujJr3VGBQ8xjryVVPtU89hUiXrABM-N1oOOBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB4AsBgAwBsBOqjt8QyBPdsqXhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1664676292825&ai=CdWBfxPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMByAObBKoE9gFP0MbTon62DEur0sKWkKf_5lm6LXdTjom00EvnbrvrjfKifSldWy4Bdo4bkMJ57ijwweR5EfJtxGIpFO7hhYc2uUlDzP6K5ZjiIggIud6C3yEhxIhk0VrfldkwBcR9SL0lnsm6rfLmNARS2l2YhtYa012sCYpa8abTim0ZPyEyhjtTliePgrAj8iMjxcRRMCVYKozHdnh5vqSEt_PuWO0Kx4y2kZkr0Nv3RQlfWD8MQNCMT_kU7asG8a1OM9QzPRhDdjc5pMVOWjVQL0za3brU8KGgw3SPYyvoLFhisbnUjrEZvujJr3VGBQ8xjryVVPtU89hUiXrABM-N1oOOBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB4AsBgAwBsBOqjt8QyBPdsqXhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 20DD 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AW1DVWVV1szPuLrIm6HszVWzq9p1sA0FL-V03koZUilORMraLVhSpZDSfinrXnAyJpt-yCPbyFfIKaIKu5BnPGmX6VJA&cry=1&dbm_d=AKAmf-CMqPjiAMD90sHndaoq0zCxodz7BwzLrhlOO2DJr94x2S1XDM4RQfmxth2P5jYXOiQ55upsjlIy-tuJjMMVxR80wJK4HqMvPDBwf03LGSv913caGiXf0y2q2DJ_FFTrFWUEaCTfBvdx9G-z6WhCMddpUlXyB2FdwvOHn_P-_nJ2zejmZ25LxmcUWBhLEKVuy4v-1vpxrts2zj1I9Y66N51Zfag6Ot0Ut68kWxy8vtm4GIPSwz9ckbYz7mP8fCssfC2ntgHyS5ouI9gJ2uIz71csEmKbk1SDNp1LxemjMVy2-4_aMhXjEfw94r9XRfBBXgGFs_CpC8pVoLSThUoFyTgnsezflWfER2yt7N_bMtZtoH-Z18FVNVasLIyg8lcY7YD8oootALAYmGVIG5kHuyC2umc-nmiZiySxdJXmLSLQoQKCk7AVgl-taHLFGlQCl6IZWHQRk7iVbJqMtr-h9s8QyuPYVElgLiqa5DTJJoKzs3TWbz8FIVZIA0Ina8znJu1ek2-FZxmcxyd29i1bTfddlBHq7YGBLJOZp4UJJpvXrs-T_bRbLoar2ay1_Ye7PRtghwflsrfYnCP6VPEZpgLFJ18mwH2nOAoDSCm0MkriZ27tTS3TSDIdRuijnEZeyGZ0NVNkxcV2qKQe2qDKCF91infcp18ldsLORVrvpwK_bL-gD3OxKdMwUq_qTG02cd9sIE7GTeMGPD9AdJOE1pYhoArKwhCCqNj7DsIXeC9nsnNdDzrvjlZOxeXainvCQ6HUJvGpN2LazU99Znwn5co2g9EXo7_L2QlSRtTsW08sQyPb7uaqkebjpDI1MPxtagBmxUy8Qh_O9-Kkzndq5Tg5a8aB1CCw1BY0o21zwpxp8gGq6bwrfOnAfYswTskbjfyasWNXJgTgQrq70i6BKA8nL42qeF3TYSYwqgpHvOCXNYRwx-Dr_RTXduAeR8igiD0RDNdmL7d_w3cqFF6qlIyMBGObkYiVl4N1Am3PA0__NIe2RHCE9ClY4fFRcbau7O7_B9N-ZnVLnCc8kmRmrps5AdsF8C6czn7saKSO8ZNBuyggS3OEYUnXILgMOo2yaYTp1wGN5nzKBxhX0-LquqILY3Lef7qMiNJGad2NKhMeA9QC_mxt02_rhMz6YezOXaaNO-EAKCwEPckGsN50nItrZ8kysKFTwqBFVxX9Cc7Ttb4Ybpt9JBWSx0PVhpoxBQFDXaH9Il8NgO6mxKGLxr3wAoboEotsv3i2vPJ77rSy5P_cMewScrO4fVVchp28bESmwAJQFQrg77WXM2gHSCeU0zd7seY3yw0HjndFJgExR6FHzJLDK6v1YrykcZZkBP0MNNVmD0xV8tzSDZIunS7Uj9oo8MEI-zEfsCrgcKI-SgxLfoT0AeCo9akmPyy4-ZujE9d2cPwAwsRoY0Ip5_IhKNXzWTBIgzYRmClA9bcNI8iLF223ZDga50RJmTHplA3FDHQkVJ0rp-PjRieWDiK5w07IAHPow6IvesH5Nu7CwSvWKlb22sp52fe67piwkJw02P9ONsFMVVbHNU5rXYjZlhY4DedYx-OFPQ7HB45eTwdi-5zDyRg6diJzKdWUnyK2x4HFNHxTWIamdp4wF4h-3Z54UAlvb7a9rus0XUrGffXTZTtJk7du2nVOH6Tuxu8Ta787E3jgb96U-hRNSRjEvbjmIjmAn4Vr64QLWI6AlxHeg-K3Y67QMOE5ljkO75In6euhQcSeaCSrut297zpisuBF4zzqkLvi2309rLE0-dzyV117EK0oyRaKP0x3ubnMt8tZlpR0TXqCMjFEq28GLfMB1YS9tNGmNCaV9ScxPjab45ZJo3r0U_NiXo3Hf7eZESMJce7GRadMW0ARnY8eOtVJfkl5Qzh-o4DFmLAehp8Mf5bYJOVMorQxek_298KJqZeFpcPkTcjnMmBAYCs-xqALCGRNrBBc7LBU39QkV07oFpshE4HhoAXjcHw0i7RVDIKHplx-2gURHemyxhiFFmSEyXq3CRSyvs6ftvsJ3yN0U5MZ_yKLGQ7GDUXGT7CpVpQxn1HlgKhUWWrz70krSisH3rsB0WXlb95JS_aYUmMRKE1QHxHpdUPpvHrIvHSidmEMOkUssjbn14zGvQa83DEakCpv4bLZygEXT2UJOzaRhz0zWtILoPccZCjNnXtZlkSGhqGMRIN_dnYpasvqiGIVtqJtX59hTyj70NtT2dqn80mLG2tXWwfNinQgDuEzP1t8kQm6yAOqWr8GyFvA1vil3YdpvqLMwdASM0Gte7DXbbaEyVGG5r0RTkOecm3im4FK63ckhOBxkt2ehv42M7w3P-W8D7aZB_QRkca2ARz5Rk-6C4RTsQnkMTKv08Xbihmvu5pmWd2FP1hFavxK9i9kwf--eGSdExMpXMJwnz8dUu6sKh1Qn3MFmtDP-vqUlvcUyUPOMQS5_q1mkSj9rh8Ntd-fYuKtf7kq60lZPhhMwE_-nBakw5MeOu5-2Rc9GJW_OTznCS8OUMXKj2dmqttxW3kbEjBOVSRXEXPW8CcMkUZJaQMaIWTVMMSNfA8kOejRmBCcq6lL0VPgPKXrxX4sO6vvs0UYxybhStgr5m0Vcb3Rfq80PPAOjnITq8v01cD7EGWw-ihyKsMMPxut0wWTcSakdbmIJdVbbueWgEEaL1ovB7jr0JTSYZJwRgLfqAi3KXFgEJNYihNiDa9Jttuy5ATBbwz6mhjY7iU0HfhWrJAv_YuKWP-H3-o0Iy4026tGAKrB33ZbG9WRpYlDNxLSXLJxKgk8ZbatCep9HJgjEoppCnqCKsB3es7UI4X5zz4NQjabUHkf4XfAGS3hTdIMyif5rkZDuNLhF5enbQJ61WXTMJ8sfAHwb6xYXEib1Qb9Ff0jE_oEOXja1otBSwnP2gHj_1YDpc9Y2A3smWgu42UTS8C7V6JJ2SxNPFHKHOQqOhNkZHF_RDW-YM3vcour3_GrrV2CHCAKacsMr1yGLvqiX0xA6u0iKZkFEBnE44rKZmLbfnCTE9DUMT0SmYzKf9chUrDrL75FCrL9IhfVJ-ZguhllwZhvG1YpKMZXd6mlPqV4ApBu1GCA82xJjU-tauObWaqIC8A_b58hd79PWKorRsHYvbc7y_HqcudWpBH21lEgMGI39B860XJBiAWBBFfbQ1y1Nfn7dJs2kXPPPo09prmC3t1LwFF27EeN0vWrTBnkOPggyonNDEggHiefUQwhHrxd8SVrWVr6TiZmzjE-qabmCDGPOs5_gS4me1Bracg-WqDGdoxEHsUGDVUkCNk3VFW9sOjRdT1_TGLv8RhpumsPKJTkzC2MHqIB3eV3NmmQaz3wxOlHwsy4-JOo1z5xQZXHQggSJkJagLUjBPRUFO4T1vgzkD_jJHPTb_0NGU1gbnbCIcQnKsn0xyar440VVs-QHEhASVFmIDE3Y87GjKaTnUOXp1in_kdQiTWFVdRBUguTkQtprQqG8Ca-OCktIybNCGTdz2vsGoRIrtZF6_50DePzry-fUpSUDXO-&cid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f156.1e100.net
Software
cafe /
Resource Hash
f8f1029da7637f8cab3bd6ba0bf031ca086f8905d1b725e0196cf2f28ff9318a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16013
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 20DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsC_ixPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMBqgTzAU_QxtOifrYMS6vSwpaQp__mWbotd1OOibTQS-duu-uN8qJ9KV1bLgF2jhuQwnnuKPDB5HkR8m3EYikU7uGFhza5SUPM_orlmOIiCAi53oLfISHEiGTRWt-V2TAFxH1IvSWeybqt8uY0BFLaXZiG1hrTXawJilrxptOKbRk_ITKGO1OWJ4-CsCPyIyPFxFEwJVgqjMd2eHm-pIS38-5Y7QrHjLaRmSvQ2_dFCV9YPwxA0IxP-RTtqwbx9U-pIaCvXtGDrpSPduNxkPgZ0HKoA3qFGCahVoXAIcE0r90Bj0gEcDGQ8H0ywzO8g_CmkI2jV-HYa8AEz43Wg44E4AQDiAW81aDrRJIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCT5Q4Yl7_M1AHSCBIIiOGAcBABGB0yA-uCAToCgECACgPICwGwE6qO3xDIE92ypeED0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTU4NzI0NjA3MzUwMjUyOTgYmZcW&sigh=I_D8W0cYMP0&uach_m=[UACH]&cid=CAQSPwCsnQUxZCbrtd8kILZH_FiOPgn8wwi8dHn86rlC_KSJ5e4-367Oar5sjKQMHlfgnvyxtS41KoRmb1WEql-jVyAT&vt=10
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
truncated
/ Frame 20DD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9806a50adbea7c0a2082e6c9441932deb14b9773ef3edbe2844bfc2c22c5b656

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 20DD 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 01:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3214
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23582
x-xss-protection
0
server
cafe
etag
15429574133646473231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 02:11:18 GMT
csi
csi.gstatic.com/ Frame 20DD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8qpa88x&chm=1&c=2199189116031204&ctx=2&qqid=COyetri6wPoCFeNM5Qod6x4Idg&met.4=fb.2z~lb.b7~ol.cx~idt.gq~dt.-da&met.1=1.l8qpa7vd~6.1~7.1~8.1~9.1~10.1~12.1k~13.2g~14.2h~15.2n~16.bx~17.bx~18.bx~19.cx~20.cx~21.cx~22.3b~23.3b&met.7=CBsQCBgBKAEwWDjRA2g4cFd40BqAAaQYiAHOL7ABAbgBAw~CAkQChgBIGwobDCLATgfaG1wigF4hU2AAdlKiAHutwGwAQG4AQM~CBIQBxgBIG0obTCvAThCQG9Ib1BvWJYBYH5olgFwrgF43AeAAbAFiAH8PqoBGAoWUm9ib3RvOjcwMCw1MDAsNDAwLDMwMLABAbgBAw~CDoQBxgBIG0obTCJAjicAUBvSJwBUJwBWOsBYLgBaOwBcIkCeJoYgAHuFYgB53GwAQG4AQM~CDoQChgBIG0obTDYAjjqAWjsAXCKAnjA4AeAAZTeB4gB3q0WsAEBuAED~CBwQChgBIG0obTCUATgmaG9wjAF4sz2AAYc7iAHWiQGwAQG4AQM~CBsQBhgBIG0obTCqATg8~CBsQARgBIIEDKIEDMKYDOCU~CBwQBhgBIIsDKIsDML8DODRojANwvgN4rAKwAQG4AQM~CCEQBBgBIJEDKJEDMMoDODk~CCgQChgBINMDKNMDMOQDOBFo1ANw4wN4yroBgAGeuAGIAfj2A7ABAbgBAw&met.3=113.dk_3~112.dk_4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
628.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/628.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a37052c38c21c32f2d420671f1c13a1c8d4273d1b82f005022c7418bab58169e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://techno.okezone.com
date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.94.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-94-16.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c1b326c158f077d8cfb44bcbb1ba51937a87f1dacdb4ee9c9202bd373711f1cd

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache
x-server
10.45.5.134
access-control-allow-credentials
true
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
006827bb6794d8489514940a6d5cf79abe396de269c7078c367320f593576eb9

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://techno.okezone.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 01 Nov 2022 02:04:53 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 38CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Sep 2023 02:04:53 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 38CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Sep 2023 02:04:53 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 38CC 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 27 Sep 2023 02:04:53 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 38CC 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 27 Sep 2023 02:04:53 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 38CC 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=K0pgr6niUQEDLlg7DZ08jv-3xRwX-67KWYRB5V_kzEWJvv-R1k42hSV8rPfe6ghoXyu56GAbGb5Y3-5Dl7jHYUwrflC6NaKc2eh_GRJnGnNd5HpNjxZoE4BQL7v6Sf6NacEEkLn47D8jOYJaaoTKuPSvRYa-h_HuI62spx56pltqFHV8ZEXonzP9ldAiHpJM7nVaf_XT9JLJZDofCUTahn4H4N4C_cl4DSHmAA_rVUS62PFng4NdRI7rcuOwLLWvrbhAfYt3TkSx6tQDK-LjrgpgX045nAXgBtIXisA6oAGJ6UHuTtrnLST2vWzyRRhNKMaXjBz6KX1EQr6GJ9QjIx9Ykplfky73L--Nsx4dmXWY-M9DrblZkhERohZBimtraJwYBLKMo4vWepNnxERweEKtmU0CgrkZ3KGq06srVdI7gz4a5ZE_Xp_gR3Jl0AHVLiQwZQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2969020
expires
Mon, 26 Jul 1997 05:00:00 GMT
rcti__news.png
static.rctiplus.id/fta_rcti/logo/ Frame CA9C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.rctiplus.id/fta_rcti/logo/rcti__news.png
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000
Date
Thu, 15 Sep 2022 04:27:14 GMT
Via
cache3.l2de2[1312,1312,304-0,M], cache3.l2de2[1313,0], cache3.l2de2[1313,0], cache1.de3[0,0,200-0,H], cache2.de3[1,0]
Age
1460259
X-Swift-CacheTime
2592000
X-Cache
HIT TCP_MEM_HIT dirn:12:841988130
Connection
keep-alive
X-Swift-SaveTime
Thu, 15 Sep 2022 04:27:14 GMT
Content-Length
10963
Last-Modified
Thu, 29 Apr 2021 05:19:32 GMT
Server
Tengine
ETag
"608a41e4-2ad3"
Ali-Swift-Global-Savetime
1663216034
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
4f85b19616646762931382451e
placeholder.jpeg
static.rctiplus.id/fta_rcti/logo/ Frame CA9C 		0
0
analytics.js
analytics.rctiplus.com/tracking/ Frame CA9C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash
3e43a40e31f25bb48e7e0c86bbd428c530bcdb944cd991cfa4b29b0ecf19d12f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.15, Dark Phoenix
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSu3qnpqOhZehLgRHAY8BnNnBkjXMwlO89E5ip%2BpHrHWX%2FwDoDiDewyEHMlTFvBvtYElccqHJyXD8knw7goFVXQ%2Bq8uPFC96DqIaSNP4nbN1BefkrqI6lvCv9TBYSbaFZy%2Bxyo7Q0UPVaAemvjcP32491abU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-robots-tag
noindex
cf-ray
7539deafc8fd9bb8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 20DD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 04:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 01 Oct 2023 04:55:59 GMT
file.mp4
r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 20DD
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/368595F0DFD21A5610C65C47CB6839D4DB2CC9A3.098A30F06DA534D36BD722F61F26B7C4B423DF55/key/cms1/cms_redirect/yes/mh/Wy/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1664675825/mv/m/mvi/4/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:d::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sun, 02 Oct 2022 02:04:53 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1797995
Last-Modified
Fri, 30 Sep 2022 11:23:55 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 02 Oct 2022 02:04:53 GMT

Redirect headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
648
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
location
https://r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/368595F0DFD21A5610C65C47CB6839D4DB2CC9A3.098A30F06DA534D36BD722F61F26B7C4B423DF55/key/cms1/cms_redirect/yes/mh/Wy/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1664675825/mv/m/mvi/4/pl/49/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 20DD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l8qpa862&c=1101766528973&slotId=550883264486.5&qqid=COyetri6wPoCFeNM5Qod6x4Idg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=760&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.ti
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame CA9C 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
260d8ca4f08d513755b6797e2802c0d3d5479b63660bd5af60d52d9fb17ff4bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47832
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 02:04:53 GMT
3002381.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame CA9C 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.rctiplus.id/media/500/files/fta_rcti/news/3002381.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fb05d9cc7f71e8347ba9574fe17ca9b32ebe36070ad9d333e062527b1ecdf70e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000
Date
Sun, 02 Oct 2022 02:03:08 GMT
Via
cache23.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache5.de3[0,0,200-0,H], cache9.de3[1,0]
Age
105
X-Swift-CacheTime
2591982
X-Cache
HIT TCP_MEM_HIT dirn:13:778435109
Connection
keep-alive
X-Swift-SaveTime
Sun, 02 Oct 2022 02:03:26 GMT
Content-Length
18438
Last-Modified
Sun, 02 Oct 2022 02:01:11 GMT
Server
Tengine
ETag
W/"6338f0e7-4495"
Ali-Swift-Global-Savetime
1664676188
Content-Type
image/jpeg
Access-Control-Allow-Origin
*, *
Timing-Allow-Origin
*
EagleId
4f85b19d16646762931422792e
3002380.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame CA9C 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.rctiplus.id/media/500/files/fta_rcti/news/3002380.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1edf873a034262f7311b520b3bbda1029de9f742f3fc629bff1feb6f5fdf55db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000
Date
Sun, 02 Oct 2022 02:03:08 GMT
Via
cache4.l2de2[0,0,200-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache9.de3[0,0,200-0,H], cache3.de3[1,0]
Age
105
X-Swift-CacheTime
2591982
X-Cache
HIT TCP_MEM_HIT dirn:13:529048365
Connection
keep-alive
X-Swift-SaveTime
Sun, 02 Oct 2022 02:03:26 GMT
Content-Length
18604
Last-Modified
Sun, 02 Oct 2022 01:59:04 GMT
Server
Tengine
ETag
W/"6338f068-7fc4"
Ali-Swift-Global-Savetime
1664676188
Content-Type
image/jpeg
Access-Control-Allow-Origin
*, *
Timing-Allow-Origin
*
EagleId
4f85b19716646762931438276e
kronologi-maut-kanjuruhan-versi-twitter-penonton-ricuh-hingga-ditembak-gas-air-mata26_700.jpg
statics.indozone.news/content/2022/10/02/Z8s4a0n/ Frame CA9C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.indozone.news/content/2022/10/02/Z8s4a0n/kronologi-maut-kanjuruhan-versi-twitter-penonton-ricuh-hingga-ditembak-gas-air-mata26_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3e1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5724eeff2899ff2de7e66c8f60a0143da7feab3fdac793b9b15e7473745f45b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-amz-version-id
79lzYX3uHUZ97MNpaZdBBy2NktH3EMoW
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
33KAD2FW37JX2JC9
age
275
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38798
x-amz-id-2
ZW9fEojxbsQe70F6UNbbzH9lahLApSk0Z7FDV8PJIitnH1AUdsk1efFhkeAQT32Xu8Vju+oRBk0=
last-modified
Sun, 02 Oct 2022 01:31:26 GMT
server
cloudflare
etag
"81e58eb52481d39ed93a5889779bd108"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SVhKpNgMxAxFCjAyaLeaxKYzhoIwcUsBmYoO73q1Omt4ShJr7G5xkcmBWTWPNVzKf82GcvSco9jV3OgBprR71nbWco3vDjsj2TCiXxArvh5PhgbGCIfZCWPafidFtDB%2FWXHdIpSvqwN76hZ5RvMmEpEsFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7539deafd9e6903d-FRA
127-orang-tewas-dalam-tragedi-kerusuhan-di-stadion-kanjuruhan-malang72_700.jpg
statics.indozone.news/content/2022/10/02/75sL3yJ/ Frame CA9C 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.indozone.news/content/2022/10/02/75sL3yJ/127-orang-tewas-dalam-tragedi-kerusuhan-di-stadion-kanjuruhan-malang72_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3e1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cb07b032bb28f38c249f585a30b9935fb4db7103171021fb976356dc59e2741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-amz-version-id
svaEbcOwZSfFTgzX3UvTWtVC5jfQaFqR
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
33K2BNX8FQKCD9ZY
age
275
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52365
x-amz-id-2
eE46mj4aB9TntoAJaY2I5Al+8mQxmO/69qA80+AXCkWTfWNiu5Xlfz+XWm9yDtwrTT5PdtHXO6s=
last-modified
Sun, 02 Oct 2022 01:35:31 GMT
server
cloudflare
etag
"8bc0c5d1c968af376d1c237abcfad4b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJEf7tPrW%2Bmli6FSrBDFBwlgF3J9wRUay8YNmaU7Vumsc6FJCpv1A3FI7vB%2Bof4%2FyzDIdftwb%2BpRSFqmXu3u8jH4d%2FMYzXNJj8Uu2ApJuiXnvaNzPuJh3rrp3ExxI%2B3ZoBjPvD4sitzBrqMazlZTQiHb0qU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7539deafd9e7903d-FRA
baim-wong-berduka-127-orang-meninggal-di-tragedi-kanjuruhan-banyak-keluarga-ditinggalkan29_700.jpg
statics.indozone.news/content/2022/10/02/o8sAgod/ Frame CA9C 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.indozone.news/content/2022/10/02/o8sAgod/baim-wong-berduka-127-orang-meninggal-di-tragedi-kanjuruhan-banyak-keluarga-ditinggalkan29_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3e1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c372826ea54db1d180547aadb7513356040610bf265ef7b369b20e7f2e3558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-amz-version-id
tsPfgJxP8.YG9Jttvrj.jRgZps6qCc_T
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
33K7YGYFFW004NDN
age
275
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49777
x-amz-id-2
hEDgTM1m0YVf/bfLKuF4dGGgiDCvGfklzF9AqY78yanNoODtGRxY6lb0wfUFSsOiGumPwBYih3U=
last-modified
Sun, 02 Oct 2022 01:41:10 GMT
server
cloudflare
etag
"1207892ef6999b07eb4b7a7b2359499c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZenpxQgBzplEee0tID3kaxmlCh7TTKVotJaDJMUI0ZLcgYBAAOWptgmcJFOCP5SVg0viTRBfS3q57tdX%2FExarOyeFBBRDwjfBXPtyhWnLQmNnIBFQc0dwlohP1k74BXoTp9%2BIDkMtEOb88fg1pFY1SXBfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7539deafd9e9903d-FRA
3002376.jpg
static.rctiplus.id/media/500/files/fta_rcti/news/ Frame CA9C 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.rctiplus.id/media/500/files/fta_rcti/news/3002376.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8211e92b6b2d27920459a75831cf43e8d25a60d09b1ce829759f3c0823568e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000
Date
Sun, 02 Oct 2022 02:03:08 GMT
Via
cache10.l2de2[0,0,200-0,H], cache10.l2de2[0,0], cache10.l2de2[0,0], cache13.de3[0,0,200-0,H], cache8.de3[1,0]
Age
105
X-Swift-CacheTime
2591982
X-Cache
HIT TCP_MEM_HIT dirn:12:408206967
Connection
keep-alive
X-Swift-SaveTime
Sun, 02 Oct 2022 02:03:26 GMT
Content-Length
19919
Last-Modified
Sun, 02 Oct 2022 02:01:11 GMT
Server
Tengine
ETag
W/"6338f0e7-e041"
Ali-Swift-Global-Savetime
1664676188
Content-Type
image/jpeg
Access-Control-Allow-Origin
*, *
Timing-Allow-Origin
*
EagleId
4f85b19c16646762931448574e
config-widget.js
www.visionplus.id/filmsx/mystoriesk/shareconf/ Frame B273 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visionplus.id/filmsx/mystoriesk/shareconf/config-widget.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"631e9999-802"
content-type
application/javascript
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2050
expires
Sun, 02 Oct 2022 02:04:52 GMT
config-widget.js
www.visionplus.id/filmsx/mystoriesk/ Frame B273 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visionplus.id/filmsx/mystoriesk/config-widget.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
35b3b5f58b41a383ec0eac8b56c54f8a24eafc3b26524e3e73ce2fc67cefa514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"631e9a79-7a4"
content-type
application/javascript
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1956
expires
Sun, 02 Oct 2022 02:04:52 GMT
js
www.googletagmanager.com/gtag/ Frame B273 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c84ca414df4609acfd4197f3f1ac70dd833cac6929725ec813c0f227b495d049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42362
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 02:04:53 GMT
js
www.googletagmanager.com/gtag/ Frame B273 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90e10187b2e029da923d25cde8486076f53adf5dc18019b1a5807496ed233307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42365
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 02:04:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame B273 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 22:28:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Oct 2023 22:28:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B273 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae388e90d1d107bada200f4a5aed66e979bc034fa6ebe7c45aa3fbecdcde0e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27695
x-xss-protection
0
server
sffe
etag
"1351 / 651 of 1000 / last-modified: 1664575578"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Oct 2022 02:04:53 GMT
app_logo.png
www.visionplus.id/filmsx/mystoriesk/img/ Frame B273 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visionplus.id/filmsx/mystoriesk/img/app_logo.png
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"631e9a79-1e63"
content-type
image/png
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
7779
expires
Sun, 02 Oct 2022 02:04:52 GMT
ph_3-2.jpg
www.visionplus.id/filmsx/mystoriesk/img/ Frame B273 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visionplus.id/filmsx/mystoriesk/img/ph_3-2.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"631e9999-10a0"
content-type
image/jpeg
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
4256
expires
Sun, 02 Oct 2022 02:04:52 GMT
Ellipse-Play.svg
www.visionplus.id/watch/video/img/group1283/ Frame B273 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visionplus.id/watch/video/img/group1283/Ellipse-Play.svg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"60e6e672-659"
content-type
image/svg+xml
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1625
expires
Sun, 02 Oct 2022 02:04:52 GMT
ph_2-3.jpg
www.visionplus.id/filmsx/mystoriesk/img/ Frame B273 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visionplus.id/filmsx/mystoriesk/img/ph_2-3.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
b0dc90afe31208b1a7dbf1b54f6db85a7d7a1b6b68b5cf1b9bad6e7429f0f719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Sunday, 02-Oct-2022 02:04:53 GMT
server
nginx
etag
"631e9999-1162"
content-type
image/jpeg
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
4450
expires
Sun, 02 Oct 2022 02:04:52 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 38CC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
785071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNiPthwliPuZT9x3JHHY9KMb9kN%2Fc1YxzW3Z7QJWg8LQwzOHu0ytDlL04Qb5g9BjTwU4PKKMW2gWYsqKtw030lcyq5JypgVuD6uHkYGj4Ffp2nelm%2FtQkJThI%2FFkmBvyauB%2Bo%2FVyDix3pvFIXS%2FKdyDB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7539deafde2c916b-FRA
expires
Fri, 22 Sep 2023 02:04:53 GMT
animejs.js
static.criteo.net/animejs/ Frame 38CC 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Sep 2023 02:04:53 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=72088&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F72088%2F220302%2Faffc3ae6d67e493186bf67ef0aac4d96_finn_logo_1.png&v=3&w=356&s=qZQNmSBpnEKIlHivZHwPR_1P
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
74fc0330e26b7589184498281eefeae04099de5a887a0614d4e39aeb3a5c7498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28702923
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4860
expires
Wed, 30 Aug 2023 07:06:56 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fa7591cbe66a440c1e2de1ce7415d432e%2F248fceed%2Frenault-koleos-2384-kyanitweiss_picture_front.png&v=3&w=400&s=kneNKaH2hIwOop7TmBa3sYHr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0a577305667e4f77941988707fb29528c3f5a616f264e83d0ae3064c411a635f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=180501
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18852
expires
Tue, 04 Oct 2022 04:13:15 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F77dcc36f94810db0d1160ffc993b4ca5%2Ff129bf94%2Fvw-passatvariant-2401-mangangraumetallic_picture_front.png&v=3&w=400&s=ZribOoFdsX4g54vGfq6iRNS2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
062bcb5750f6aba970901ed22770f2e1dc578aacf44ffa177eaa1358a905ba6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=185676
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32998
expires
Tue, 04 Oct 2022 05:39:30 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F74ad96ff045c12c215ee2d843c33bf67%2Feaed37c2%2Ffiat-500ccabrio-2939-pompeigrau_picture_front.png&v=3&w=400&s=vKIT_3O_mu7ewsBKBtWOfWyz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9ad6b5162e9594647cc1e071b20155e0c0e38b41cea70f631f09d1790796e960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=181136
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18128
expires
Tue, 04 Oct 2022 04:23:49 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F008be8c0ca529675ab7165a0ab27fff5%2F5b98d3d3%2Ffront.webp&v=3&w=400&s=kYg1cMKSHYO4OiKp19Uh1Ngw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9d9bdc694d92905e102d79cb5b837c0b940f383fca6e436de56a90d20b9567b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=181331
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16974
expires
Tue, 04 Oct 2022 04:27:04 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F5b91275c1b5b2e856a31ba54152072ba%2F0ebf24f3%2Fvw-passatvariant-2398-mangangraumetallic_picture_front.png&v=3&w=400&s=btRzUxte2BHuk3-BzSyrCyAw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
eb6339b11a80125a80122ad47d2140c8ac315930c108ff68b652d4c08e1d1a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=187424
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32540
expires
Tue, 04 Oct 2022 06:08:37 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F75749d4ab6110e0d66a42265f8b032f0%2F8cae5fef%2Fd34e6f6c&v=3&w=400&s=Bjzk0N_byTLmfKgXBvXFTIGv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f4d515b80fb861d96a93a344f34de3bebf374afbb416e83b652d609306c79d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=273257
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26144
expires
Wed, 05 Oct 2022 05:59:11 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fe2e6e4b14aa9df825dbe97d0b26f84f2%2Fca627011%2Ffiat-500ccabrio-2939-dipintodiblublau_picture_front.png&v=3&w=400&s=orlwjm4YwlTqr5ScQA9Qhl2S&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4239764faa9c042248f880aed04740a62b9e5fcdbb7254070b1dce3766849d45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=181183
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17788
expires
Tue, 04 Oct 2022 04:24:36 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F6060fb0e967d3a0179814fdf2252a437%2Fb8e8cc13%2Ffront.webp&v=3&w=400&s=GCoKij71Vuvhj3z3RjruAGGA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5659ca98ce8e979a74c3e8a6e7f8d70a6a172cb3dce5e08288b6db9919421f9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=343027
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17878
expires
Thu, 06 Oct 2022 01:22:00 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Ffc8416df244b7c09e09fcdb8e4ee5241%2F59a792c5%2Fopel-insigniast-2745-diamantschwarz_picture_front.png&v=3&w=400&s=ulDEaAFdA5kcSOL_Yg2dD-B5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ab0acdf8db9ad7a0fe0fb3597d448d94c8db28cea09f19667e8a70cdd85854d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=273967
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34202
expires
Wed, 05 Oct 2022 06:11:00 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Ff3f1fa355a03bf591b6da105ddd4e1a7%2Ff83f5e95%2Frenault-koleos-2384-onyxschwarz_picture_front.png&v=3&w=400&s=SR8AJa3IbQxVFF5wF5Ign58T&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
90debbeb6cf0856b1e94d3621a7ac167ed89de6e408ca4d8ff9a68d6a0cf6c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=180494
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18796
expires
Tue, 04 Oct 2022 04:13:07 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F3d7788f266c48f457367bc3d8bd6f9ef%2F96ff76db%2Ffront.webp&v=3&w=400&s=ZgQw-7-gF1MC1Ofbfl730Tz1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
856107a8c3e24e8e9d7c2caa8a334ea8f64076ae445f20e1c29082c78851b0ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=378293
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18688
expires
Thu, 06 Oct 2022 11:09:46 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F4fe5cb9b4a09c75e7ba47921e46a5779%2F3ecbf7c8%2Fe33d96d9&v=3&w=400&s=XxagBQ665lzoQPBajCD1WHiF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
384f401eae78d8e86016a92b7ff5b6fea566b08ea90acafcef3b80f001a4b5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=180501
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16218
expires
Tue, 04 Oct 2022 04:13:14 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F2cf281dbbf4c33d471d1858615d21f66%2Fdd9cd4da%2Fvw-passatvariant-2404-mangangraumetallic_picture_front.png&v=3&w=400&s=nxOB4zgcOZbq0KzPiW1Z2Xq3&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
eb8523ea2f8ba5ea7d1c4f41724f3ffea68e2b8acc2fb6125640d181759391d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=187198
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33142
expires
Tue, 04 Oct 2022 06:04:51 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fa24f570a028f7fce198e0f4a45cd3037%2Fc5a1604c%2Fvw-passatvariant-2401-aquamarinblaumetallic_picture_front.png&v=3&w=400&s=malIPlh7Lu8FLgrfWoOXrLGc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2f709d1d7a86a4af9710693be8cb204bb95954c674ed340703507ae0ea8b56b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=183871
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15752
expires
Tue, 04 Oct 2022 05:09:25 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Ff481d6020acf709c70f8ecff2753e26a%2F4650c82a%2Ffront.webp&v=3&w=400&s=nzvt8fXJ5NH011Et2w9ur3IW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
708f68c9b96a645d48fb213953a4cfd2dede52790b4a9e545d113f58720539c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=449152
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17136
expires
Fri, 07 Oct 2022 06:50:45 GMT
img
pix.eu.criteo.net/img/ Frame 38CC 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F83200b3fa95e96268ef3b5e7039847e4%2F650fe1dd%2Fc52aca25&v=3&w=400&s=EasQfXxAILFpWFWiB4q7zBQ-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6708983b7a3c99cc7cfe90f4ae68bd42d7cbc9566ae3c9a2e79b7539d1638bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=97977
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31213
expires
Mon, 03 Oct 2022 05:17:51 GMT
all
csm.eu.criteo.net/ Frame 38CC 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JVfzyQoE9uafnH7Xcr6NQ3lPrql93TvxD0NLxXLpnLeBjKoDsW-fTZCCaMUqzMd4OaMKlHdbuSff1qm97xsuX20sjfesXwfe69EN9Q1yHPUgdgx6aS2C3jb0ei7EQZ3oseRqdj9on4bCougnS0lm08luIZeviUfjEovS4fYECJoXJIa4ZyjX7btv3DEU3sMq-cVe06I8K1ECESdGPX9h4jjY38X189-NA4KQ2B0CnUcdbQJtXyMgZWiCdiE&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Oct 2022 02:04:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 38CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Sep 2023 02:04:53 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 38CC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 27 Sep 2023 02:04:53 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 216B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
388848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 14:04:05 GMT
expires
Wed, 27 Sep 2023 14:04:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame CA9C 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 00:27:31 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5842
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 02 Oct 2022 02:27:31 GMT
atrk.js
certify-js.alexametrics.com/ Frame CA9C 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 04:02:04 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
4312970
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
N_xpQDN2Hzc951oC9rBJEkJPJrRb4Kdg0AC8pQlr53aWO_LZCb_lGg==
css
fonts.googleapis.com/ Frame 38CC 		2 KB
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:42:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 02:04:53 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 216B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 18:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 18:59:23 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v12/ Frame 38CC 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 05:46:11 GMT
x-content-type-options
nosniff
age
332322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:02:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 05:46:11 GMT
atrk.gif
certify.alexametrics.com/ Frame CA9C 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=650&frame_width=301&iframe=1&title=RCTI%2B&time=1664676293223&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Ftechno.okezone.com%2F&host_url=https%3A%2F%2Fwww.rctiplus.com%2Fhiburan%2F3001791%2Fnajwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah%3F1664676291698&random_number=13308268462&sess_cookie=643b0e8b18396706a6688745b73&sess_cookie_flag=1&user_cookie=643b0e8b18396706a6688745b73&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 02:09:43 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
86111
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
R1aySIrpBx-9Dgtq-W4J9z5klPhhiXIbGu7_NSeBa9kaVOAlOgoDmg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame CA9C 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.50.160 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-50-160.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
server
Server
beacon.js
sb.scorecardresearch.com/ Frame B273 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 05:28:17 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
74225
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
SAkzEyqjLeU9goilCYaFWeOLvoamxVvu2K9wHL3tPeZpic7poY4mhg==
gtm.js
www.googletagmanager.com/ Frame B273 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffe34db39e7e6d87bad0d8fa5ba03613e73b9207d0ee74b078dadd49619e4a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44158
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 02:04:53 GMT
atrk.js
certify-js.alexametrics.com/ Frame B273 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 04:02:04 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
4312970
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
bbZbg58I6YrGnNcutr5dFeeTg3P7Op28FI9OmSlQ-Y6Ms_wkuhpBUw==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=2199189116031204&bg=!q6ilqOzNAAYQgTJdMIE7ACkAdvg8WvRQn2KxY3hTuN7Bl_QogzO16A8UkMGqRMB_eUC8o0nUgVCEUAIAAABVUgAAAAFoAQcKABQF3SuB_lFOPQaWn02qIAuzt3i_aJkCnApuvNFCLcQ3P7XfwDcAXAJ8cAOliyMlgBDOoR3gvytn4CHpsB_dVbjeLiN1xdYYk4ZFaS8MSNOVCU0_-w5b312fPokKmWwz_bjNi52FHpwvmXnESvDWTftlI6uBwH383dbXKBc0Os1XMm38yJkUvVEJgQ36PkYJxF4k2IdhT9uEvQfJhnzkeSNNbY7ax_lgH3yMYkWmIcGlqkBYuSswyrGAEjTNzG1cUhZtWG4aNGyXlWvEQ2Ep3icvbVE5Sd-Hs1F8LqRLNsExNyqRmNB6OFDx-Zs9xbd9vlhxo7X_kz7GktbbENLJj3eU8eUR-zSZE8_1LTSIe0oylQ_uZEeUspx-MfX8zMkRe5zD8Bv3AikkJonazdJaQa7Ypi1n0dc3aBphrdfssB4k57TmJb4MndVu7G5RwepXqfRCjE0AwmxcWEb2n9vS3m6ezVV7GoNrQ5Sr5eO4KKbmKHtTuV9lMXT-MCfbLIAdmm7x1vK8LUIFb3LuiNoyVJfQfW6F4ER9MtJZK5gLn2KBnlHKOkn_-xy1HufyyRzbBMUIs01XotTcDh5lfkbsSMbh7nhxfvy7gdNKHUGC2vlEz1Y-En5YzP39A7cH9HLn2vhCdapZSZZe3ZtTWuCLvT06lsV8eptcFO9LPC6ilmmOgxlfS7x4dq14Xzimf55s5BXZH6ajzCkrlUf_DUXIqidRvMJNdPDO3ijIharGdBuNaEEdDsM3cPr06ydBQFmJJ2ZyjI4lhdCKzRhT8mBczQUZImZDZOL_syTmM4L45ZDbYaZUeMu41RH-xWJEaExZsIVzz_jNOqbm9hepzHrPWjVcYwcWZZzScXr6seKGki-5Gj7F2r0di1cpz9dw1N-tvJtDhz8LiUtima4Oi85gqpxwEgM5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
motogp_assen.jpg
cluster-images.visionplus.id/static/website/ Frame B273 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluster-images.visionplus.id/static/website/motogp_assen.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
39dfe16f2f0c8b4d4163463c3f555a93f5932d173a407e543d1e8aa2d08d49b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Mon, 12 Sep 2022 08:18:44 GMT
server
nginx
content-encoding
gzip
etag
W/"631eeb64-1058e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
link
<https://cluster-images.visionplus.id/static/website/motogp_assen.jpg>; rel="canonical"
x-xss-protection
1; mode=block
expires
Sun, 09 Oct 2022 02:04:53 GMT
5ce1.jpg
static.mncnow.id/images/series/32173cac/ Frame B273 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/series/32173cac/5ce1.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 01:27:59 GMT
via
cache17.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache2.l2de2[1,0], cache6.gb2[0,0,200-0,H], cache2.gb2[2,0]
age
88614
x-swift-cachetime
604739
x-cache
HIT TCP_MEM_HIT dirn:12:548578202
x-swift-savetime
Sat, 01 Oct 2022 01:29:00 GMT
content-length
34352
last-modified
Fri, 11 Mar 2022 08:03:17 GMT
server
Tengine
etag
"622b0245-8630"
ali-swift-global-savetime
1664587679
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875499e
expires
Sat, 08 Oct 2022 01:27:59 GMT
6274.jpg
static.mncnow.id/images/series/a0318f17/ Frame B273 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/series/a0318f17/6274.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 04:01:50 GMT
via
cache8.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache20.l2de2[1,0], cache7.gb2[0,0,200-0,H], cache2.gb2[2,0]
age
79383
x-swift-cachetime
604406
x-cache
HIT TCP_MEM_HIT dirn:13:444258329
x-swift-savetime
Sat, 01 Oct 2022 04:08:24 GMT
content-length
27687
last-modified
Mon, 07 Mar 2022 10:41:44 GMT
server
Tengine
etag
"6225e168-6c27"
ali-swift-global-savetime
1664596910
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875500e
expires
Sat, 08 Oct 2022 04:01:50 GMT
7a0a.jpg
static.mncnow.id/images/series/446a6208/ Frame B273 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/series/446a6208/7a0a.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 04:01:50 GMT
via
cache5.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache8.gb2[0,0,200-0,H], cache2.gb2[3,0]
age
79383
x-swift-cachetime
604406
x-cache
HIT TCP_MEM_HIT dirn:12:583829138
x-swift-savetime
Sat, 01 Oct 2022 04:08:24 GMT
content-length
43640
last-modified
Fri, 11 Mar 2022 10:18:29 GMT
server
Tengine
etag
"622b21f5-aa78"
ali-swift-global-savetime
1664596910
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875502e
expires
Sat, 08 Oct 2022 04:01:50 GMT
489b.jpg
static.mncnow.id/images/vod/863f579e/ Frame B273 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/vod/863f579e/489b.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 04:02:03 GMT
via
cache16.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache9.gb2[0,0,200-0,H], cache2.gb2[2,0]
age
79370
x-swift-cachetime
604419
x-cache
HIT TCP_MEM_HIT dirn:12:174001076
x-swift-savetime
Sat, 01 Oct 2022 04:08:24 GMT
content-length
37076
last-modified
Tue, 28 Dec 2021 04:52:28 GMT
server
Tengine
etag
"61ca980c-90d4"
ali-swift-global-savetime
1664596923
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875501e
expires
Sat, 08 Oct 2022 04:02:03 GMT
949d.jpg
static.mncnow.id/images/vod/7847cc87/ Frame B273 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/vod/7847cc87/949d.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 04:02:03 GMT
via
cache3.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache4.gb2[0,0,200-0,H], cache2.gb2[3,0]
age
79370
x-swift-cachetime
604419
x-cache
HIT TCP_MEM_HIT dirn:12:300298759
x-swift-savetime
Sat, 01 Oct 2022 04:08:24 GMT
content-length
51712
last-modified
Fri, 11 Mar 2022 10:34:55 GMT
server
Tengine
etag
"622b25cf-ca00"
ali-swift-global-savetime
1664596923
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875504e
expires
Sat, 08 Oct 2022 04:02:03 GMT
f924.jpg
static.mncnow.id/images/vod/058df7c5/ Frame B273 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mncnow.id/images/vod/058df7c5/f924.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.57.232 London, United Kingdom, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 01 Oct 2022 04:01:50 GMT
via
cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache5.l2de2[1,0], cache10.gb2[0,0,200-0,H], cache2.gb2[3,0]
age
79383
x-swift-cachetime
604406
x-cache
HIT TCP_MEM_HIT dirn:12:185874265
x-swift-savetime
Sat, 01 Oct 2022 04:08:24 GMT
content-length
36795
last-modified
Fri, 11 Mar 2022 05:04:16 GMT
server
Tengine
etag
"622ad850-8fbb"
ali-swift-global-savetime
1664596910
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b5399616646762935875503e
expires
Sat, 08 Oct 2022 04:01:50 GMT
analytics.js
www.google-analytics.com/ Frame B273 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 00:27:31 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5842
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 02 Oct 2022 02:27:31 GMT
js
www.googletagmanager.com/gtag/ Frame B273 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154114411-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b9749772d87658c9048eae084f6f15def1c07348b5abd21f4c7416a3c0802bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42408
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 02:04:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 216B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BeripxPE4Y6KNO9bX1wawyITIDQAAAAA4AeAEAg&bg=!fH-lfzvNAAYQgTJdMIE7ACkAdvg8Wl8W5T6Q-UXjMT6we8_ScgejSuuC0uQ6MbFCD7DAyXrMZYOYEwIAAABtUgAAAAJoAQcKAHVQXXC9m4iI6-4YQRQQCybeCuR5HTHXl3K1kTFYY9PJCd-ZW6IS3fOyQPun-KmX2t3Zf0RWWFoIq7ERV97u0FtGVKMkHR2KTTlIcwqXd7Piy7jSGhayw6co1l_oHTnFrjfQQ6jy0XhW35KQKW4hg8k6L3bYWLyZAuxIFNQMmyXX45ZIIdib0HiYMjjSj7xUhVslu5OxzyL-u8jbrIzuihQrswVeJ9AD5V8Ot10O9Ok7Evp7XLwFua8Fuyqp1HnzXTN0afCKYKI7Ca4J03cOSfbyiFspOzMyqS81t057mnmhpnuX-38YCFqFhzzoYhzZ5V8VH2NEhRKfYibVpKy1JQ8cI2tcDSHYRu5k-woeulwqmsYwPWIAjH2ZEOq06CgdNyuLdpNT5J3DrnDeZD9tY5vgIsPbb0MW6JsgmKv0FkBBYwdHD_pVv_r4tz53UOI8jC2ZMh45HkEXUOGcoBV99kCJ_AZN6i2XuMA1HK_khjqz5iA2KprjLa8H8B27jzC63zF--JUHPXZUHfG1dtmc48sDakPXVkl4h9PwHg-MnUc2KquEQKvHrgrhtlkK8Z0komSjEXZsW5J_IPQDRfTQ3NzqU-HC54mmqRWNPekZm-WXVTtSrhu8MmlZJVvmc98hIqE3AwOACOwS9NkuSBxde_QmblQPQTa2Asod6bD7yZSZ2NQoHwi5hpa8QvetAXYZRAMozv3Phyrly_BlN-3O-GmwBeWd_4nEUdk2_VGD3lKIRSLYDpgNXXSP27xBtqi9swRR1Z93mg775Mdu-I1J79xJUOVZX62bhq9_XAMHEP15ImldefIGNIl5LZeVKkSJt1MfSckuQK84RDRt-2uEVa89JnnWM-brfHxawgCQ9dqZ-xIJC-5PPmT09HRGVXPLGIqMnuwiLHl-0c-FdZ9WpIZxRGbvu0DhvPKRBhZ0-5MXB4mUI0xoJYfaEh3nj1CWtANHKRz5kKn4Cgv4_vKvu7iKmB84BGcITSIFuKd8Nf8tf1M7cUwJgHb3ake_Qin5iku8nk4tKEJE1rrGGsFQWNLfelw-zJStj4YhDj5uEeOx6sv6XBL4-HIr-zM3nq_lYMH0KJfbuxq_CpbrDVPB8K54HWdUkEhpIE0v9OXEB8Iz6AcWcQ0HY1sIp9YvlpeUVY4l5Ezi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame B273 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1664676293354&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&c8=Vision%2B&c9=https%3A%2F%2Ftechno.okezone.com%2F
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
R7nPnpctGkJ1ih6lreHNgqV_ufWtYf8oszqYlpW4VM1R2UOUs4wTjg==
x-cache
Miss from cloudfront
pubads_impl_2022092801.js
securepubads.g.doubleclick.net/gpt/ Frame B273 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 18:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130694
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 01 Oct 2023 18:29:02 GMT
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame B273 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.50.160 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-50-160.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
server
Server
atrk.gif
certify.alexametrics.com/ Frame B273 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=625&frame_width=301&iframe=1&title=Vision%2B&time=1664676293376&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Ftechno.okezone.com%2F&host_url=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&random_number=3926557083&sess_cookie=ecb9acf118396706aff296350df&sess_cookie_flag=1&user_cookie=ecb9acf118396706aff296350df&user_cookie_flag=1&dynamic=true&domain=visionplus.id&account=s+Whw1O7kI20L7&jsv=20130128&user_lang=en-US
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/filmsx/mystoriesk/ind.html?fr=oz&v=1664676291692
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-91.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 02:09:43 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
86111
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
FV0NDQRtc94vuI-lO2hdV6M87dsoLOdi2kZNhRZQuQBdZdprwU_CpA==
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 84E6 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 01:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3215
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23582
x-xss-protection
0
server
cafe
etag
15429574133646473231
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 02:11:18 GMT
file.mp4
r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 20DD 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5edn6k.c.2mdn.net/videoplayback/id/10fe5e464381e171/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696212292/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/368595F0DFD21A5610C65C47CB6839D4DB2CC9A3.098A30F06DA534D36BD722F61F26B7C4B423DF55/key/cms1/cms_redirect/yes/mh/Wy/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1664675825/mv/m/mvi/4/pl/49/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:d::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
dae7da24ffae5fd2ce031dc554d6e0524da0dcc79671204aa182da42f75d4d18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Range
bytes=0-

Response headers

expires
Sun, 02 Oct 2022 02:04:53 GMT
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1797994/1797995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1797995
last-modified
Fri, 30 Sep 2022 11:23:55 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 20DD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l8qpa8bm&c=1101766528973&slotId=550883264486.5&qqid=COyetri6wPoCFeNM5Qod6x4Idg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=760&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F10fe5e464381e171%252Fitag%252F59%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1696212292%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F2F3ADAC2C9A945D013045AB65831D18158338EC8.4890F0098004F6FCC48AD51B58502A3831D348FA%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame B273 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1211900573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&dr=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEBAAUABAAAAAC~&jid=1882866752&gjid=551850034&cid=316325966.1664676293&tid=UA-111351533-7&_gid=341505747.1664676293&_r=1&gtm=2ou9s0&z=1002569739
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame B273 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1211900573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&dr=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAAC~&jid=230678015&gjid=552744948&cid=316325966.1664676293&tid=UA-154114411-1&_gid=341505747.1664676293&_r=1&gtm=2ou9s0&z=571136047
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame B273 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1211900573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&dr=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAAC~&jid=243194809&gjid=1008676313&cid=316325966.1664676293&tid=UA-111351533-1&_gid=341505747.1664676293&_r=1&gtm=2wg9s0TRZJRWG&z=1713536041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame B273 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1211900573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&dr=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAAC~&jid=1815588693&gjid=836087541&cid=316325966.1664676293&tid=UA-111351533-7&_gid=341505747.1664676293&_r=1&gtm=2wg9s0TRZJRWG&z=1114228607
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame B273 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1211900573&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&dr=https%3A%2F%2Ftechno.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAAC~&jid=644998132&gjid=688618871&cid=316325966.1664676293&tid=UA-154114411-1&_gid=341505747.1664676293&_r=1&gtm=2wg9s0TRZJRWG&z=842032432
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame B273 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.visionplus.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B273 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.visionplus.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B273 		42 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=585631665307225&correlator=4085912235797229&eid=31070024%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092801&ptt=17&impl=fifs&iu_parts=7108725%2CVplus-Widget-Banner-Okezone&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C243x110%7C243x100&ifi=1&adks=570729193&sfv=1-0-38&fsapi=false&sc=1&cdm=www.visionplus.id&abxe=1&dt=1664676293450&lmt=1664676292&dlt=1664676293039&idt=401&adxs=8&adys=101&biw=-12245933&bih=-12245933&isw=301&ish=625&scr_x=-12245933&scr_y=-12245933&ucis=5xutflasndwg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Ffilmsx%2Fmystoriesk%2Find.html%3Ffr%3Doz%26v%3D1664676291692&ref=https%3A%2F%2Ftechno.okezone.com%2F&top=https%3A%2F%2Ftechno.okezone.com%2F&frm=24&vis=1&psz=285x-1&msz=285x-1&fws=256&ohw=0&ga_vid=316325966.1664676293&ga_sid=1664676293&ga_hid=1211900573&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e68e901e6549b749cb4706f952dc5fe0c3d3b0c72e6f2fdf424a643b59e45d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16238
x-xss-protection
0
google-lineitem-id
6112829733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404924309
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 32FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:53 GMT
expires
Mon, 02 Oct 2023 02:04:53 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 84E6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l8qpa8my&chm=1&c=2199189116031204&ctx=2&qqid=COuetri6wPoCFeNM5Qod6x4Idg&met.4=fb.2w~lb.49~ol.po~idt.gu~dt.-d6&met.3=733.bi~742.bh_1~748.bv~749.bx~736.c4~735.c6_1~740.c6~739.c7~738.po~113.rp_3~112.rp_4&met.1=1.l8qpa7v9~6.0~7.1~8.1~9.1~10.1o~11.1~12.1o~13.2h~14.2j~15.2k~16.c7~17.c7~18.c7~19.po~20.po~21.po~22.4q~23.4q&met.7=CBsQCBgBMFs4nAdQAVg8YAFoPHBZeNAagAGkGIgBzi-wAQG4AQM~CCEQBBgBIGooajCmATg9~CBsQBCBqOJwB~CBsQBSBrOOgD~CB4QChgBIGsoazCKATgfaGxwiQF4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIGsoazCOATgjaG1wigF4sz2AAYc7iAHWiQGwAQG4AQM~CBEQChgBIGwobDCSATgmaG1wjwF4mjmAAe42iAHjswGwAQG4AQM~CCoQChgBIGwobDCRAzimAg~CCgQChgBIK4HKK4HMMMHOBVorwdwvgd4yroBgAGeuAGIAfj2A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame B273 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-111351533-7&cid=316325966.1664676293&jid=1882866752&gjid=551850034&_gid=341505747.1664676293&_u=YEBAAUAAAAAAAC~&z=644080877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame B273 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-111351533-7&cid=316325966.1664676293&jid=1815588693&gjid=836087541&_gid=341505747.1664676293&_u=YEDAAUABAAAAAC~&z=1757347946
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD...
ade.googlesyndication.com/ddm/activity/ Frame 20DD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx;eps=CIjhgHAQARgdMgPrggE6AoBA;met=1;acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664676293478;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 20DD 		42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdWBfxPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMByAObBKoE9gFP0MbTon62DEur0sKWkKf_5lm6LXdTjom00EvnbrvrjfKifSldWy4Bdo4bkMJ57ijwweR5EfJtxGIpFO7hhYc2uUlDzP6K5ZjiIggIud6C3yEhxIhk0VrfldkwBcR9SL0lnsm6rfLmNARS2l2YhtYa012sCYpa8abTim0ZPyEyhjtTliePgrAj8iMjxcRRMCVYKozHdnh5vqSEt_PuWO0Kx4y2kZkr0Nv3RQlfWD8MQNCMT_kU7asG8a1OM9QzPRhDdjc5pMVOWjVQL0za3brU8KGgw3SPYyvoLFhisbnUjrEZvujJr3VGBQ8xjryVVPtU89hUiXrABM-N1oOOBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB4AsBgAwBsBOqjt8QyBPdsqXhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=96Jp1MyBU2I&label=part2viewed&ad_mt=5&acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664676293478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 20DD 		0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVvD_jQEyF2zduPyJnPQ0uJmFlOXjeBKr1w0LzY18j4xqSaWYRFG3wRI6BkwryKhPeOjF1MnUCBOa15AfKCa1xy4_lpdBcJyv1Rm6QRPjsQzxDb8WG2PPjp1t4ZfXMEyzZ2tETU1bd4RVHwutdKF07NpXrP9GLfIDjji1_4_mFwC9wB0ZJcFC2eCFrGbn_RXV7jP-PvXNl3sNKVYmwO_UsdbsMkCdXs-nOr2rJprkXlL5ZxRV2qzDJD29LXFil1nLUgYHTYP5nHv1efT-VRRP7c6oPTMz0Dm5zeu_CRhTXMBkUIH28sgueZ31PL-BQFpskl5vCMBlUFFjqdy_UVCTOpSmFAdDQs3yolq8dQJKdMFrb9NWDgc4rZJLHq5PXfKjTzd3PQ0wH2gzakpMlZ41RsUzcxBCtJ29ZPvtSVGQ_utAHkCqwkLOTn5rBZZ7pmEHv04fut_8aYJgP82H_GSIbvlGChIoJQx5oBkq6ah6tgoW3V-6rKV-stw36vSVmVfu7Ii64tNkaMgwQqkNdQD6CWGkJPuiKBg6Avn1oOKGqkdiTboBMiAHD9mNF4mHY17b2A7vXiF_dvvoiUn2DEuwiyrHlPucClw8Y6NYw6xEQhgIz7r-fWDXHgXWT-w383gZXV7SFBCx3X5Z8aWLxh8vOyWaKootoJb-O0B739x-t8z0JXr9hvL28Y74mq9eQ-t00Q6RW6tMF8_50TWa4Xaz2DuHDAxBpdZfB60dNoKNjfDELs9lbVwihJDk4AHyrgKvbeH_vT7Fk4ExRQc2ghtibA0v3WLBnVZauqBns8sa6b1zXZZ_UW4HUmlJQhQ1ljU8ehctKlwaI5Pv8xM94iAhMpER5zs7tGsoZTLDeFr7cx8fIf2Ks8LhZK0a4tWwIz46cQ-dhJTyXoaq9agVN-UcXDJBLGHSlLzcEwp3cEjv0APssWKqTKtSDOSGyfPRz8Rb6y0RfAbzO01hu4A6kSJMZl0zlUxBF_UEUE4ZFBsoLHsJ1xruIScDw3_EOc1Meu2vumH5LiZF9vinLtDCbBBmjKiVh1aVzcV6lAn0IibJNEN22eqo2Klik3XslUADJGJ40xw3BUp-9fAho6B8itbbgh2mJy0o9bp11TxH2U68p49MpzUj3ljaqMAXquT0y81xRDKOBQN6Mj1bYhdr-EU0&sai=AMfl-YR9G8_-1i0-Pog0_VA4p-UzZXmnnk3bH7OJhJA6CmLZfRplHrbhMOzQzF_3mmbymZC90gNvetfsU4V7tNbQliVWrEklHJoWtDut-l6DFDv9kic3aGhw8POqjrYXwM7WKS-wILv5n-czIZRrPsdoJDHpea5SvF7NRQPrMe99b7mCoJ0bkp45gFFbBmIx78-s8Du9_CNqh1eE7HAPGTx3BgBADBTIQz02BHzadN-2NCXc-rpOdr14Mc1pEpBCzKDCzNf54hu7BFRHXFYNoPyrNLNsNHT4a2kuvPe0EDQ&sig=Cg0ArKJSzLT8XrRlm7T7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 20DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYl7_M1AEgATAB&v=APEucNVLZuXkT9yL-Jl13_dzH2khFRezegfnhdMVG_MZ_rmmwXGQl4u-1ht8_Rbfbag7-uLnRt1xQX0rGQXN3_SfrzeAVjHbTw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD...
ade.googlesyndication.com/ddm/activity/ Frame 20DD 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx;eps=CIjhgHAQARgdMgPrggE6AoBA;met=1;acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664676293478;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 20DD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0SqMH4tYzPeKL72lmsvpBxB_HPypDhxeG2Ac17aS-VUnnJ77iIMbCVOwwh9p_l18_5gfytxZ-3So8Fg6JTc83A_ET6NqX2kRVXK3MTJ3g0w08wZYr3jNaknCN7w&sai=AMfl-YShQUoKVVkfa6h3kMD3Bl5Z9tAAwHARSkCV-UgrOkOOplhONEXM9tYpipE3DlVtU7f4TWyv-qSnJ9_mLBBwwxWKpLxl947sVazK7cWznU9Md0wawUKzNXCDL01lqJhaICQ&sig=Cg0ArKJSzPU8WdyqYy0OEAE&cid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx&id=lidarv&acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664676293478&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 20DD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdWBfxPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMByAObBKoE9gFP0MbTon62DEur0sKWkKf_5lm6LXdTjom00EvnbrvrjfKifSldWy4Bdo4bkMJ57ijwweR5EfJtxGIpFO7hhYc2uUlDzP6K5ZjiIggIud6C3yEhxIhk0VrfldkwBcR9SL0lnsm6rfLmNARS2l2YhtYa012sCYpa8abTim0ZPyEyhjtTliePgrAj8iMjxcRRMCVYKozHdnh5vqSEt_PuWO0Kx4y2kZkr0Nv3RQlfWD8MQNCMT_kU7asG8a1OM9QzPRhDdjc5pMVOWjVQL0za3brU8KGgw3SPYyvoLFhisbnUjrEZvujJr3VGBQ8xjryVVPtU89hUiXrABM-N1oOOBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB4AsBgAwBsBOqjt8QyBPdsqXhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=96Jp1MyBU2I&label=vast_creativeview&ad_mt=5&acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1664676293478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 20DD 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l8qpa8ll&c=1101766528973&slotId=550883264486.5&qqid=COyetri6wPoCFeNM5Qod6x4Idg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=760&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=213775&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.16d~videopreviewstarted.16f
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=6~l8qpa7vj&c=2199189116031204&e=31068500%2C31070024%2C31061691%2C31061693&ctx=1&met.3=947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r5~598.2r5~54.2r5~598.2r5~54.2r5~598.2r5~581.2r5~947.2r5~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r6~573.2r6~598.2r6~54.2r6~598.2r6~54.2r6~598.2r6~581.2r6~947.2r7~573.2r7~598.2r7~54.2r7~598.2r7~54.2r7~598.2r7~581.2r7~947.2r7~573.2r7~598.2r7~54.2r7~598.2r7~54.2r7~598.2r7~581.2r7~947.2r7~573.2r7~598.2r7~54.2r7~598.2r7~54.2r7~598.2r7~581.2r7~708.2r4_3~647.2r7~965.2r7~863.2vc~863.2vc~416.2vc~680.2vc~824.2vc~824.2vc~680.2vc~863.2ve~863.2ve~680.2ve~824.2ve~824.2ve~680.2ve~863.2ve~863.2ve~413.2ve~680.2ve~824.2ve~824.2ve~680.2ve~863.2w5~863.2w5~680.2w5~680.2w5~863.330~863.331~680.331~824.331~824.331~680.331~415.33x~844.33x~844.33x~783.34c~415.3gk~844.3gk~844.3gk~783.3hg&met.7=CA8QDRgBIJMYKJMYMLIbOJ8DaJQYcLEbeIzQAYAB4M0BiAGBvgawAQG4AQPAAb_emusG~CBsQDSCkGzhGwAHjqP_QBA~CCcQDRgBILEbKLEbMPwbOEtAshtIsxtQsxtY2htgwRto2htw-Rt42VmAAa1XiAGJc7ABAbgBA8AB8_LLrgs~CBwQBhgBILsbKLsbMJIcOFhQuxtY4Btgyhto4Rtwkhx4rAKwAQG4AQPAAZSE4rUO~CBsQARgBINgbKNgbMK8cOFfAAaSg_KUH~CBsQARgBIOAbKOAbMK8cOFDAAaSg_KUH~CBsQARgBINAbKNAbMLIcOGLAAaSg_KUH~CBsQARgBIPEbKPEbMLQcOEPAAaSg_KUH~CBsQBRgBIOgbKOgbMMMcOFtQ6RtYoxxg6RtopBxwwRx40BqAAaQYiAHOL7ABAbgBA8ABupWfiwM~CBsQBRgBIOwbKOwbMMQcOFhopBxwwxx40BqAAaQYiAHOL7ABAbgBA8ABupWfiwM~CCcQChgBIP0bKP0bMNocOFzAAeLBm9oF~CCcQBRgBIN4cKN4cMP8cOCHAAZmVn6AL~CBsQBRgBIN4cKN4cMJgdODrAAc_G2uIB~CBsQBSC0GzitAsAB8MWz5Qg~~CBsQBSC1GzjzBMABgYCLwQQ~CBsQDSD6Hzg7wAGL5LeiAQ~CBsQBSC0GziGBcAB5IuShQw~CBsQDSD7Hzh1wAGYu4__DA~CBsQDSD9Hzh9wAHAq5a_Ag~CBsQDSD9HziXAcAB5onp3wg~CBwQBhgBILwiKLwiMPEiODbAAaHZ1rIJ&met.10=1_6.IPgbEAAIABiAmHUoAA&met.9=6_3.33x~6_2.3gk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:81e::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://techno.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 555E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 00:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 00:33:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 555E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 01:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Oct 2022 01:44:21 GMT
l
www.google.com/ads/measurement/ Frame 555E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK_UVOKOEfxMp-Xw9l6AMWHvVmO_JPmohSww491rrl9fwHHN4x99aHzxJVEa4oe2zvAdM2tttGXB0g4TI0KUlrE35uPA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 555E 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44530
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664365478704152"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 02:04:53 GMT
15130602119975626102
tpc.googlesyndication.com/simgad/ Frame 555E 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15130602119975626102
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6289717ea3d36cb674927cc21585343fad22dfcde0b94b06c80ebe42ad26819a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 11:50:52 GMT
x-content-type-options
nosniff
age
224041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58351
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 09:15:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Sep 2023 11:50:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 555E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqXq4_Ty9TSZPdsAnRv7xJa8W1kBpEYTkSGDg4bzOurhCwtialdnRPlgGdVIisQEl0mwdR88i9QeJet3T2mP84RYGKehu2rub2yus5NhZAQYVy2p_6e8OkThsU30wpqceUkoCprN2at-smRfAmEWwgBS0nvU3yQ3VAaPm4GE_LTPBtyqEloY7YFvp_EJx6EMT_DA77GArhFJv5pqhGT6Aqw7XumaCZc_0qgKfGv8VZPw3olz8cpLpAGXMZbCOwvqB7OBEvLwV7vBbWlZQSvja1p4qYLDauuyX4Vvge8ZbN8BS0FNhzmoSykYMry-OlGv-XEIbpyWPJUGzUIRIrLXtE&sai=AMfl-YT7YG5nlA1BaVojpAKDwEArFvR81TWpppMzfrXk9cJyyr-ZoA-Gdi-scJMZD8PVakWJ1AuuxXE-1856jALczoLDU4l_Tb7zWIktveKA&sig=Cg0ArKJSzENmM2nK92LXEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: techno.okezone.com
URL: https://techno.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 555E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16d21b927eec3d7cd3a66944f1de7e3134d7840677c5a0e577bab5e6e84c18be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 555E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvysY_1tz7-ZVyvhhEmDmIKVNl54W2vUo4hWwdMDoO87Uq3I3LS6NXNcf09pX2oo3J2JUMnHgH3hu7pQGpC1hw6wkAGk1XIli567QkwF__uCXiysu4St8RLIoJisFFyf7RPWMXE8bcLoUE71xnojRjN7SwElsFiNGvM8hpEQoTo-e_9fDCwObVPUDOj6M1zPHD_42hw3ofjMfkwqL5TCf7ChRZA0OtOZ24dg0NviizJ9HjszaxARC1agRStpFsQwZrNU1L84Jrr0UoI428Jf7Dwnia1YEMwkr6PIJIdCrfPgj1wwyfhrkyIAZAtKs5QUGmJeroaXXJNeAVHR1-7iKGpoks&sai=AMfl-YTkb7S0psu3ifDMyb9OQz99yvo1UJ-zmsaXpNuaw_34W2-EPndBXriEFxW0XmP7kiZPERXlLoc1mgIpweuXW247bU05wGpfki28gcFz&sig=Cg0ArKJSzN-fCTJvpqQhEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 02 Oct 2022 02:04:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxKwlRyv8FZUVZtaOuduvUB8HWg9I9kXuuVoy3H2fjUXT43EBDGx9IHMVk-POT2GobDcRHLAbc0fHcZi5xaMIXKxg&sig=Cg0ArKJSzFcjtrtQwZ7lEAE&id=lidar2&mcvt=1000&p=208,315,458,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1257959940&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664676292437&rpt=429&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B273 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcb529b993cc3039dea8a295696b46fea9ff2ac462c7fe2abe0c32d187ec484a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11273
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B273 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092801.js?cb=31070024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 02:04:54 GMT
all
csm.eu.criteo.net/ Frame 38CC 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JVfzyQoE9uafnH7Xcr6NQ3lPrql93TvxD0NLxXLpnLeBjKoDsW-fTZCCaMUqzMd4OaMKlHdbuSff1qm97xsuX20sjfesXwfe69EN9Q1yHPUgdgx6aS2C3jb0ei7EQZ3oseRqdj9on4bCougnS0lm08luIZeviUfjEovS4fYECJoXJIa4ZyjX7btv3DEU3sMq-cVe06I8K1ECESdGPX9h4jjY38X189-NA4KQ2B0CnUcdbQJtXyMgZWiCdiE&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzjxxAAAlmsK5UzjAAge6zFXlYZPSY1DSk7WTw&u=%7Cz3mf%2Byl9QXbIQ44kffc5tdZ%2B8NVtQqMRNeeMaFvWBpc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9W6cETCe0OAwT1wOv8suBcvsj9ZOL9dt8SKJVdH6qI19Ct3au54pQmgpn-pFxrqABaKSJIriILqr1Pi-2oYE9gp8YTCz9O90HLKUzW9CT0MjS30HAv4dQxRxMYw-P1AY9jLPZA3ixVliqdO3HZYtKdYe3xQq527N9mOjn9XeFZJOVgPMjQgh2O6EE3sHPjj-OXwfVYzctjuqKAyRXSXENssYHTDmEnd9c3c9O8bV0ruyv8oPxMfPpDjBghoTSaqJ_7mNEjEmN6h-L3LZhW6DIsNZIJPCTV6CHlCzOyP5MS2TB6DuPzMU989nlnJCAIkc7FbP6lIzHV97O1sf7t4r9ZyC96JhPVwlC3MkHHthcDSF2tCAXZ3gRtUC5-GUMuH4avtDhV6_rqMxRf7-5Jejk2Gv--zhRaQm_c8JxarB_8AjEOmvsJrp-zfwiJeP5v2Y9GxcpIOCE2LDTkTuYEBfXSc6ZBZgVdpJLugUJfUDG5OX3hCfP0OWZfzHoaJjVgkLq2IrT-SI6FMWWtG0uOdPPNdIJR3wR6d5F6KekClpp8bRvyQJ_K8w3Upyb_iqSwwsYhoHKeAMZpOkY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClf_8xPE4Y-usAuOZlQfrvaCwB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OKAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgSAAk_Q791z6-flw6kdDBqjaWwptN4mLcvuoaqh6Z7PPe1NzkV8jSbdKu_Ntkxo1S9e8_POzYQ_gK0rlyhSdxMUNrpiKHNTLhLZ6cyXKyBkoEukQew2KfNZuqf7a2-G6aG-w66pmaMRHDZBDxH2qVao4aUbFKG9dgT9r3XMQX8I5cEjpGvNFm3T-pw7qwXhFib5oZJ_cB-dcm3H0HF6YNZDzekHkjnDJ43r6kY7z6fpIr1MDtVfgiWYb_aj4mA3iiRuNJrJg_eeXCI-D9bZcNVnau7StRC8IPWuns_O2ssFUXky57XfHyjPZRe57FmWN79PFO8pYn0Edax87n50OoRIzo7gBAGABsmmw4_Eh4z58wGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgHAQATID64IBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2IXV8en_Eqp3VcCwjmNmvK8dOQ7Q%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Oct 2022 02:04:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC89 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
216768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Sep 2022 13:52:06 GMT
expires
Fri, 29 Sep 2023 13:52:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D61 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d8f2f2d5069e48115ace14afe32aee42bc6cf20e7745d0af6775db4b15010b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2QBEZe8t3xOqufg6s_NioA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-2QBEZe8t3xOqufg6s_NioA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 02 Oct 2022 02:04:54 GMT
expires
Sun, 02 Oct 2022 02:04:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092801&jk=585631665307225&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
pagead2.googlesyndication.com/bg/ Frame BC89 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 11:47:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16034
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Sep 2023 11:47:31 GMT
wl
t.pubmatic.com/ 		17 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=159495
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/2450/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://techno.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:54 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://techno.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
generate_204
tpc.googlesyndication.com/ Frame BC89 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9Md3Wg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B273 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092801&jk=585631665307225&bg=!yMuly4_NAAYQgTJdMIE7ACkAdvg8Wjr3_MWMrSHPKUkh3iDXQbcZdSN7k5BGRC-hxsDSLbKkzP2aIQIAAABWUgAAAAJoAQcKAA0w6n_p0mtI187ZHc66mQLGo_pkBPljg1pJ4NVPebDlxzJWrbtNFCklXKEccJASSwkesPEOMswjEN9v6ZqrG6tCL272hK8M7siXBtF9Wj6qox-9Jnr3jTwWMr_7F6IelpAIG3bo2Ukckk4BodwDY-sZPyukcsyWz8U0FA6j0WkQTOZuiPclMf4c4NvbiwuzL4n4_d9501b5cJMKcT0mK90cCPqCPJ4w-OPtheNzkHFbJ3zLpMWnMIr4phtQjY1VwMwiKMMhZxTHUZNy9HWpI8GoXGeSt-snqUHNATZstbzyGleSbMJEQimjsjzWVkoScgwJutwq-HYC_yr_WJhPcTvBHnmFmw2OLeYoNhDCK5VKTv0C7jLI51JpLTwJHCbBrz-MvgGoiFeesPXa6Vmzn1oVjRzyF-ilR8IiVIHwBHD6F4ogucra8SUZzDfMV2K-svRncJIkPYn5b1xX1ca-bLb049XwjxxsP76DIoMwL4_ISftSLTc9fmbxcTxJF6wKHoERL33sWmS7k1V2Qbs3iGqiPOYoTGDsN4KO7UN-eUjfroXafBP8ivU8OkEMoph6S6xfP4q8b7Td4DVIOxSTSHDLrj0I8fm9mWUcHg4P9T4TJtkbqeMZ-iUU72wHKVKy4EQIKR7DpscrDxEeFwCkN042RyjCOwtQNATJ2FZWX1tYkZDcuBzxn6_HyJ-R0foyKAXFLrWncgOFT9PrvgBP1BBW-eW7zDn8fqQpCXkab_x-FXudbOkM83BJNZaolmhG00omKTKvh-AaxfOmMioJ2dhuI4BX4MwTMaSMcmQuuE6vHWaOqo6q-CTE0w8NctZQZu1g4PxgycXMgjMKz25ttkXyIOaS45Vzlox4CNMRTwdDz3hOPEsxS4eSCJH_TvDVzoQS6i5p2sKeZAa2cwfkWvphMOzISguElQLkqC_i4XxlC-Cw63NpVWhbW-jSJipZunCBMf8Cv4Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers
dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD...
ade.googlesyndication.com/ddm/activity/ Frame 20DD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx;eps=CIjhgHAQARgdMgPrggE6AoBA;met=1;acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2177%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15018%26vmtime%3D2184%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2177%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664676293478;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 20DD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0SqMH4tYzPeKL72lmsvpBxB_HPypDhxeG2Ac17aS-VUnnJ77iIMbCVOwwh9p_l18_5gfytxZ-3So8Fg6JTc83A_ET6NqX2kRVXK3MTJ3g0w08wZYr3jNaknCN7w&sai=AMfl-YShQUoKVVkfa6h3kMD3Bl5Z9tAAwHARSkCV-UgrOkOOplhONEXM9tYpipE3DlVtU7f4TWyv-qSnJ9_mLBBwwxWKpLxl947sVazK7cWznU9Md0wawUKzNXCDL01lqJhaICQ&sig=Cg0ArKJSzPU8WdyqYy0OEAE&cid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx&id=lidarv&acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2177%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15018%26vmtime%3D2184%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2177%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664676293478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD...
ade.googlesyndication.com/ddm/activity/ Frame 20DD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIov_uuLrA-gIV1uvVCh0wJAHZEAAYACDZqrRVOhoIgJyQvwIQz43Wg44EGN2ypeEDIIi0jN7kEEITCOyetri6wPoCFeNM5Qod6x4Idg;dc_rmcid=CAASUORoobh__AvpIyovTFWiQwxl7X_DYOebqfTw_chKQ28T4sBHlTJyQ_bMUO5dq2smI6hP0tD0DQE-y3FkEqwWMksenJHuviMDt6IiuCXOH6Tx;eps=CIjhgHAQARgdMgPrggE6AoBA;met=1;acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3751,0,0,0,0%26mtos%3D3751,3751,3751,3751,3751%26amtos%3D0,0,0,0,0%26mcvt%3D3751%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3914%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D201%26dur%3D15018%26vmtime%3D3924%26dtos%3D1737%26dtoss%3D2%26dvs%3D1737%26dfvs%3D1737%26dvpt%3D1737%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3751,3751,3751,3751,3751%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3751;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664676293478;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 20DD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdWBfxPE4Y-ysAuOZlQfrvaCwB7SmtN1siLSM3uQQr9uivcABEAEgsfikJWCV4pCCoAfIAQWpAhaE2m-4cbA-qAMByAObBKoE9gFP0MbTon62DEur0sKWkKf_5lm6LXdTjom00EvnbrvrjfKifSldWy4Bdo4bkMJ57ijwweR5EfJtxGIpFO7hhYc2uUlDzP6K5ZjiIggIud6C3yEhxIhk0VrfldkwBcR9SL0lnsm6rfLmNARS2l2YhtYa012sCYpa8abTim0ZPyEyhjtTliePgrAj8iMjxcRRMCVYKozHdnh5vqSEt_PuWO0Kx4y2kZkr0Nv3RQlfWD8MQNCMT_kU7asG8a1OM9QzPRhDdjc5pMVOWjVQL0za3brU8KGgw3SPYyvoLFhisbnUjrEZvujJr3VGBQ8xjryVVPtU89hUiXrABM-N1oOOBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAgAoDyAsB4AsBgAwBsBOqjt8QyBPdsqXhA9ATANgTCogUAtgUAdAVAfgWAYAXAQ&sigh=96Jp1MyBU2I&label=videoplaytime25&ad_mt=3924&acvw=sv%3D936%26v%3D20220928%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D3751,0,0,0,0%26mtos%3D3751,3751,3751,3751,3751%26amtos%3D0,0,0,0,0%26mcvt%3D3751%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3914%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D201%26dur%3D15018%26vmtime%3D3924%26dtos%3D1737%26dtoss%3D2%26dvs%3D1737%26dfvs%3D1737%26dvpt%3D1737%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3751,3751,3751,3751,3751%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D495870439%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3751&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1664676293478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 02:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ Frame CA9C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/hiburan/3001791/najwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah?1664676291698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 05:28:17 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
74230
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
GAfu1cmlmjZD_U0HSmA3C24xzKG526iak8_RgICXSs9dS7lrF1d5Ew==
b
sb.scorecardresearch.com/ Frame CA9C 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1664676298048&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.rctiplus.com%2Fhiburan%2F3001791%2Fnajwa-shihab-laporkan-ancaman-diam-atau-mati-ke-polisi-nikita-mirzani-laporan-sampah%3F1664676291698&c8=RCTI%2B&c9=https%3A%2F%2Ftechno.okezone.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 02:04:58 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-ewAwDokr7XiBbUCefArVxDXNkZtiDTlDebwt_OXIbYAyNjSiUtPNg==
x-cache
Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account.mncdigital.id
URL
https://account.mncdigital.id/public/js/mncdig.min.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
static.rctiplus.id
URL
https://static.rctiplus.id/fta_rcti/logo/placeholder.jpeg

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| mode object| googletag function| getBrowser string| getUserAgent string| aggr object| dataLayer object| _comscore function| OneSignal object| PWT boolean| gptRan function| loadGPT function| admiral object| SETTINGS object| pnAdvancerLeft object| pnAdvancerRight object| pnIndicator object| pnProductNav object| pnProductNavContents number| last_known_scroll_position boolean| ticking function| doSomething function| moveIndicator function| determineOverflow number| skin_img1 number| skin_img2 object| swiper function| sideVideoWidget function| fSkinAds object| swiperPilpres function| $ function| jQuery boolean| mCustomScrollbar function| Dropkick object| dragscroll function| Swiper number| access object| COMSCORE function| udm_ object| ns_p object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key number| __oneSignalSdkLoadCount function| __jp0 function| 4dm1r11545242527 function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue object| carousel object| btns function| beritaAnda function| leftsidebar_error function| rightsidebar_error boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_rum_config number| google_srt object| _google_rum_ns_ number| random_angka function| oncopy number| SudahDiLoad function| DataLayerTracking object| __afflib object| G_options object| affpbjs object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| _aff_pob object| affpbjsChunk string| nobidVersion object| nobid number| navItemWidth undefined| google_rum_values object| google_image_requests undefined| google_timing_params object| GoogleGcLKhOms object| msgData

25 Cookies

Domain/Path Name / Value
.okezone.com/ Name: home-techno
Value: home-techno
techno.okezone.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.okezone.com/ Name: pbjs-pubCommonId
Value: 1ecf748e-b2eb-4c89-8a4d-212a52cc2cde
.okezone.com/ Name: _ga_MZ0Q248WBF
Value: GS1.1.1664676291.1.0.1664676291.0.0.0
.okezone.com/ Name: _ga
Value: GA1.2.1345555137.1664676291
.okezone.com/ Name: _gid
Value: GA1.2.445768872.1664676291
.okezone.com/ Name: _gat_UA-82922228-1
Value: 1
.okezone.com/ Name: _gat_UA-153789817-1
Value: 1
techno.okezone.com/ Name: pbjs_debug
Value: 0
techno.okezone.com/ Name: cto_bidid
Value: r0ExDV9QJTJGcyUyQnUlMkY0U1BtempKeFd1WUloNkV1eU9WQlZHUlZHJTJGMGJmdWxwRHlIbXB1S0ROcUhIUUdqMVFLRWk0MFJQaVJidG9QZXRVOURMaUxzTSUyQlF0T2F0S2clM0QlM0Q
techno.okezone.com/ Name: cto_bundle
Value: 3yxkB19ha0RnR1JXR05ZbllyNDZFTU52JTJCVmJ6aXNpc1NHTHdzamNXd3ZBRlVWT1lRbVJuR3Z1Z0NDM1VlT3p3Z2VIZU9tblJONFA3czNpOE00MVpsMkYlMkZmaXIlMkZReGo2MjIyakVXd3ZWYVpnVlFZb3lCQ1pKQmhKZGpPQkZlY1MlMkZ1eTZ5
.techno.okezone.com/ Name: _awl
Value: 3.1664676291.0.5-edf47a372cf0527410e75faca80e5a44-6763652d6575726f70652d7765737431-0
.okezone.com/ Name: ci_session
Value: 51fqtsefk8uf8da817evafqruh6p40jh
.okezone.com/ Name: __gads
Value: ID=c94c13bdcde61a9c-22f5b12d38ce0060:T=1664676291:S=ALNI_MZem4iMV9jEuqaVKXNngrYxW4fhJA
.doubleclick.net/ Name: IDE
Value: AHWqTUmNM8X2Rep8kfWTYfA124lAK0FuyLC1e2dQjg7OF0D6XuDmgTdKV8xI_aiCCXs
techno.okezone.com/ Name: _lr_retry_request
Value: true
techno.okezone.com/ Name: _lr_env_src_ats
Value: false
techno.okezone.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-10-02T02%3A04%3A53.018381843Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
techno.okezone.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-02T02%3A04%3A53%22%7D
.okezone.com/ Name: panoramaId_expiry
Value: 1664762693087
.visionplus.id/ Name: _ga
Value: GA1.2.316325966.1664676293
.visionplus.id/ Name: _gid
Value: GA1.2.341505747.1664676293
.visionplus.id/ Name: _gat_gtag_UA_111351533_7
Value: 1
.visionplus.id/ Name: _gat_gtag_UA_154114411_1
Value: 1
.visionplus.id/ Name: _gat_UA-111351533-7
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://account.mncdigital.id/public/js/mncdig.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript error URL: https://techno.okezone.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://techno.okezone.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e973676c3a827365a313d1e79178e84.safeframe.googlesyndication.com
8d309789221c1132dd18eca33a20475e.safeframe.googlesyndication.com
account.mncdigital.id
ade.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.rctiplus.com
api.rlcdn.com
bid.g.doubleclick.net
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cdn.okezone.com
cdn.onesignal.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cluster-images.visionplus.id
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbs.ph.affinity.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
img.celebrities.id
img.idxchannel.com
img.inews.co.id
img.okezone.com
img.onesignal.com
img.sportstars.id
match.adsrvr.org
mug.criteo.com
onesignal.com
pagead2.googlesyndication.com
pict.sindonews.net
pix.eu.criteo.net
r4---sn-4g5edn6k.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.nl.eu.criteo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sindikasi.okezone.com
stakingsmile.com
static.adsafeprotected.com
static.criteo.net
static.mncnow.id
static.rctiplus.id
statics.indozone.news
stats.g.doubleclick.net
t.pubmatic.com
techno.okezone.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.mnctrijaya.com
www.rctiplus.com
www.visionplus.id
account.mncdigital.id
api.rlcdn.com
static.rctiplus.id
13.32.121.72
141.95.33.111
142.250.184.194
142.251.39.2
15.197.193.217
163.181.57.232
178.250.0.139
178.250.0.160
178.250.2.146
178.250.2.150
185.64.189.226
185.64.190.77
185.64.190.78
2001:4860:4802:34::36
202.147.193.157
216.139.248.131
23.35.236.201
2600:1901:0:802f::1
2600:9000:2050:3200:1f:4c6b:cc00:93a1
2600:9000:206e:1600:e:c3de:61c0:93a1
2600:9000:20d7:ce00:9:b40:d800:93a1
2600:9000:2127:3600:8:48e:53c0:93a1
2600:9000:2127:9a00:11:320f:7780:93a1
2600:9000:2127:a000:9:965a:8240:93a1
2600:9000:2127:cc00:c:5e3e:d280:93a1
2600:9000:2127:f200:15:c3e:78c0:93a1
2600:9000:2251:ec00:1f:824e:58c0:93a1
2606:4700:3031::6815:3e1a
2606:4700::6810:5614
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6812:1c64
2606:4700::6812:a80
2606:4700::6812:e234
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:d::9
2a00:1450:4009:81e::2003
2a00:1450:400d:805::200e
2a00:1450:400d:806::2002
2a00:1450:400d:806::200a
2a00:1450:400d:807::2001
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a06:98c1:3121::c
3.12.50.160
54.194.94.16
64.185.181.185
65.9.95.17
65.9.95.91
74.125.140.156
79.133.177.225
79.133.177.228
002dc3cce74f753869c357fb411cd7df90d6bb0c96dc7cc569875947161bede9
006827bb6794d8489514940a6d5cf79abe396de269c7078c367320f593576eb9
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
03d8d64eb3f875a18128b7dfab5392ed3fb8a1c59de4d0ffa1950d625c4591a8
04c54662d2768c19955ce3f2bb29e6768abb8b75567901edab3f4be03cefc14e
05684cf92cad6ae0e8e53e2de7ef08e0f6bfe8ef337779f99f9af4d0215a1041
0623c22d7c4c71a3f6a7829e7936d3970d1bc62ed20b0dd35cd7a048c1029a23
062bcb5750f6aba970901ed22770f2e1dc578aacf44ffa177eaa1358a905ba6e
06e0840356c4d63f37b7ef9760c3402b98216a420c434fa62717af36b8120158
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a577305667e4f77941988707fb29528c3f5a616f264e83d0ae3064c411a635f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e68e901e6549b749cb4706f952dc5fe0c3d3b0c72e6f2fdf424a643b59e45d4
12f7ca6063a379163fe20065ca2685f3d54b88b2255cb3e9adae96f5c5d8f1db
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
16d21b927eec3d7cd3a66944f1de7e3134d7840677c5a0e577bab5e6e84c18be
190e4b7ffae4aab1377589a8d8094364013943831b0e0e390179470f5c5bcfb3
1aabafc656a2f1779f50ca7a7184a5e1ef56999739f7cdb4b542a4a88a1d3a2c
1b9749772d87658c9048eae084f6f15def1c07348b5abd21f4c7416a3c0802bd
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f
1c40205243a2a0f4d13bd1f9c539cfceeb687e751bda06f2a66b38750582c2b6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1edf873a034262f7311b520b3bbda1029de9f742f3fc629bff1feb6f5fdf55db
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
23818ee2bc8813924d58bddfff423dc1d589e9baf35be3145a3f6fff99a8d11e
23a36e310ba7f21c8876b6a95a0bf59c468eb590b397243aa1dc18d60340cc51
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e
260d8ca4f08d513755b6797e2802c0d3d5479b63660bd5af60d52d9fb17ff4bf
271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627
2905f6466b563cfab96451f14df6a914a6c09c2bdf1dc21914025c0017e24610
296e4fa6895898a2b00b59108fda4d3aa48f156ea7ee4627012b8580969af3ce
2c4c8a333ecdc81159e60a056f7e6a6d9fe8d62b765d49e8fc63e37801778224
2f709d1d7a86a4af9710693be8cb204bb95954c674ed340703507ae0ea8b56b3
32b7afae904111614af9002270ba549d9d316e0355439981a120f05e3b0fa4a4
346ecfe514802dbf36cdfd40881e981cb36553b0f274e4f6426a126e1f68ad7f
35b3b5f58b41a383ec0eac8b56c54f8a24eafc3b26524e3e73ce2fc67cefa514
35dfd5382bd5380839150df0275f1b75700761f9cf48beca6310a6f57b2ac54b
384f401eae78d8e86016a92b7ff5b6fea566b08ea90acafcef3b80f001a4b5bf
39dfe16f2f0c8b4d4163463c3f555a93f5932d173a407e543d1e8aa2d08d49b7
3a16acd984b671fef725ea202e1290e43c9eb1728d92e8a1343b3f1381a5e90f
3bca3139bc826b63a52c2f28b1650324d5ec1d09b38e90570c74f94ae87de9a5
3c372826ea54db1d180547aadb7513356040610bf265ef7b369b20e7f2e3558d
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3cf071ea3a0a29d5437d49a30f784dbf27e88439918e13bb64aebdef4a79a4f7
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1
3e43a40e31f25bb48e7e0c86bbd428c530bcdb944cd991cfa4b29b0ecf19d12f
4043207c027bee663fb754e88de36fdcc9888b47cc40bc8d51878afe860e3f23
4239764faa9c042248f880aed04740a62b9e5fcdbb7254070b1dce3766849d45
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609
45eb7187396a9c44dbd8e03e572f10c8c32f9407068e9d1c622e63022925a40b
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
47f1e5908be88e33fff7ed5e8684786b914edfe5c39d324c4a78d535e78436e5
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b371923804cb98c5b848471f8b716055d223cd8c331bc2bd21ce87a1767dfa9
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
4c02a6b037e6a848cb04cf9278a10d8b51a8e1eed7b101bc67d469205435b031
4cb07b032bb28f38c249f585a30b9935fb4db7103171021fb976356dc59e2741
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
533fee721f0db54d48861c00cc0d3acd0461490324cd810613760cc7d49d93cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5659ca98ce8e979a74c3e8a6e7f8d70a6a172cb3dce5e08288b6db9919421f9b
5724eeff2899ff2de7e66c8f60a0143da7feab3fdac793b9b15e7473745f45b0
59d0448c99f92ed37f9533a859e5a3c4147b0709cffcd16b470f6f4a9ad420d4
5a200bbdc989094633d845ccce7cd3103136610973ea12cec1e5ccba665018a4
5b36e8cd3e78df87297869d8eba190459f3e4aadc20d8d68042c51b594dfe7a4
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6289717ea3d36cb674927cc21585343fad22dfcde0b94b06c80ebe42ad26819a
633065559d5e0556e61e092d53e39bffac867f7ea0b728cafd0d7a7313e5c3a5
66669a175c1a9f1c8424abeaa084e340b621abb65c375e117b21a164e76d9acc
6708983b7a3c99cc7cfe90f4ae68bd42d7cbc9566ae3c9a2e79b7539d1638bb9
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
696054c034565f11d975d1bc7b5ea85f12b1cb419698cfcce55a6d43690d086e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc6f3891237e93ef797325783a68771dc40f036d9fad0d865c45984771986ea
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe
6d8f2f2d5069e48115ace14afe32aee42bc6cf20e7745d0af6775db4b15010b8
6e1c92aa22ec38716d7b92171ab1e79ead281b8e0ca603147fa691a35dff8412
6e7d7dbb3c9ccc637deec1fb720f631d35a779c885b948e8b587f5ec1be8fe25
708f68c9b96a645d48fb213953a4cfd2dede52790b4a9e545d113f58720539c9
71cedce3e82185a1b5ffe23f4b4b2ae2f32b26c7616719ab631731d520881b8a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72d19c42ddd90e4aa3a0b26a601c80b9e0ac10f69b4dd25947502644ef82b475
7368b808366157c04aa433a1e913bcf2e07584dbf09a3578b3278b24afcbc197
74170063b14d881042515e86b3c4008753d36009a02986c35e624b32e2935560
74e98b74615da62276a4eab5d14fffb18d6203c5856ca228fd9ac64f74241df7
74fc0330e26b7589184498281eefeae04099de5a887a0614d4e39aeb3a5c7498
80d9eee404d64277aedda2b2f4e24e6b45e49cd1fc84d5d0750d20135dee4241
8211e92b6b2d27920459a75831cf43e8d25a60d09b1ce829759f3c0823568e3d
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856107a8c3e24e8e9d7c2caa8a334ea8f64076ae445f20e1c29082c78851b0ab
85bf37cfa1e9edb285b6e25c897634b1f6de256dfe144c8ce3b47c8678a8acf3
8612cda75121d16330a454458c073c53e3699308f447b08f61933ef607d63046
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
86c4b6c92752f01e526244a3b1f0faa63efe5d1cfceaec8b73025ff297732459
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a5d0db5f595c7e4832bcf3089a065fcb90c9cd0523f81ec3dd9e1e6e2743c0d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90debbeb6cf0856b1e94d3621a7ac167ed89de6e408ca4d8ff9a68d6a0cf6c8c
90e10187b2e029da923d25cde8486076f53adf5dc18019b1a5807496ed233307
92299e36e723f40784498bd4546d83cd4777a2dff60ee0b8bfbc8c8d03e7e7b3
925484a7a64b0dbeeeb8bc856c5f4f29feae9fbe37a5720fb443042155c81f4c
9806a50adbea7c0a2082e6c9441932deb14b9773ef3edbe2844bfc2c22c5b656
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6
9a670a99ce14a11d11848d562b2d382cf13d130f77ac14e926d739667ad752aa
9ad6b5162e9594647cc1e071b20155e0c0e38b41cea70f631f09d1790796e960
9d9bdc694d92905e102d79cb5b837c0b940f383fca6e436de56a90d20b9567b5
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ef45f12c8c70e0efce63fc8c0d0f0ea366521da05593a6445b82a9b1e7ae917
a066558aecfa64d506dfdce39305e5d5acb00fcc9733fb45f15ed7a80d3685e9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a37052c38c21c32f2d420671f1c13a1c8d4273d1b82f005022c7418bab58169e
a3c199d9806c265577f45e9bf26f2eed5c50d383801e578be49d9037fe20769d
a3d0fabedbb1a297fa42e5ef2a6e9bb77faba22076ba496daa6dc41119b75c31
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a6f9ed9fafb28e7cd47b00e4a6bcff257d01ea603b4ce3b00dd78529effb5d30
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa0a295660f159606aaf184459c2efdce0b9674411905b0884707cce4ce23234
aaf058010d5b143d47c10d74d52530dc0d8e3418fc9bef67d8191bbb28a2c459
ab0acdf8db9ad7a0fe0fb3597d448d94c8db28cea09f19667e8a70cdd85854d7
ad2722b3b38a720fd300ee4ea4d72936749f7b6f1ae29317e083f5aa738f30b3
ae388e90d1d107bada200f4a5aed66e979bc034fa6ebe7c45aa3fbecdcde0e09
b0042bde63d86338d48ab6ddeed2abae3a51d24be9734b5e292c08adfc695b7d
b0dc90afe31208b1a7dbf1b54f6db85a7d7a1b6b68b5cf1b9bad6e7429f0f719
b13d659bcfe51fb1385d2e72f25b007a26d42a6899c4fc342bbb59a83180428f
b47ec721017e692a55cea350222c082fe654f140a289ba22b932806350ad4346
b809fe4b5e9f6e6550a9e68813000fc33e78175696588a1f712c5bf0081254a0
b890961787caff4d51d234dfa6e577e54288ab9d94bff2e39f3305ffc44e7a3d
bc2c48cbaf4f8387f3353865d624c68470d1ec9513bb04153118a4937d3da640
bcb529b993cc3039dea8a295696b46fea9ff2ac462c7fe2abe0c32d187ec484a
bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf8e07403675e702d9fed6b5bb43783814e6d00d21b55648f382eed3d4385cdd
bfc4a082238c7c4304d0a8fcf6038061ac3bb3ac9defceddb43048c1ad7e8a8e
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da
c04cf6db1a239aaef15506fbf376288956662389c50544c6328e1c300383951a
c09d1131e248bddfe45698bae72ed42b885541830eea3ef8590c46dd0f8f93b1
c1b326c158f077d8cfb44bcbb1ba51937a87f1dacdb4ee9c9202bd373711f1cd
c21423e8304f6f42925063298ed5820f5b1b8089657d26db30639ea33322236c
c24e4740b2cc29150edf021099198d5a48ed854bd8d39c743e999c19837f0441
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
c3b074bef3a038bdfd16ae677e47fea8a1b26d9ec944b79577189e2da27d9f0a
c4ef516940e255d2e5fe514d1b52139dab7701f05f0098f2efa2fee2b4edc5be
c562ac1e333810fb5f9ae057ae04a344a93223e5a48e8a1d1a3b2ec45230eebf
c5ac0240429fc5f6051e7901c8e752fc7d8980df6a75093cf460274e6a83d859
c84ca414df4609acfd4197f3f1ac70dd833cac6929725ec813c0f227b495d049
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2
c94dd39217e522af7ce28abc0191e6468c6dc53f47f8d2f87a30f3d9289b4ecc
c9f90c53d41847f2a843e30f3d8dc0286f33369ee3f466c3405e0b3a9ae1c370
cab14cef86a882c678fb751a090e2c6d5e1a6aa0b755eac778d484cd9844e03e
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca
ce27a4b27dcd244e6e70e4b8b9ad304f65f35a7731759cccf6dba55602bb1a66
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0f0f3ab18d074dc103f09bc1913a7d5526c1697e607b4e980bcd9a05ddd6a89
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1b2984c31be1e7fbccfd27589fc9deac6bc2c355ecccea1b8d62eb58211e5cb
d73436973f27a6dcabafddcfac701b2344365280b98232296fc1cbce26ea5332
d74aacbaed4132cc593f2f2ab77bfc980733ad393dee2a722757d29d0eec941f
d87943edd61495f679b4605b4bb2b6cc691e578c9deba7c46cc774eda2ef392c
d92f2d3f9c6dbf5571b787b387034f121fa55b4b22c66ae057531b4a038b20de
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dae7da24ffae5fd2ce031dc554d6e0524da0dcc79671204aa182da42f75d4d18
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
de2fb3d2acf464261b4f8c94155b6125b0820968a24bdc9bc7e89242ccbd8736
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2aabe43d885a6052148686b4a661cdc9e394c5df79f31e6baef859d28899a54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e451a1926b593707c02f20cdab44b1dfed8aef043eb8d425c92402acadaf7f80
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d
e6dc9de720a8181f217353a353de17409e84800a4b7b347a2c3ea46772ee3b46
e6e060a13d9a377711c95928456e46b463c33eedef20f6a3c2a5ed49b7c5618e
eb6339b11a80125a80122ad47d2140c8ac315930c108ff68b652d4c08e1d1a45
eb8523ea2f8ba5ea7d1c4f41724f3ffea68e2b8acc2fb6125640d181759391d6
ecca83e1c4d9a1de89b4afec8843dce564b8c3f5061aefb451818a3318e5b9ed
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a
f0e55db35d3396494019102a8d1413a0740e848e07070cd213a6930aae984449
f4a72062105c4b544657cb45a2adf0ee475eb65ecd42b3c6c8363a93dc18e291
f4d515b80fb861d96a93a344f34de3bebf374afbb416e83b652d609306c79d3f
f5a810ce4656cf44e3014891569021111e7469440c181b48557880373bab538d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f786379a23ccc3bd7bd84111b2b2237a7e759ad40fb0628214b292119bac4779
f7cec4cd8f2b83766b6c8c4bd514186c5e23e96e6d327546ff7ac2c80bfc02c2
f8f1029da7637f8cab3bd6ba0bf031ca086f8905d1b725e0196cf2f28ff9318a
fb05d9cc7f71e8347ba9574fe17ca9b32ebe36070ad9d333e062527b1ecdf70e
fba4c9a965e67a5e3ae192cb2d54ae1078a26a422776551c6ec78c74039e1849
fc30949e989cdeab9f8bd7b005a708c8d63c76bbe0b898b1dca404509bbe5e68
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4
ffe34db39e7e6d87bad0d8fa5ba03613e73b9207d0ee74b078dadd49619e4a3b