urlscan.io logo urlscan.io
SecurityTrails logo

wolipop.detik.com Open in urlscan Pro
103.49.221.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dtk.id/NeV8n7
Effective URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-asl...
Submission: On November 08 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 162 IPs in 13 countries across 126 domains to perform 762 HTTP transactions. The main IP is 103.49.221.109, located in South Tangerang, Indonesia and belongs to DETIK-AS-ID PT. Detik Ini JUga, ID. The main domain is wolipop.detik.com. The Cisco Umbrella rank of the primary domain is 256274.
TLS certificate: Issued by Thawte RSA CA 2018 on November 21st 2022. Valid for: a year.
This is the only time wolipop.detik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 103.49.221.112 24211 (DETIK-AS-...)
7 103.49.221.109 24211 (DETIK-AS-...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
90 203.190.242.172 24211 (DETIK-AS-...)
2 3 23.56.202.187 16625 (AKAMAI-AS)
17 2a00:1450:400... 15169 (GOOGLE)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
28 203.190.242.102 24211 (DETIK-AS-...)
3 2600:9000:223... 16509 (AMAZON-02)
1 3 23.36.163.15 20940 (AKAMAI-ASN1)
3 184.24.77.12 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 3.230.103.202 14618 (AMAZON-AES)
6 2001:4860:480... 15169 (GOOGLE)
3 193.108.153.23 20940 (AKAMAI-ASN1)
2 2600:9000:264... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
22 2a02:2638:3::3 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 65.9.66.104 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
7 185.86.139.116 201081 (SMARTADSE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
7 2a02:6b8::90 208722 (GLOBAL_DC)
1 104.21.79.241 13335 (CLOUDFLAR...)
3 35.186.253.211 15169 (GOOGLE)
3 184.30.21.51 16625 (AKAMAI-AS)
1 2602:803:c003... 26667 (RUBICONPR...)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 141.95.33.111 16276 (OVH)
10 203.190.242.26 24211 (DETIK-AS-...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
13 203.190.242.244 24211 (DETIK-AS-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 163.181.92.233 24429 (TAOBAO Zh...)
1 34.110.136.63 396982 (GOOGLE-CL...)
32 104.126.37.185 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
1 54.83.231.26 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
1 3 52.51.219.175 16509 (AMAZON-02)
2 35.241.10.124 15169 (GOOGLE)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 52.76.29.240 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.120.133.188 396982 (GOOGLE-CL...)
13 184.24.77.6 20940 (AKAMAI-ASN1)
2 138.199.37.212 60068 (CDN77 ^_^)
2 193.108.153.16 20940 (AKAMAI-ASN1)
7 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
3 146.75.118.113 54113 (FASTLY)
9 104.126.37.176 20940 (AKAMAI-ASN1)
9 32 142.250.185.226 15169 (GOOGLE)
4 12 172.64.151.101 13335 (CLOUDFLAR...)
8 23 37.252.171.52 29990 (ASN-APPNEX)
12 71.18.5.241 396986 (BYTEDANCE)
1 2a00:1450:400... 15169 (GOOGLE)
2 184.24.77.5 20940 (AKAMAI-ASN1)
3 193.108.153.12 20940 (AKAMAI-ASN1)
2 2.16.1.131 20940 (AKAMAI-ASN1)
18 2a00:1450:400... 15169 (GOOGLE)
2 2 35.186.193.173 15169 (GOOGLE)
4 3.127.126.167 16509 (AMAZON-02)
2 3 69.173.144.139 26667 (RUBICONPR...)
1 2600:9000:211... 16509 (AMAZON-02)
2 5.196.111.69 16276 (OVH)
1 2 2.16.97.41 16625 (AKAMAI-AS)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2 52.29.206.161 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 15.197.193.217 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 216.52.2.48 30282 (AS-INAPCD...)
4 142.250.186.66 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.101.195.52 54113 (FASTLY)
3 13.224.192.181 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
3 4 37.157.6.232 198622 (ADFORM)
2 4 76.223.111.18 16509 (AMAZON-02)
1 5 51.89.9.252 16276 (OVH)
1 1 35.214.239.135 15169 (GOOGLE)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.86.4.30 16509 (AMAZON-02)
11 2a02:2638:3::10 44788 (ASN-CRITE...)
5 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 34.107.231.31 396982 (GOOGLE-CL...)
1 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:236... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.119 16276 (OVH)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 203.190.242.182 24211 (DETIK-AS-...)
4 184.30.16.195 16625 (AKAMAI-AS)
6 184.30.22.30 16625 (AKAMAI-AS)
2 35.158.246.49 16509 (AMAZON-02)
3 198.47.127.19 62713 (AS-PUBMATIC)
3 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 103.49.221.99 24211 (DETIK-AS-...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
2 108.138.9.235 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3.124.41.155 16509 (AMAZON-02)
2 145.40.97.66 54825 (PACKET)
2 2a0c:5c87:523... 55081 (24SHELLS)
2 2606:4700:440... 13335 (CLOUDFLAR...)
6 188.42.191.196 7979 (SERVERS-COM)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 162.210.196.208 30633 (LEASEWEB-...)
2 185.106.140.18 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 147.160.191.131 396986 (BYTEDANCE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 46.105.201.233 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 184.30.16.183 16625 (AKAMAI-AS)
1 35.241.31.249 15169 (GOOGLE)
1 67.202.105.21 ()
1 2a0c:5c87:523... ()
3 2606:4700:20:... ()
1 2606:4700:e0:... ()
1 3 193.3.178.3 ()
1 1 5.200.43.131 ()
1 194.55.244.177 ()
2 2 193.232.148.134 ()
1 2a02:6ea0:c70... ()
1 3 192.96.203.13 ()
2 185.83.71.234 ()
1 8.2.110.17 ()
1 193.3.178.1 ()
4 193.3.178.4 ()
1 1 18.207.95.25 ()
1 18.195.255.178 ()
1 69.166.1.66 ()
1 1 34.225.59.34 ()
1 205.234.175.175 ()
12 2606:4700:10:... ()
1 2 209.54.182.161 ()
1 1 34.96.71.22 ()
1 1 2001:678:cb4:... ()
1 2a02:6ea0:c70... ()
3 4 34.111.113.62 ()
1 2a04:4e42::300 ()
1 2600:1f18:659... ()
2 2 52.215.231.9 ()
1 54.78.254.47 ()
1 1 85.114.159.118 ()
2 2 34.111.131.239 ()
1 185.15.245.82 ()
2 2 3.75.62.37 ()
1 1 54.73.143.135 ()
1 34.160.236.64 ()
1 54.72.15.103 ()
1 138.201.8.249 ()
2 54.220.165.75 ()
1 98.98.134.243 ()
1 1 37.157.6.237 ()
1 212.36.83.246 ()
2 34.247.233.198 ()
2 2 185.184.8.90 ()
762 162
5    103.49.221.112 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-112-221-49-103.detik.com
dtk.id
7    103.49.221.109 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-109-221-49-103.detik.com
wolipop.detik.com
2    2606:4700:e0::ac40:6606 (United States)

ASN13335 (CLOUDFLARENET, US)
applets.ebxcdn.com
90    203.190.242.172 (Sidoarjo, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com
awscdn.detik.net.id
cdn.detik.net.id
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
secure-assets.rubiconproject.com
17    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.insurads.com
28    203.190.242.102 (Sidoarjo, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com
awsimages.detik.net.id
akcdn.detik.net.id
images.detik.com
3    2600:9000:223c:8600:3:74e5:6700:93a1 (United States)

ASN16509 (AMAZON-02, US)
awscdnstatic.detik.net.id
3    23.36.163.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-15.deploy.static.akamaitechnologies.com
www.tiktok.com
3    184.24.77.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-12.deploy.static.akamaitechnologies.com
lf16-tiktok-web.ttwstatic.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    3.230.103.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-103-202.compute-1.amazonaws.com
services.insurads.com
6    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com
lf16-data.bytepluscdn.com
sf16-secsdk.ttwstatic.com
2    2600:9000:2646:200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
22    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:d400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
7    185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
1    104.21.79.241 (None, )

ASN13335 (CLOUDFLARENET, US)
ads.adnuntius.delivery
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
10    203.190.242.26 (Sidoarjo, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-26-242.190.203.detik.com
newcomment.detik.com
apicomment.detik.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
13    203.190.242.244 (Sidoarjo, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-244-242.190.203.detik.com
newrevive.detik.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    163.181.92.233 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
connect.detik.com
1    34.110.136.63 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.136.110.34.bc.googleusercontent.com
rech.detik.com
32    104.126.37.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-185.deploy.static.akamaitechnologies.com
mcs.tobsnssdk.com
toblog.tobsnssdk.com
mssdk-va.tiktok.com
8    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    54.83.231.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-231-26.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    52.51.219.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-219-175.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    35.241.10.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.10.241.35.bc.googleusercontent.com
analytic.detik.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
detik-d.openx.net
us-u.openx.net
1    52.76.29.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-29-240.ap-southeast-1.compute.amazonaws.com
editorial.femaledaily.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com
2    34.120.133.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.133.120.34.bc.googleusercontent.com
collent.detik.com
13    184.24.77.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-6.deploy.static.akamaitechnologies.com
sf16-website-login.neutral.ttwstatic.com
2    138.199.37.212 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 559277417.fra.cdn77.com
p77-sign-sg.tiktokcdn.com
2    193.108.153.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-16.deploy.static.akamaitechnologies.com
sf16-short-va.bytedapm.com
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
33    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
38    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    146.75.118.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
v19-web-newkey.tiktokcdn.com
9    104.126.37.176 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-176.deploy.static.akamaitechnologies.com
mcs-va-useast2a.tiktokv.com
mssdk-va.byteoversea.com
32    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
ade.googlesyndication.com
12    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
23    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
fra1-ib.adnxs.com
12    71.18.5.241 (United States)

ASN396986 (BYTEDANCE, US)
PTR: a71-18-5-241.deploy.static.akamaitechnologies.com
mon-va.byteoversea.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    184.24.77.5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-5.deploy.static.akamaitechnologies.com
p16-sign-sg.tiktokcdn.com
p16-sign-useast2a.tiktokcdn.com
3    193.108.153.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-12.deploy.static.akamaitechnologies.com
lf16-tiktok-common.ibytedtos.com
2    2.16.1.131 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-131.deploy.static.akamaitechnologies.com
vmweb-va.byteoversea.com
18    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    3.127.126.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:211e:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    5.196.111.69 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip69.ip-5-196-111.eu
ssbsync.smartadserver.com
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.29.206.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-206-161.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    216.52.2.48 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
1    151.101.195.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
4    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    35.214.239.135 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 135.239.214.35.bc.googleusercontent.com
csync.loopme.me
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
11    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
5    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2600:9000:236e:1400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    203.190.242.182 (Sidoarjo, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: 203d-cast-182-242-190-203.detik.com
20.detik.com
4    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.158.246.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-246-49.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    103.49.221.99 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-99-221-49-103.detik.com
cdnv.detik.com
vod.detik.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    2a05:d018:d29:3602:abeb:a582:6f70:20cf (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
2    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    3.124.41.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-41-155.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
2    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    162.210.196.208 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
2    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    147.160.191.131 (United States)

ASN396986 (BYTEDANCE, US)
mon-i18n.tiktokv.com
1    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
3    46.105.201.233 (France)

ASN16276 (OVH, FR)
static.adbutter.net
1    2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)
j.adlooxtracking.com
3    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
cdn.adnxs.com
crcdn01.adnxs-simple.com
acdn.adnxs.com
1    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
1    67.202.105.21 (None, )

ASN- ()
ssc-cms.33across.com
1    2a0c:5c87:5234::2 (None, )

ASN- ()
s.adtelligent.com
3    2606:4700:20::681a:567 (None, )

ASN- ()
cdn.aralego.net
1    2606:4700:e0::ac40:6327 (None, )

ASN- ()
adxbid.info
3    193.3.178.3 (None, )

ASN- ()
ads.us.e-planning.net
sync.e-planning.net
1    5.200.43.131 (None, )

ASN- ()
ads.adlook.me
1    194.55.244.177 (None, )

ASN- ()
sync.dmp.otm-r.com
2    193.232.148.134 (None, )

ASN- ()
px.adhigh.net
1    2a02:6ea0:c700::18 (None, )

ASN- ()
vid.vidoomy.com
3    192.96.203.13 (None, )

ASN- ()
sync.aralego.com
ads.aralego.com
2    185.83.71.234 (None, )

ASN- ()
sync.adtelligent.com
1    8.2.110.17 (None, )

ASN- ()
sync.admanmedia.com
1    193.3.178.1 (None, )

ASN- ()
s.e-planning.net
4    193.3.178.4 (None, )

ASN- ()
u-ams03.e-planning.net
1    18.207.95.25 (None, )

ASN- ()
ssp.disqus.com
1    18.195.255.178 (None, )

ASN- ()
match.sharethrough.com
1    69.166.1.66 (None, )

ASN- ()
sync.go.sonobi.com
1    34.225.59.34 (None, )

ASN- ()
cookies.nextmillmedia.com
1    205.234.175.175 (None, )

ASN- ()
i.e-planning.net
12    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
2    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
1    34.96.71.22 (None, )

ASN- ()
s.company-target.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    2a02:6ea0:c700::11 (None, )

ASN- ()
vpaid.vidoomy.com
4    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    2a04:4e42::300 (None, )

ASN- ()
trc.taboola.com
1    2600:1f18:6593:f600:7475:e79:22d:1b43 (None, )

ASN- ()
dmp.v.fwmrm.net
2    52.215.231.9 (None, )

ASN- ()
dpm.demdex.net
1    54.78.254.47 (None, )

ASN- ()
loadeu.exelator.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    185.15.245.82 (None, )

ASN- ()
dmp.theadex.com
2    3.75.62.37 (None, )

ASN- ()
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    54.73.143.135 (None, )

ASN- ()
aa.agkn.com
1    34.160.236.64 (None, )

ASN- ()
odr.mookie1.com
1    54.72.15.103 (None, )

ASN- ()
beacon.krxd.net
1    138.201.8.249 (None, )

ASN- ()
sync.richaudience.com
2    54.220.165.75 (None, )

ASN- ()
rtb.gumgum.com
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    37.157.6.237 (None, )

ASN- ()
cm.adform.net
1    212.36.83.246 (None, )

ASN- ()
a.vidoomy.com
2    34.247.233.198 (None, )

ASN- ()
usersync.gumgum.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
Apex Domain
Subdomains		 Transfer
119 detik.net.id
awscdn.detik.net.id — Cisco Umbrella Rank: 78368
awsimages.detik.net.id — Cisco Umbrella Rank: 126204
awscdnstatic.detik.net.id — Cisco Umbrella Rank: 253489
cdn.detik.net.id — Cisco Umbrella Rank: 32085
akcdn.detik.net.id — Cisco Umbrella Rank: 35998
2 MB
79 googlesyndication.com
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
664 KB
45 detik.com
wolipop.detik.com — Cisco Umbrella Rank: 256274
newcomment.detik.com — Cisco Umbrella Rank: 56863
newrevive.detik.com — Cisco Umbrella Rank: 52113
connect.detik.com — Cisco Umbrella Rank: 47128
rech.detik.com — Cisco Umbrella Rank: 98279
apicomment.detik.com — Cisco Umbrella Rank: 68898
analytic.detik.com — Cisco Umbrella Rank: 48448
collent.detik.com — Cisco Umbrella Rank: 100620
images.detik.com — Cisco Umbrella Rank: 80711
20.detik.com — Cisco Umbrella Rank: 87625
cdnv.detik.com — Cisco Umbrella Rank: 74425
vod.detik.com — Cisco Umbrella Rank: 95245
303 KB
38 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
687 KB
30 tobsnssdk.com
mcs.tobsnssdk.com — Cisco Umbrella Rank: 41629
toblog.tobsnssdk.com — Cisco Umbrella Rank: 18959
11 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
cdn.adnxs.com — Cisco Umbrella Rank: 1682
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7940
acdn.adnxs.com — Cisco Umbrella Rank: 609
107 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
364 KB
18 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3362
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172
token.rubiconproject.com — Cisco Umbrella Rank: 458
secure-assets.rubiconproject.com
165 KB
17 ttwstatic.com
lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 17095
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7394
sf16-secsdk.ttwstatic.com — Cisco Umbrella Rank: 49972
1 MB
15 byteoversea.com
mon-va.byteoversea.com — Cisco Umbrella Rank: 5474
vmweb-va.byteoversea.com — Cisco Umbrella Rank: 22641
mssdk-va.byteoversea.com — Cisco Umbrella Rank: 34276
9 KB
12 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
4 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum.casalemedia.com
ssum-sec.casalemedia.com
7 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
240 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
dis.criteo.com — Cisco Umbrella Rank: 597
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
bidder.criteo.com — Cisco Umbrella Rank: 757
109 KB
10 tiktokv.com
mcs-va-useast2a.tiktokv.com — Cisco Umbrella Rank: 31405
mon-i18n.tiktokv.com — Cisco Umbrella Rank: 5497
3 KB
10 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
2 KB
10 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 21212
services.insurads.com — Cisco Umbrella Rank: 17678
54 KB
9 e-planning.net
ads.us.e-planning.net
s.e-planning.net
u-ams03.e-planning.net
i.e-planning.net
sync.e-planning.net
3 KB
9 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10357
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
16 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
74 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
detik-d.openx.net — Cisco Umbrella Rank: 73740
us-u.openx.net
2 KB
8 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
24 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
419 KB
7 tiktokcdn.com
p77-sign-sg.tiktokcdn.com — Cisco Umbrella Rank: 8488
v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 33581
p16-sign-sg.tiktokcdn.com — Cisco Umbrella Rank: 1438
p16-sign-useast2a.tiktokcdn.com — Cisco Umbrella Rank: 1501
206 KB
7 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13042
1 KB
6 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
grid.bidswitch.net — Cisco Umbrella Rank: 1165
1 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
43 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
5 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 28573
sync.aralego.com
ads.aralego.com
1 KB
5 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5236
ghb1.adtelligent.com — Cisco Umbrella Rank: 7260
s.adtelligent.com
sync.adtelligent.com
4 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2 KB
5 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24339
j.adlooxtracking.com — Cisco Umbrella Rank: 13670
data00.adlooxtracking.com — Cisco Umbrella Rank: 11098
33 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
587 B
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net
cm.adform.net
3 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
2 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
63 KB
5 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4018
mssdk-va.tiktok.com — Cisco Umbrella Rank: 20397
36 KB
5 dtk.id
dtk.id — Cisco Umbrella Rank: 65773
1 KB
4 gumgum.com
rtb.gumgum.com
usersync.gumgum.com Failed
2 KB
4 tapad.com
pixel.tapad.com
2 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
27 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
355 KB
3 vidoomy.com
vid.vidoomy.com
vpaid.vidoomy.com
a.vidoomy.com
20 KB
3 aralego.net
cdn.aralego.net
7 KB
3 adbutter.net
static.adbutter.net — Cisco Umbrella Rank: 134652
3 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
3 ibytedtos.com
lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 8758
170 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
12 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
mab.chartbeat.com — Cisco Umbrella Rank: 2550
25 KB
2 weborama.fr
idsync.frontend.weborama.fr
909 B
2 demdex.net
dpm.demdex.net
2 KB
2 adhigh.net
px.adhigh.net
823 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
user-sync.adxpremium.services Failed
5 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
10 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 54581
1 KB
2 bytedapm.com
sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 18974
27 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 bytepluscdn.com
lf16-data.bytepluscdn.com — Cisco Umbrella Rank: 68009
52 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
2 ebxcdn.com
applets.ebxcdn.com — Cisco Umbrella Rank: 11715
3 KB
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 richaudience.com
sync.richaudience.com
380 B
1 krxd.net
beacon.krxd.net
usermatch.krxd.net Failed
338 B
1 mookie1.com
odr.mookie1.com
204 B
1 agkn.com
aa.agkn.com
528 B
1 theadex.com
dmp.theadex.com
84 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
460 B
1 taboola.com
trc.taboola.com
203 B
1 turn.com
ad.turn.com
425 B
1 company-target.com
s.company-target.com
424 B
1 nextmillmedia.com
cookies.nextmillmedia.com
188 B
1 sonobi.com
sync.go.sonobi.com
399 B
1 sharethrough.com
match.sharethrough.com
35 B
1 disqus.com
ssp.disqus.com
298 B
1 admanmedia.com
sync.admanmedia.com
60 B
1 otm-r.com
sync.dmp.otm-r.com
69 B
1 adlook.me
ads.adlook.me
328 B
1 adxbid.info
adxbid.info
3 KB
1 33across.com
ssc-cms.33across.com
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4239
31 KB
1 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 20655
925 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
47 KB
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
552 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
277 B
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
3 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
413 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
711 B
1 andbeyond.media
rtbpass.andbeyond.media — Cisco Umbrella Rank: 48614
581 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 28377
396 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
237 B
1 femaledaily.com
editorial.femaledaily.com — Cisco Umbrella Rank: 80499
49 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 adnuntius.delivery
ads.adnuntius.delivery — Cisco Umbrella Rank: 35716
3 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
0 socdm.com Failed
tg.socdm.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 imrworldwide.com Failed
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com Failed
0 bluekai.com Failed
tags.bluekai.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 liadm.com Failed
i.liadm.com Failed
0 unblockia.com Failed
cdn.unblockia.com Failed
762 126
Domain Requested by
61 awscdn.detik.net.id wolipop.detik.com
awscdn.detik.net.id
20.detik.com
38 pagead2.googlesyndication.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
wolipop.detik.com
www.googletagservices.com
newrevive.detik.com
33 tpc.googlesyndication.com wolipop.detik.com
securepubads.g.doubleclick.net
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
googleads.g.doubleclick.net
30 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
spl.zeotap.com
rtb.gumgum.com
29 cdn.detik.net.id awscdn.detik.net.id
wolipop.detik.com
www.googletagmanager.com
newcomment.detik.com
cdn.detik.net.id
20.detik.com
26 mcs.tobsnssdk.com lf16-data.bytepluscdn.com
22 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
rtbpass.andbeyond.media
18 s0.2mdn.net wolipop.detik.com
s0.2mdn.net
18 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
rtbpass.andbeyond.media
acdn.adnxs.com
spl.zeotap.com
17 securepubads.g.doubleclick.net wolipop.detik.com
securepubads.g.doubleclick.net
www.googletagservices.com
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
13 sf16-website-login.neutral.ttwstatic.com www.tiktok.com
sf16-website-login.neutral.ttwstatic.com
wolipop.detik.com
sf16-secsdk.ttwstatic.com
13 akcdn.detik.net.id wolipop.detik.com
13 newrevive.detik.com wolipop.detik.com
newcomment.detik.com
newrevive.detik.com
13 awsimages.detik.net.id wolipop.detik.com
12 mon-va.byteoversea.com sf16-website-login.neutral.ttwstatic.com
12 cdn.ampproject.org securepubads.g.doubleclick.net
11 imageproxy.eu.criteo.net ads.eu.criteo.com
10 mwzeom.zeotap.com spl.zeotap.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
8 mcs-va-useast2a.tiktokv.com sf16-website-login.neutral.ttwstatic.com
8 googleads.g.doubleclick.net 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 www.google.com wolipop.detik.com
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 www.googletagservices.com securepubads.g.doubleclick.net
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 apicomment.detik.com awscdn.detik.net.id
cdn.detik.net.id
7 bs.yandex.ru micro.rubiconproject.com
7 prg-apac.smartadserver.com micro.rubiconproject.com
7 services.insurads.com cdn.insurads.com
wolipop.detik.com
7 wolipop.detik.com awscdn.detik.net.id
6 ads.betweendigital.com rtbpass.andbeyond.media
ads.betweendigital.com
6 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
ads.us.e-planning.net
rtb.gumgum.com
6 match.adsrvr.org 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
rtbpass.andbeyond.media
ssum.casalemedia.com
spl.zeotap.com
rtb.gumgum.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 csm.eu.criteo.net ads.eu.criteo.com
5 onetag-sys.com 1 redirects 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
rtbpass.andbeyond.media
s.adtelligent.com
ads.us.e-planning.net
5 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 dtk.id 1 redirects awscdn.detik.net.id
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 fra1-ib.adnxs.com cdn.jsdelivr.net
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
cdn.adnxs.com
4 ads.pubmatic.com micro.rubiconproject.com
s.adtelligent.com
ads.us.e-planning.net
rtb.gumgum.com
4 eb2.3lift.com 2 redirects adxbid.info
ads.us.e-planning.net
4 googleads4.g.doubleclick.net wolipop.detik.com
4 x.bidswitch.net 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ads.betweendigital.com
spl.zeotap.com
4 toblog.tobsnssdk.com lf16-data.bytepluscdn.com
4 www.googletagmanager.com wolipop.detik.com
www.googletagmanager.com
20.detik.com
3 cdn.aralego.net rtbpass.andbeyond.media
3 static.adbutter.net cdn.jsdelivr.net
static.adbutter.net
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 2 redirects ssum.casalemedia.com
3 cdnv.detik.com 20.detik.com
awscdn.detik.net.id
3 token.rubiconproject.com eus.rubiconproject.com
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 p.adlooxtracking.com wolipop.detik.com
p.adlooxtracking.com
3 c1.adform.net 3 redirects
3 c.amazon-adsystem.com wolipop.detik.com
c.amazon-adsystem.com
3 cms.quantserve.com 2 redirects 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
3 pixel.rubiconproject.com 2 redirects
3 lf16-tiktok-common.ibytedtos.com wolipop.detik.com
3 v19-web-newkey.tiktokcdn.com www.tiktok.com
wolipop.detik.com
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 connect.detik.com awscdn.detik.net.id
wolipop.detik.com
3 newcomment.detik.com awscdn.detik.net.id
cdn.detik.net.id
3 id5-sync.com cdn.id5-sync.com
rtbpass.andbeyond.media
3 a.teads.tv micro.rubiconproject.com
rtbpass.andbeyond.media
3 rtb.openx.net micro.rubiconproject.com
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
ads.us.e-planning.net
3 tags.crwdcntrl.net securepubads.g.doubleclick.net
wolipop.detik.com
s.e-planning.net
3 cdn.jsdelivr.net securepubads.g.doubleclick.net
micro.rubiconproject.com
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
3 lf16-tiktok-web.ttwstatic.com wolipop.detik.com
www.tiktok.com
3 www.tiktok.com 1 redirects lf16-tiktok-web.ttwstatic.com
sf16-website-login.neutral.ttwstatic.com
3 awscdnstatic.detik.net.id wolipop.detik.com
3 cdn.insurads.com wolipop.detik.com
services.insurads.com
2 creativecdn.com 2 redirects
2 usersync.gumgum.com rtb.gumgum.com
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
2 secure-assets.rubiconproject.com 2 redirects
2 sync.adtelligent.com s.adtelligent.com
ads.us.e-planning.net
2 sync.aralego.com cdn.aralego.net
ads.aralego.com
2 px.adhigh.net 2 redirects
2 ads.us.e-planning.net 1 redirects rtbpass.andbeyond.media
2 ade.googlesyndication.com
2 mon-i18n.tiktokv.com sf16-website-login.neutral.ttwstatic.com
2 i.clean.gg cadmus.script.ac
2 rtb.adxpremium.services rtbpass.andbeyond.media
2 hb.aralego.com rtbpass.andbeyond.media
2 bidder.criteo.com rtbpass.andbeyond.media
2 mp.4dex.io rtbpass.andbeyond.media
2 prebid.a-mo.net rtbpass.andbeyond.media
2 grid.bidswitch.net rtbpass.andbeyond.media
2 script.4dex.io rtbpass.andbeyond.media
script.4dex.io
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 mssdk-va.tiktok.com sf16-website-login.neutral.ttwstatic.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 connect.facebook.net newcomment.detik.com
connect.facebook.net
2 id.hadron.ad.gt cdn.hadronid.net
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 images.detik.com wolipop.detik.com
2 ads.eu.criteo.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 ap.lijit.com 2 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 sync.teads.tv 1 redirects 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
2 ssbsync.smartadserver.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
rtb.gumgum.com
2 gcm.ctnsnet.com 2 redirects
2 vmweb-va.byteoversea.com sf16-website-login.neutral.ttwstatic.com
2 sf16-short-va.bytedapm.com www.tiktok.com
sf16-short-va.bytedapm.com
2 p77-sign-sg.tiktokcdn.com www.tiktok.com
2 collent.detik.com cdn.detik.net.id
2 analytic.detik.com wolipop.detik.com
20.detik.com
2 gum.criteo.com 1 redirects static.criteo.net
2 pubads.g.doubleclick.net wolipop.detik.com
2 oajs.openx.net 1 redirects wolipop.detik.com
2 www.google.de wolipop.detik.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
wolipop.detik.com
2 static.chartbeat.com wolipop.detik.com
www.googletagmanager.com
2 lf16-data.bytepluscdn.com www.googletagmanager.com
2 applets.ebxcdn.com wolipop.detik.com
applets.ebxcdn.com
1 sync.e-planning.net rtb.gumgum.com
1 us-u.openx.net rtb.gumgum.com
1 a.vidoomy.com
1 cm.adform.net 1 redirects
1 pixel-sync.sitescout.com
1 sync.richaudience.com spl.zeotap.com
1 beacon.krxd.net spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 vpaid.vidoomy.com vid.vidoomy.com
1 ads.aralego.com 1 redirects
1 ad.turn.com 1 redirects
1 s.company-target.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 cookies.nextmillmedia.com 1 redirects
1 sync.go.sonobi.com ads.us.e-planning.net
1 match.sharethrough.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 sync.admanmedia.com ads.us.e-planning.net
1 vid.vidoomy.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 ads.adlook.me 1 redirects
1 adxbid.info rtbpass.andbeyond.media
1 s.adtelligent.com rtbpass.andbeyond.media
1 ssc-cms.33across.com rtbpass.andbeyond.media
1 data00.adlooxtracking.com j.adlooxtracking.com
1 acdn.adnxs.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
1 crcdn01.adnxs-simple.com cdn.jsdelivr.net
1 cdn.adnxs.com cdn.jsdelivr.net
1 j.adlooxtracking.com cdn.jsdelivr.net
1 rtb.adpone.com rtbpass.andbeyond.media
1 ghb1.adtelligent.com rtbpass.andbeyond.media
1 cadmus.script.ac script.4dex.io
1 ghb.adtelligent.com rtbpass.andbeyond.media
1 vod.detik.com cdn.detik.net.id
1 rtb.nl3.eu.criteo.com
1 dis.criteo.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 detik-d.openx.net micro.rubiconproject.com
1 20.detik.com awscdn.detik.net.id
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 p16-sign-useast2a.tiktokcdn.com wolipop.detik.com
1 a.ad.gt cdn.hadronid.net
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 cdn.hadronid.net wolipop.detik.com
1 secure.cdn.fastclick.net wolipop.detik.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rtb.fr3.eu.criteo.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
1 csync.loopme.me 1 redirects
1 um.simpli.fi 1 redirects
1 rtbpass.andbeyond.media wolipop.detik.com
1 rtbdemand.apiip.net wolipop.detik.com
1 mssdk-va.byteoversea.com sf16-website-login.neutral.ttwstatic.com
1 secure.adnxs.com 1 redirects
1 tr.blismedia.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
1 s.tribalfusion.com 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
1 s.ad.smaato.net 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
1 p16-sign-sg.tiktokcdn.com wolipop.detik.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sf16-secsdk.ttwstatic.com www.tiktok.com
1 editorial.femaledaily.com wolipop.detik.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com wolipop.detik.com
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net wolipop.detik.com
1 rech.detik.com awscdn.detik.net.id
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 ads.adnuntius.delivery micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 fonts.googleapis.com awscdn.detik.net.id
1 micro.rubiconproject.com wolipop.detik.com
0 tg.socdm.com Failed rtb.gumgum.com
0 b1sync.zemanta.com Failed rtb.gumgum.com
0 match.deepintent.com Failed rtb.gumgum.com
0 sync.ipredictive.com Failed rtb.gumgum.com
0 sync.srv.stackadapt.com Failed rtb.gumgum.com
0 pool.admedo.com Failed rtb.gumgum.com
0 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com Failed spl.zeotap.com
0 tags.bluekai.com Failed spl.zeotap.com
0 aax-eu.amazon-adsystem.com Failed spl.zeotap.com
0 usermatch.krxd.net Failed spl.zeotap.com
0 sync-tm.everesttech.net Failed spl.zeotap.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 i.liadm.com Failed ssum.casalemedia.com
0 user-sync.adxpremium.services Failed adxbid.info
0 cdn.unblockia.com Failed wolipop.detik.com
762 225
Subject Issuer Validity Valid
*.detik.com
Thawte RSA CA 2018		 2022-11-21 -
2023-12-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-23 -
2024-03-21		 a year crt.sh
*.detik.net.id
Thawte RSA CA 2018		 2023-02-21 -
2024-02-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2023-05-01 -
2024-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.bytepluscdn.com
RapidSSL TLS ECC CA G1		 2023-05-29 -
2024-06-28		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
adnuntius.delivery
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.tobsnssdk.com
RapidSSL ECC CA 2018		 2023-02-21 -
2024-03-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.ttwstatic.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-11 -
2023-12-12		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.dtk.id
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-01 -
2024-11-05		 a year crt.sh
editorial.femaledaily.com
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
*.neutral.ttwstatic.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh
1562951790.rsc.cdn77.org
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.bytedapm.com
RapidSSL ECC CA 2018		 2022-12-13 -
2024-01-13		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.tiktokcdn.com
RapidSSL TLS RSA CA G1		 2023-05-03 -
2024-06-02		 a year crt.sh
*.tiktokv.com
RapidSSL ECC CA 2018		 2023-08-14 -
2024-09-13		 a year crt.sh
*.byteoversea.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-08-02 -
2024-09-01		 a year crt.sh
*.ibytedtos.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-10-31 -
2023-11-30		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-09-15 -
2023-12-14		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-02 -
2023-12-31		 3 months crt.sh
static.adbutter.net
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
adlooxtracking.com
GTS CA 1P5		 2023-09-29 -
2023-12-28		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.adlooxtracking.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
adxbid.info
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads.us.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh

This page contains 73 frames:

Primary Page: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Frame ID: 91C164B86AD307F033797C4E29A39817
Requests: 252 HTTP requests in this frame

Frame: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Frame ID: 10C60F2F31EADD2BE0AF69F44BC71744
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wolipop.detik.com
Frame ID: D706477FE35CABE83D2652F1C97E6E53
Requests: 2 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=63
Frame ID: 8556793E52D41D9537710648CA42227D
Requests: 2 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Frame ID: 17BE018D03C4B1DAAD3E9E56816DD4A5
Requests: 46 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BEF668D2D8824E7939A00D5B9A4C6A0E
Requests: 1 HTTP requests in this frame

Frame: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 440BA8D376BD08E922EEBE1CF3B474ED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj8Vnxy0XJQ2342TkYamF__Cj5jW6rK9op6ya73Ikwzh0FBVByEx4DtHXQJvQG5HWjLU-8ner4J6XHxItuxsg5q3Unh5_TaNDMOFVYTWsHbq6kraPobouyFhLyDrHurxcxCLGP9QKGbH0wYqNZOqomX-we0yA3z3gHtY-2JiGtk-QYSrDJqDcz-P2CuhtgIvflwNuRwF_iNlBJj8zjM7VcQx1YskXL7JZixu5hqiY3pTvvdDRwSo4G6KYgJU6xUao4CtmZyBUOKbNOt90FlewSlbMi1sT6fsuXFUqG3zt4RfLKrSAt6ZbAsfUDOU1ytzlDmTliiJ7kT9N-WDkGJ9wo48qGkUF3lEbXNWEPO4cnuPXhvhbDtpA_Tjzo-go&sai=AMfl-YTm_LmCQT596V68j2qbykSgYhVK5i77wBGqyBFyWge-asKm3GUQ8Gz72W1BxLre0Zxdj0bmYIQGBieIT_cTiOYch8MZFfLKJPpd7LHnAwdWSePsJ6q4uOq60kNqrg&sig=Cg0ArKJSzPtcGQcWg52SEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E6B504DD27A9DDCF126E4BEF0E335E55
Requests: 10 HTTP requests in this frame

Frame: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D26426190B62DC406A47A105585FC110
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 2414BDE347117B374D4F96960AD4809F
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 51E314AEE7B79A256214C8A484A19583
Requests: 17 HTTP requests in this frame

Frame: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F737FC60A4D37F77743156550D0DF207
Requests: 20 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/detik_desktop/wolipop/billboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:970,%22h%22:250,%22eId%22:%22main_detik_desktop_wolipop_billboard_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/skyscrapper%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:160,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_skyscrapper_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/medium_rectangle1%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:300,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_medium_rectangle1_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/leaderboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:728,%22h%22:90,%22eId%22:%22main_detik_desktop_wolipop_leaderboard_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402298637
Frame ID: A857A2A333A418551112333C6BA7B6B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Frame ID: 176919F57A856C67D4B19ED084A8CC69
Requests: 5 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=910278&appId=2414&s=2830&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&sid=0DFB0B19CD42A0AB&v=1.14.20&ts=1699402298646
Frame ID: 2990B0D317BBC63EB369E2A36394C11C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Frame ID: A60134A14DDE87C05042BABB37090074
Requests: 5 HTTP requests in this frame

Frame: https://5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 207612B8356AAAE7CBEE2DDE5E7BAA68
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUbD8k43lVDABLt8KozqJRocjGzS4iSogQruheBH_9HFdHFywais5KsYwVGaYqjSMVrAMIoZnxafDnyU13eO6q-HTRaJfNtofXPWEyGg4mRmAhqaHLHaEUZ6bjw1tdcPPtUERcTX20CmvqCkH3anCEb61CK6ZUcVAOBgY2F7oeLjfcmMGEdCjXJ1s4llJafRHNkX3n-IUaP3GO81H4tgnz2GDVtnNXCzHW22CPDWI8FM1I_D_kE-5BnjcBSSxsGO479KGtv8__L-w6TPtJgtAnr2qYHt8Pa_SPOCjh5y7UGuECXePUiGfez-bMcbRTi05cP16m1VkX3sfJavDe3lzfwjGEbg&sai=AMfl-YRtghHltUD8yxPxqPX5prfjFaL3i1MV6yXb4y6Dvrge39s6TkpT8CgQgEK0bNRiO7ORMGSWcDXGPI5nN1lGezNjA7_tf_xQjcW8YwHWzNqCbHGZLAKe81jL8dDvWw&sig=Cg0ArKJSzIRVXIoruzTTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FDD99601B7820FF178B02B990C656C26
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B39F38C184F34C3F8692909044A296D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F15BE3176DAC20F950708F2650F80568
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Frame ID: BA9AD9586E8261C16E3D6C49CEC13CBB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 504673796D6483584DCABAE7241615F7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AE356A8ACA4F393426775A9D78BAE754
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Frame ID: 28B8AC78D1776572332E801BAA9E70C6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 560C062009BA68D39B2D93787D9EC9A4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A62A1AC81CC12238DFAA355C73513847
Requests: 2 HTTP requests in this frame

Frame: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C7A801BCDB65754A0B99166785D0FD47
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Frame ID: 4C2E16A383EC27D5D59F68FC1838CFC3
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47D2D17732934CE65F2F88B1D2057DDB
Requests: 9 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/detik_desktop/wolipop/parallax_detail%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:480,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_parallax_detail_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402300021
Frame ID: FDBF473C6AB23C8E10D939B236B4562E
Requests: 1 HTTP requests in this frame

Frame: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Frame ID: 805C512BD39627957AB9FE103B0BF624
Requests: 41 HTTP requests in this frame

Frame: https://detik-d.openx.net/w/1.0/pd
Frame ID: 9EBDCD1EC9D466241EF4F18806453F25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156981
Frame ID: D5FCF532F88550CDA3D36C4CBBA98D5F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CA9978BB08F703979BC3E048CC478C18
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1351071C41903EEBCE5D491BCF3774D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5B0F2A08405CE798417C674D86F8257
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 2A11AE5AC5812B3EF36A5C5EE5D24162
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&adk=1812271804&adf=3025194257&lmt=1699402302&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302613&bpp=4&bdt=7523&idt=128&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&nras=1&correlator=3585676985899&frm=20&pv=2&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&fsb=1&dtd=148
Frame ID: C2C5BA75B4E1C7ACEFA5EEDD4F1A6F51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Frame ID: 02F7621D3C9A7A48D67E555EE606CA80
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Frame ID: 7AC9D81680E5FDDD4E9E7D42AA3A904F
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 65E392F61ED52759E17A50A095F9E636
Requests: 8 HTTP requests in this frame

Frame: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5DB6DC69B9A12D95CC98BBDA9DF887C
Requests: 8 HTTP requests in this frame

Frame: https://static.adbutter.net/libjs/third-party-pixel.js
Frame ID: EB6DB0683D2FE3900B4F33FEE107471C
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13903&pub_id=2165182
Frame ID: CFE72D99572D4E60A7811F5FD04B5FA4
Requests: 3 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/21751243814,4905536/235978-728-90-10%22,%22eoId%22:2517372628,%22eolId%22:5017487889,%22advId%22:4666413989,%22ecId%22:138265691417,%22w%22:728,%22h%22:90,%22eId%22:%22main_235978-728-90-10_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402306010
Frame ID: 05133F83EC7A04C66EDF8CCF25F8CA0D
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 2B355DEA040C6829F221C1E258030083
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 99B1080C61ABCCD06D501C276AE9778E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 0850BA18A2075DBCB01ABF9EF88B3CC2
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: C0187BDA74457A373719A077558A110D
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 91D5D9C1C6CB8C757403E01A54F342AF
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BC0D054D1569821DF6F68B83C62779C8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: A17BC3303CE9A7C7C93D1413F411F921
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 8E2B76BD7BF0367CA3ED6863B1DAF15C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 6A164DBDFD93D89218AB468292112E31
Requests: 10 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Frame ID: 9B109B0CD8C0391832D7DF8D2DA0FC2C
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: D2CFDE9E49F55C61B3DB6D7B394A2CA9
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: D69D6257AF46557C7298483804B3E614
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: AD0239B1FB332FB81E3BF8CD4AF29093
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D51134e9d68cfb030%26uid%3D
Frame ID: 2CDC0FED5F07B5EA83FAC63396AA7B2A
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Frame ID: 31CA306674BB88F50144244C99F48F52
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 1D1BD224EA3F2C052FDA644116AAD8E0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: A021C589F379D9761B73D49C417A4251
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: E4F72F749F7884F6369D9616F595E4C2
Requests: 33 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Frame ID: 4AA48EFFF9286A1DDB971F94C69A4706
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 1F11C5644FB01F7756C50A2398C210B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AM5n5Ldr3vIly3qW
Frame ID: 28DA4CEF688C291E27D043927EA49CBE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4219359789409642649&gdpr=&gdpr_consent=
Frame ID: C04AF29D9ECB69B3CC9D5F5C818099BC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81MmZjYTAwMi0wMGMwLTQ3MGItOTIxOS02NTFlNTlhNzYyMjA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 55914CD566784D9F4AAAF1A8110C281C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B9E5B9A2D3EA4320C04137A0E4CFA416
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 958753E7B2A6C2E632BFEF7850BD24E7
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 66692C1ECDF29CBBE2791287B64738C1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Z6otTrJSo3b0QJsWMMuK&pi=gumgum&tc=1
Frame ID: 54CCDF08E67325BD086C789C1EF0F6BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E92FCE992B86432E9B88BE02066D7E60
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Viral Wajah Dinda Hauw Terkena Kamera Wartawan, Ternyata Begini Aslinya

Page URL History Show full URLs

  1. https://dtk.id/NeV8n7 HTTP 301
    https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

762
Requests

90 %
HTTPS

35 %
IPv6

126
Domains

225
Subdomains

162
IPs

13
Countries

9823 kB
Transfer

31403 kB
Size

78
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dtk.id/NeV8n7 HTTP 301
    https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://www.tiktok.com/embed.js HTTP 302
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Request Chain 113
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&rid=esp&cc=1
Request Chain 141
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=detik.com&sn=ChromeSyncframe&so=0&topUrl=wolipop.detik.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=IyScL3xUOE5nQlhreWEvMHRXVWlOYm9vS3N1MExCWWxkcDZMcERtTmZ0ZzVXSlpJeDRDZkZaZDZqd0ZBVTJKMG5wS3hyVkRyWWE2d0xSQnJmdXFxdkljamEvY0NqQ2lzRmNIT3MzbkNXOElpTy92ZlM4bWIwZVF5RDNNTGRIVTZNOGVFQlQ3VmYzQk5mYkZTQUE5eWFLZ1NJWDk0dVFTZHRJbFh6Ykc3dmNSZGtoYVBvRXNOcWhMQnU0dVlEdHlEb1RjQmYvcTE4OVNLYjdYNXg3ckpxU0tQeWN3WlVXRFNtU1JsZFhwQjRvRlFZWmNMaWZncnFSaGtDU2NaOEhLQWduZnVTWGUrKzFLRUhUTW9nS3Fiak9kOWgzdz09fA&cppv=2
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Request Chain 253
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUrSO-DHgMKaZjBnVxnF7QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3boujy9wrMbE1Ay1d4vuw&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
Request Chain 255
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Request Chain 257
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUrSOy84xJLwNJ8zQTutuwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3boujy9wrMbE1Ay1d4vuw&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
Request Chain 259
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
Request Chain 319
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEABNQ3tCpp3eini06hSCZjo&google_cver=1&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr2EF_LhmuiBND0omM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr2EF_LhmuiBND0omM&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHEblQyuQvW4piFukeGgZUg&google_cver=1&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wtqxRj2qbjhIHLd-gwiXM-bKrA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9QMDkwRFMtMjEtTEY4&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wtqxRj2qbjhIHLd-gwiXM-bKrA
Request Chain 325
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKnjcpj_rDM1QVgedIf6XqQ&google_cver=1&google_push=AXcoOmT8CyJ0Cuj8LWjgZX4rwmh_g3cbK0F4TdyykAkc7EHGYwj9NWzNZmwg6-iQgPXGZEQggxlvIO7ksPiiLrCh9QjON8_xEACd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT8CyJ0Cuj8LWjgZX4rwmh_g3cbK0F4TdyykAkc7EHGYwj9NWzNZmwg6-iQgPXGZEQggxlvIO7ksPiiLrCh9QjON8_xEACd HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 328
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie4fjgxg7aoyIq_Gz5kjs_oL_iSyDeX-lC1JJsDPmpKi9zRek28O1w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie4fjgxg7aoyIq_Gz5kjs_oL_iSyDeX-lC1JJsDPmpKi9zRek28O1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHdPR3B3bUoxUjB3YXY1&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie4fjgxg7aoyIq_Gz5kjs_oL_iSyDeX-lC1JJsDPmpKi9zRek28O1w
Request Chain 329
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 332
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENfQLpj3U5Xgpo-wNgMBS_4&google_cver=1&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENfQLpj3U5Xgpo-wNgMBS_4&google_cver=1&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc&google_hm=HnnrtGZHCkXwMt58TgqqPv27
Request Chain 333
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXftmP4PmLtHUqA69iGqOzQAISqnR9NrxAm2V74uD5dbYvQtZHdZIv3pjn_RUICqFsCe-k6q693r4u1-MJ0J7y9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXftmP4PmLtHUqA69iGqOzQAISqnR9NrxAm2V74uD5dbYvQtZHdZIv3pjn_RUICqFsCe-k6q693r4u1-MJ0J7y9
Request Chain 388
  • https://um.simpli.fi/gp_match?google_gid=CAESEGXFlYSnEt_6F9VFrBQFhXo&google_cver=1&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4ysRDKQg0xhC7Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7755536A1CD74E54B478517B392FB406&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4ysRDKQg0xhC7Z
Request Chain 390
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEABNQ3tCpp3eini06hSCZjo&google_cver=1&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4NAFSl4qa5vjPb6sI8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4NAFSl4qa5vjPb6sI8&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
Request Chain 391
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbR9wKPdQOQFbqlF8Z1PZ0&google_cver=1&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gukqkFaOQ2ormS9LR8KNIl HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMbR9wKPdQOQFbqlF8Z1PZ0&google_cver=1&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gukqkFaOQ2ormS9LR8KNIl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIxOTM1OTc4OTQwOTY0MjY0OQ&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gukqkFaOQ2ormS9LR8KNIl
Request Chain 392
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBeGBxEVAYk0ap9x4qIT4II&google_cver=1&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL&google_gid=CAESEBeGBxEVAYk0ap9x4qIT4II HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjMzMjEzNzIxMzYzNTA2NjIwMg%3D%3D&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL
Request Chain 393
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJB7IvY2e7dn46u9N2qOVpg&google_cver=1&google_push=AXcoOmRlH_6UZnWU60WBhajPzAqZWqV_erPhsKdQFMi24I6DWGGWfteQuB564upkdyMW0eknzNd8NPn3KFhrDkw9eCT4IE74_O6SDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRlH_6UZnWU60WBhajPzAqZWqV_erPhsKdQFMi24I6DWGGWfteQuB564upkdyMW0eknzNd8NPn3KFhrDkw9eCT4IE74_O6SDg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 394
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEOk_ZL6fBDPopuYl23Nwmck&google_cver=1&google_push=AXcoOmRuUv9M8b0MLKnCDGzVqhzd-Vh_kZ0HWd0G-pn7-O7DPy7eqlgNqMXjmA1gPPew476UsYmg9hGyHdAHJkWacYi93IKza3dJ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b9cc4920-d303-48fd-b033-d9f19aeae91c&google_cver=1&google_gid=CAESEOk_ZL6fBDPopuYl23Nwmck&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRuUv9M8b0MLKnCDGzVqhzd-Vh_kZ0HWd0G-pn7-O7DPy7eqlgNqMXjmA1gPPew476UsYmg9hGyHdAHJkWacYi93IKza3dJ&gdpr=${GDPR}
Request Chain 530
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPmef1cOekqkjudYjC3aBvA&google_cver=1&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrWh6mKsazDPzj8VmGiDzio5YBz9eG6zwyXRBVQjYv_egr4idQAKVKmlxyBh0tsxyC47ZXH2OCtaIq9Hs5Si_CBAKGoJ1B3aJvxhHYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrWh6mKsazDPzj8VmGiDzio5YBz9eG6zwyXRBVQjYv_egr4idQAKVKmlxyBh0tsxyC47ZXH2OCtaIq9Hs5Si_CBAKGoJ1B3aJvxhHYg&google_hm=OllIMcYXQoJcI5BtQmX7jw
Request Chain 534
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJDakmGqXy6Va22hfhsI9PU&google_cver=1&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFvuq2rC7Vi97S1BDEbABJ6SVVatZreSRE984ZwoZkCn7Qw7F3C9tY5J38woRluBlRU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFvuq2rC7Vi97S1BDEbABJ6SVVatZreSRE984ZwoZkCn7Qw7F3C9tY5J38woRluBlRU&google_hm=eS02MHB5NlRsRTJwRlp1M1VkbEltODc2WENCd20zd1hTNX5B
Request Chain 535
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmToAwsvRimJdLmSqZfVLUhjur6qLOxetAyPvdWxorfgcQ7mDnll_3rODtCCYCMTjS4_aLdknnXa_vI1V9OFUw1Nht7lBX9WXYxYHLMQsr4ARAh-dS9f80KqEwWN2GmI0yiJDAbmDumuVuQBe1ISIlpmeA&google_gid=CAESEAWUfkaXyR1GIKqQC6aqiag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YS8A4OawVXBq3ncMthFXffPdnTOyAciomlOlOw&google_push=AXcoOmToAwsvRimJdLmSqZfVLUhjur6qLOxetAyPvdWxorfgcQ7mDnll_3rODtCCYCMTjS4_aLdknnXa_vI1V9OFUw1Nht7lBX9WXYxYHLMQsr4ARAh-dS9f80KqEwWN2GmI0yiJDAbmDumuVuQBe1ISIlpmeA
Request Chain 670
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 672
  • https://ads.adlook.me/csync?pid=btw&uid=a23cf4d0-4ec9-5238-8f2f-9ebdea654cfd&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f90d8d261d644bc4baa07ca058d80f08
Request Chain 674
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LlO9J8rlhOg.AikABlGLrEVi6A
Request Chain 682
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c7fc5f533ea3cf7c4fb098355e4033389f2cbbac5c7ba6b12868154c4cd78e1
Request Chain 685
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D51134e9d68cfb030%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=51134e9d68cfb030&uid=1303356955576139268
Request Chain 686
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D51134e9d68cfb030%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=51134e9d68cfb030&uid=ua-5ca1413a-a694-3a3b-ab97-3c350cc9cbce
Request Chain 690
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D51134e9d68cfb030 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=51134e9d68cfb030
Request Chain 691
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 698
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ef67b6c8b9846738b70a2bb899ce032
Request Chain 699
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 701
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6ExsvzIqycwBlJpAWWoAQ&google_cver=1
Request Chain 702
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 704
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715127110&external_user_id=6acb329b-0c07-4d5d-8a87-ee8f4ba6d29e
Request Chain 705
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2385168303269879304
Request Chain 707
  • https://ads.aralego.com/cookiesync HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Request Chain 712
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0d4c4850-f29c-43f3-8379-db1657110bae&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 719
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=38991821625407099461919974533134750856&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 722
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7298877344205895836&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 723
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee
Request Chain 724
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361&bounce=1&random=2711830444 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=8chtfRzbJF7aAXr60ODUde&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 726
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 727
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-eOya02xE2oozo5aSCKJedXcxLDQ6GQjMJQ--~A&zpartnerid=570&env=mWeb
Request Chain 728
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=d0v2XHHOvEQcZeQ8CyfSqjqbwr7W7OSf%2BS41iYitP1U%3D
Request Chain 732
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361&_test=ZUrSRgACGp_VFABH
Request Chain 734
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361&dcc=t
Request Chain 737
  • https://pixel.rubiconproject.com/token?pid=41544&puid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LOP090DS-21-LF8&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 740
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=peISpvflFaW-them8uAL_qPlFvW-shHypLGNrgSm&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Request Chain 749
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4219359789409642649&vid=3ced02bbfa54884d803382ed9c503c87&dspid=adf
Request Chain 751
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1303356955576139268
Request Chain 752
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_52fca002-00c0-470b-9219-651e59a76220&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_52fca002-00c0-470b-9219-651e59a76220&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8d1e8f88-28dd-4da9-a9dc-0b4625809aaf
Request Chain 755
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.3jDJHpE2pd.0aMpi8PYx1Y8HtrHNz_blHrR~A
Request Chain 759
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=9r3ug85Mx5ep&ev=1&pid=558355
Request Chain 762
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4219359789409642649&gdpr=&gdpr_consent=
Request Chain 767
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Z6otTrJSo3b0QJsWMMuK&pi=gumgum&tc=1
Request Chain 768
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

762 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya
wolipop.detik.com/makeup-and-skincare/d-7017040/
Redirect Chain
  • https://dtk.id/NeV8n7
  • https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term...
125 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
ec52e48072cbf4e7d05e638c62b069b09a040800614be2a2fdcb8a1ed11a8156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
content-encoding
gzip
content-type
text/html
date
Wed, 08 Nov 2023 00:11:34 GMT
s
21
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
x-fastcgi-cache
MISS

Redirect headers

Access-Control-Allow-Headers
X-BrandId,x-csrf-token
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:33 GMT
Location
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Server
detk-new1
X-Frame-Options
DENY
ebx.js
applets.ebxcdn.com/ 		464 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://applets.ebxcdn.com/ebx.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
content-encoding
br
x-amzn-remapped-content-length
464
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
823
x-amzn-requestid
9b6ddb09-f87f-4746-b6b2-9d8811e47f46
x-amz-apigw-id
ODVH_F_4joEEmug=
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed Aug 30 13:25:09 GMT 2023
server
cloudflare
x-amzn-trace-id
Root=1-654aceff-1e7f14f66395a29765d4e279;Sampled=0;lineage=7936cbcf:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7w6RZdv%2BDs%2BossX6ebO8EIP7YEzzJiQqiLWhysTR4xWxqRERKJsw1ZyHduhJfr8Q3RGcwvb7GTqootG5yN7cNwmOopdDwGcRt1TBImt1TOFhJ50kCFdkdBGCi%2BmC5aLZTXbXz0O7%2Fd2TTnnkOT7Ya8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
82299978bd611c05-FRA
jquery.min.js
awscdn.detik.net.id/detik/libraries/jquery/1.8.1/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
2895b2f2583ba79c9e3c9406d70bd0c854361d356d786e39ebddd1215c94130b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 13 Jan 2015 12:00:50 GMT
server
st8
content-encoding
gzip
etag
W/"54b508f2-16a78"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikLiveUserCounterResponse.js
awscdn.detik.net.id/libs/livecounter/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=2023110807
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
af0280c8646154adb38a8e059fd0c5cfb21b954eb38031fcba65240da35061ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 04:00:43 GMT
server
st8
content-encoding
gzip
etag
W/"61b17f6b-96d5"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detik.ads.css
awscdn.detik.net.id/commerce/desktop/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/commerce/desktop/css/detik.ads.css
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 02 Nov 2022 10:03:16 GMT
server
st8
content-encoding
gzip
etag
W/"63624064-255c"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
dtk_commerce.js
awscdn.detik.net.id/commerce/commerce/ 		1 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/commerce/commerce/dtk_commerce.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
3b64444ca542f3bd5be8aba927bbf319f8924845d2cf99c053a9a0bc93771302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 02 Nov 2022 10:03:16 GMT
server
st8
content-encoding
gzip
etag
W/"63624064-53e"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
11530.js
micro.rubiconproject.com/prebid/dynamic/ 		659 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/11530.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
feadd6b13f999b3c2dbd0c237271f64ef92c7548755fa98650beaad79bb9510a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-11530_detik_desktop.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
120878
expires
Wed, 08 Nov 2023 17:17:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1012b174f58fbfd8b967796fc77a59dbc3dda4c22b34314b8c0217804ffbdad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32152
x-xss-protection
0
server
cafe
etag
66 / 19669 / m202311020101 / config-hash: 298745424321014486
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:36 GMT
S9H7OMZB.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
a07ca75e85cde4d1afb84980d870cc0d9ca8e93e4a26d65a58c31821ecc01a34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
cdn-edgestorageid
1081
x-amz-request-id
BM8G1N4FB6ZKDY8P
cdn-cachedat
07/07/2023 01:55:09
cdn-pullzone
55316
x-amz-id-2
ldjuY4rkSSHM+339/gA+rDxAR8yjbL5OUf6N4kdorPQx+4Qp6oxCzzPVDQKuHKI1esGJU76YHFw=
last-modified
Mon, 06 Jun 2022 13:59:02 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"fc7461ca5b7bf5ec58f085056c4dd5ea"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
38953011bc33f0c1cc1f5deb8afbe9ae
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
h.js
cdn.unblockia.com/ 		0
0
wolipop_detail.style.css
awscdn.detik.net.id/wolipop/css/ 		106 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
34ed7cea7ff1fe63ef916d02457828e148200432aa7ea437961105d191d87b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-1a611"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
it.style.css
awscdn.detik.net.id/wolipop/css/ 		280 B
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/css/it.style.css?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b503a641d6782bc600d7c224cce579fd52ea716b931f26871236a1fa4b39ffb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-118"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
framebar.css
awscdn.detik.net.id/assets/css/framebar/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
f7434a931efe764d92936db992cdd56150f71ef0102a5e440a85a489ed85614b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-7b3b"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
autocomplete.css
awscdn.detik.net.id/assets/css/framebar/ 		394 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/css/framebar/autocomplete.css?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
ae157816dff3ab17a63ef630d7878a68bff565e5cc88c8ab5e26a6b42ee65e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-18a"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-wolipop.png
awsimages.detik.net.id/community/media/visual/2020/09/17/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2020/09/17/logo-wolipop.png?d=1
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
bf73802673530741d970bb6ab9096cf4b2fb227dcd8cc6b26f47046d44b6fa9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Sep 2020 08:47:31 GMT
server
st9
etag
W/"5f6322a3-3264"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
label_new2x.webp
awscdn.detik.net.id/wolipop/images/ 		712 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/label_new2x.webp?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
f10e7e8e766ae818d6da9437a9d3bf952fd69dec55757e43e754b5a96ff95aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
etag
"64daf5d6-2c8"
cache-status
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
712
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
sisip.css
awscdn.detik.net.id/assets/css/ 		406 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/css/sisip.css?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
7dadda6cdf94892734b9cdaae1cf3e8bc16b1c41dad54650afe3c02ee0d37f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-196"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
shareBox.js
awscdn.detik.net.id/libs/sharebox/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/libs/sharebox/js/shareBox.js?v=2023110807
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
9f021b5b9503d01f2543fde36a2c9359948424f0c607cd5ab6eeebfe6ba6c154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 30 Jun 2022 03:33:46 GMT
server
st8
content-encoding
gzip
etag
W/"62bd199a-449d"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
dinda-hauw-memberikan-4-tips-agar-bibir-tetap-sehat-merona-alami-dan-bebas-dari-pecah-pecah-5.jpeg
awsimages.detik.net.id/community/media/visual/2023/07/30/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/07/30/dinda-hauw-memberikan-4-tips-agar-bibir-tetap-sehat-merona-alami-dan-bebas-dari-pecah-pecah-5.jpeg?w=400&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
5a1bba9f89afbf2021b85ed3706da8fcf61ecc880214b6427608c8172a7a7215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st14
server
st9
etag
W/"ff23a820ebf75ca1f3d49f3c890eaebc7e8d112c"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollpage.css
awscdnstatic.detik.net.id/live/_rmbassets/scrollpage/ 		934 B
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdnstatic.detik.net.id/live/_rmbassets/scrollpage/scrollpage.css
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8600:3:74e5:6700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
st9 /
Resource Hash
d8470c3f84ed7a0659d6aace85d3252ded95ee0a010d1afc3e8af6e56dfc6510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
middle-cache
MISS
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2362463
x-cache
Hit from cloudfront
barrier_2
MISS
barrier_1
Static
barrier_3
HIT
last-modified
Fri, 22 Jul 2022 05:08:51 GMT
server
st9
etag
W/"62da30e3-3a6"
cache-status
HIT
vary
Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
rP9aweq6OBxi0PL2hOp9lXrO9wCy5vZsLTNMBfaYWrOu_PUdDE74RQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed_v1.0.11.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Server
184.24.77.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
a57b1b2
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
a2mC7RA9gA0jSaiCieTPqA==
x-cache
TCP_MEM_HIT from a23-54-207-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_MISS
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=155
content-length
15144
x-tos-request-id
e5c006a4ec91c94563a4ec91-af54b09
x-tos-response-time
Thu, 22 Dec 2022 23:47:29 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
021671752849286fdbddc61000202280000000000000022f8dd8b
etag
CPXr0NbkkPsCEAE=
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=370258
access-control-allow-credentials
false
x-tt-trace-host
01f9ccf5557f3346174a4e4667953e5ef1355f1f95d99f460da46dbb2c8798c350a68314dbf3aff4a85ef79d4b137146b7476785c6de5e920e8ec7cc40209794140025394c96785717067f258cc5dfcce20425c916cfe49bf057c8f8619a53fc4e0f23c14899100da6f6a1014917694cb01e9d6e8f81512e736a288dc3b3bd6523
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

x-akamai-request-id
2eacfb03.7c331eec
date
Wed, 08 Nov 2023 00:11:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time
105,23.36.161.15
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=10
content-length
136
proxy-status
0000201302026000
pragma
no-cache
server
TLB
x-tt-logid
20231108001135D994E1C66E3EC3B472E7
x-cache-remote
TCP_MISS from a23-55-171-81.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
content-type
text/html
location
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.55.171.81
x-tt-trace-host
01bd308f099a64fbde4400b9f941e6319358c41773b53f82fa9cfa46724b8e0252956e36ac15e4190ab540c9dc3a33905f4a9566babdbc9b2e2a21712f4a092564c2e8a483da721570a3d1f0e512e1dc11
expires
Wed, 08 Nov 2023 00:11:36 GMT
dinda-hauw-memberikan-4-tips-agar-bibir-tetap-sehat-merona-alami-dan-bebas-dari-pecah-pecah_43.jpeg
awsimages.detik.net.id/community/media/visual/2023/07/30/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/07/30/dinda-hauw-memberikan-4-tips-agar-bibir-tetap-sehat-merona-alami-dan-bebas-dari-pecah-pecah_43.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
a459c0a4824036bf3c485566d2f792f1c74b28d1042e41b4c69a68cd4670a77b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st13
server
st9
etag
W/"a1f1ec45a8fd0e490b15f7b5d5887ffaa6e7c4f6"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
rey-mbayang-dan-dinda-hauw-4_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/07/14/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/07/14/rey-mbayang-dan-dinda-hauw-4_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
662c395d5c88739dcc6ed8beb450c046a0c8c3b47b7a4cddb35476956c8976a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st14
server
st9
etag
W/"95a52579e62a9a2d51e534e129d90d58907326e8"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
rey-mbayang_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/08/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/08/09/rey-mbayang_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
aee535b43efbcc3aef48efd57453d077eec0b71536524d9d048d3f55db8124ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st12
server
st9
etag
W/"c4cea8196e91580d9dcd638625e89b9b2adee956"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
rey-mbayang-wisuda-s1-universitas-terbuka_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/07/26/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/07/26/rey-mbayang-wisuda-s1-universitas-terbuka_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
071562070ca649aa3d83b4e21127430df5202465e65382c9d388575b3ed229a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st4
server
st9
etag
W/"752995b98439aff59e9fbb288392244895187e78"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dinda-hauw-dan-rey-mbayang_169.jpeg
awsimages.detik.net.id/community/media/visual/2022/09/27/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2022/09/27/dinda-hauw-dan-rey-mbayang_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
b437e1f6c945e13ca3bab1bd6a179ad8c72a9c6e8a52193de0561edd8422bddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st10
server
st9
etag
W/"3f2ed2b572541db531a0bfd9f5ef6a76b3958a63"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
rey-mbayang_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/03/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/03/02/rey-mbayang_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
38650ff4648fce73f11879db7e8123f11ea879173f6e7c32122dbb66b8bf6bd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st6
server
st9
etag
W/"3a6f11c0e5877c3e5d7485e2684ce797c88d20bf"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dinda-hauw-1_169.png
awsimages.detik.net.id/community/media/visual/2023/03/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/03/03/dinda-hauw-1_169.png?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
d579b7fdfb325c978d89c67ce8ce3d16db03b4a62188813328aaa469bd730d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st8
server
st9
etag
W/"f027a58acb5a7a58bf25a477dadedb2f3f4e4814"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dinda-hauw-dan-rey-mbayang-3_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/03/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/03/02/dinda-hauw-dan-rey-mbayang-3_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
6f35974f1b57066f8fa45fdd826c4ed52c30fa21c5085eb92356954018761509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st8
server
st9
etag
W/"9f2aa5269be046c75fff4b5c88556c3cf92dd2d9"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dapur-dinda-hauw_169.jpeg
awsimages.detik.net.id/community/media/visual/2023/01/22/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/community/media/visual/2023/01/22/dapur-dinda-hauw_169.jpeg?w=160&q=60
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
f0bcc58fa08f0657aec81448fa6a0b7832150acd47520ce53181a30e6aa7952c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st7
server
st9
etag
W/"d719d23b55e22ed50397a0965abda4a9c0d3c0d4"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
xcomponent.frame.min.js
awscdn.detik.net.id/libs/newcomment/js/ 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/libs/newcomment/js/xcomponent.frame.min.js?2023110807
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
00b0534e0ea12ee3bc1fc850484e4ec5cb41e59f3bab1a25001035e59295f1b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 11:19:13 GMT
server
st8
content-encoding
gzip
etag
W/"5f22acb1-25702"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge.js
awscdn.detik.net.id/libs/newcomment/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/libs/newcomment/js/bridge.js?2023110807
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
cf8164dd822c958cfc6277bad29a807da965da857e20aa2a2bba59208322a931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Mon, 29 May 2023 07:19:08 GMT
server
st8
content-encoding
gzip
etag
W/"647451ec-cf5"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollpage.css
awscdnstatic.detik.net.id/live/_rmbassets/mr1-scrollpage/ 		885 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdnstatic.detik.net.id/live/_rmbassets/mr1-scrollpage/scrollpage.css
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8600:3:74e5:6700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
st1 /
Resource Hash
80f1fbeb1e95f186e1ef324d132860cc499bec297a2ef4b673c73478f21692b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 23:16:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
middle-cache
MISS
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
780881
x-cache
Hit from cloudfront
barrier_2
MISS
barrier_1
Static
barrier_3
MISS
last-modified
Mon, 18 Jul 2022 06:43:06 GMT
server
st1
etag
W/"62d500fa-375"
cache-status
MISS
vary
Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
K8VX2Wv9xr4gX6RJ4I5dADg_GcPuhsouTsBFlR8WlbSJd56CVmWOZQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
scrollpage.css
awscdnstatic.detik.net.id/live/_rmbassets/mr2-scrollpage/ 		884 B
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdnstatic.detik.net.id/live/_rmbassets/mr2-scrollpage/scrollpage.css
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8600:3:74e5:6700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
st11 /
Resource Hash
5f16cbd61c5063eee06064df8697819fbb972df80a1f022fdf59954c6b1f533e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 01:15:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
middle-cache
HIT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
600972
x-cache
Hit from cloudfront
barrier_2
HIT
barrier_1
Static
barrier_3
MISS
last-modified
Wed, 08 Dec 2021 10:11:08 GMT
server
st11
etag
W/"61b084bc-374"
cache-status
MISS
vary
Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
O52cwskpGS349UXg-t0OWhXxU5_DQVHrRWtg7uwReUgq-g1xj9ejDg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
oembed.itp.v2.js
awscdn.detik.net.id/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/js/oembed.itp.v2.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
1fbeacbf071e282ceb1d4ceb330faf64a13e2ef8f3a989f550561c7bad455c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-31ef"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikconnect_auto_show_user.js
awscdn.detik.net.id/libs/dc/v1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/libs/dc/v1/detikconnect_auto_show_user.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b9bdf240b0895c5266ac1145532a4e5347756fd123e76a6749c203c2684c42c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Aug 2023 07:00:38 GMT
server
st8
content-encoding
gzip
etag
W/"64d1e816-807"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
iframeresizer.js
awscdn.detik.net.id/assets/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/js/iframeresizer.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b787c8d34a1d004b5c533867b7160ae74f85e105b3028d2edd43500cc2107e5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-365c"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
navbar.portal.v5.js
awscdn.detik.net.id/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/js/navbar.portal.v5.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
02777ce60722eb62690a2825a7c7c2032e6b0fa471710f94a21d69194fecd929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-1ea7"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
async.widget.v3.js
awscdn.detik.net.id/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/js/async.widget.v3.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
3e8a5c588babb9ec5c0008a9da6090ef1cccbef4a92752f8aa3b728ef04f24f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-221d"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_detikcom.webp
awscdn.detik.net.id/assets/images/webp/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/webp/logo_detikcom.webp?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
d063b325db2ef14ca33eedbbe8ab5cbd2b88cb1f3d9e9065dcf5ed4a797ce082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-2046"
cache-status
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8262
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_detiknetwork.webp
awscdn.detik.net.id/assets/images/webp/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/webp/logo_detiknetwork.webp?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
a1a4b49d2999a7cd635800ec5c8e75ddf00c46763a3b4810bfa143bba18f0947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-4c42"
cache-status
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
19522
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-whatsapp.png
awscdn.detik.net.id/assets/images/socmed/ 		19 B
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-whatsapp.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
39a9b8bc45e9cb89ea53d89372bbfd9780b0bf6d75a2f60324ca7295c1bb26e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
EXPIRED
server
st8
etag
"5ee8657d-13"
content-length
19
cache-status
EXPIRED
content-type
text/plain
icon-facebook.png
awscdn.detik.net.id/assets/images/socmed/ 		367 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-facebook.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
d77e9927ff040b52679dde8ab5837f0b859da7f82094d314977b509752963d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-16f"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-twitter.png
awscdn.detik.net.id/assets/images/socmed/ 		599 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-twitter.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
0e7c1a149f38de011e3c6069baf6d207ae9f3b669d5b9b54c709a3866f44d780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-257"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-instagram.png
awscdn.detik.net.id/assets/images/socmed/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-instagram.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
874377faac53727d7e7b9b75c09807faeab4bec3016a30fec4f28b36faaa7d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-33f"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-linkedin.png
awscdn.detik.net.id/assets/images/socmed/ 		316 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-linkedin.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
5f35112e0f2c03c88df5a42a186901b4f68edaabaefa1f192378bcb055b025cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-13c"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-youtube.png
awscdn.detik.net.id/assets/images/socmed/ 		324 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/images/socmed/icon-youtube.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
11748731b5e99fcaed9308e003a78cd5ae9f3c7fc0c2266c44f9aa05fac34c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-144"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
awscdn.detik.net.id/wolipop/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/slick.min.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
d2bb0eb5cfc8b621ba1e520e1b538e8e7754190f65816141464fdb57f94ce4b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-a9e3"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.modal.min.js
awscdn.detik.net.id/wolipop/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/jquery.modal.min.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
570d16a0342eaebc6477fbe4ce84bf4140cf612fcfc771deba461dbdfdd49ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-12fe"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.sticky.js
awscdn.detik.net.id/wolipop/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/jquery.sticky.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
0c41a4b4dddcadaa945a7a8832c525d90e34c05e7861e50f5d4afb62ce9d3ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-a9f"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
datepicker.min.js
awscdn.detik.net.id/wolipop/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/datepicker.min.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
cc950bb26fcf93ad40f3c9b7e9bbb0a8ddbb9ba6036aefbeead7c7fe9efd850a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-4222"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
wolipopdetail.js
awscdn.detik.net.id/wolipop/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/wolipopdetail.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
d6437db2abaeb5d96be2c3e70f2950ba354444d745ff0e0bdf2299cf7af2704c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
content-encoding
gzip
etag
W/"64f6cbec-9f7"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
itp.js
awscdn.detik.net.id/wolipop/js/ 		86 B
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/wolipop/js/itp.js?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b1fdcb2188f69d943d85ce64e745a54432eb29dbdefe1be27be329aae9a844d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 06:34:20 GMT
server
st8
etag
"64f6cbec-56"
cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
86
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detik.ads.controller.js
awscdn.detik.net.id/commerce/desktop/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/commerce/desktop/js/detik.ads.controller.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
67c6ec0e1abab4a803f6894a955dc2fe7074c551786225e386483cae0bf26fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 02 Nov 2022 10:03:16 GMT
server
st8
content-encoding
gzip
etag
W/"63624064-1711"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
applets.ebxcdn.com/applets/wolipop.detik.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://applets.ebxcdn.com/applets/wolipop.detik.com/scripts.js
Requested by
Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b1bf566a21c366a6a3a16ebb4ac9d11901c3cf6c145ef90ecc3d91248edc87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175
x-amzn-requestid
c2c6aa27-60e9-4de8-b97e-58812ff7c9d4
x-amz-apigw-id
ODWtVHNqDoEEQ0w=
content-length
1581
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 11:22:54 GMT
server
cloudflare
etag
faJ9OuKx9x6Ju3vwyVulnw==
x-amzn-trace-id
Root=1-654ad188-2364c408680a328b64856170;Sampled=0;lineage=388d0713:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2Fi0r8PSJlLuYly13mq84PiEc3imekrli3g4ElEprpluHQWN5E%2FNnyzipgAQDV2MoZvsabdd6NMfSpmvptEXPsQR5CTH8EEMLO6EbziwDjX6NwGbCsTFNWgNlfJcf5BNK4VeXeDo6WooE%2Fc%2BvHOvLLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=300, no-transform
accept-ranges
bytes
cf-ray
822999791fd7360b-FRA
gtm.js
www.googletagmanager.com/ 		330 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b5bcaaebe76ce1862259aae892cbaee45427b546d71fc8663fb949517166274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94134
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 00:11:36 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=2023110807179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 23:59:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Nov 2023 00:11:36 GMT
icon-sprite.png
awscdn.detik.net.id/assets/css/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/assets/css/images/icon-sprite.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
64eafcb995dfd84bf17ef82846df5fb78bfc6871e6f808e8ddbaf4823369ded0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-573"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logoicon_detik.png
awscdn.detik.net.id/wolipop/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/logoicon_detik.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
29928d7a8a3ffc3d7d75e86717612ee4726569aff1f81f12653c53bcb36d3ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-1131"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow_down.png
awscdn.detik.net.id/wolipop/images/ 		259 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/arrow_down.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
5ced7a6147739505555d1a9d8a4ad76af4e31c3cde1a734822f7719487f49c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-103"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-SemiBold.woff2
awscdn.detik.net.id/assets/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-SemiBold.woff2
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
5b62c92a026a59a6300033c381478b8a8d8f27aa048edfbf99831cfe483c97f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-8968"
cache-status
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
35176
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-Light.woff2
awscdn.detik.net.id/assets/fonts/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-Light.woff2
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
291a3f86829da62bc7e6fe45b735cf8b741b36d5b021a154912c19100500d326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-e848"
cache-status
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59464
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-Bold.woff
awscdn.detik.net.id/assets/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-Bold.woff
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b338281a00b6748ccfd9391e5e67d90da3aaf3d8ed01d099e390d6d6fc1e1df7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-e9fc"
cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59900
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-Regular.woff
awscdn.detik.net.id/assets/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-Regular.woff
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
e61f1ad265195ede649df53cb089704bccfc17ada7c2e0a4528974f05e61df48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-e8cc"
cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59596
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-SemiBold.woff
awscdn.detik.net.id/assets/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-SemiBold.woff
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
8c9fe0a40d829e6ff37886c0161369e7c4dcb959deb185368a889e99d05f5e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
etag
"64daf5d4-e9ac"
cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59820
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
Montserrat-Light.woff
awscdn.detik.net.id/assets/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/assets/fonts/Montserrat-Light.woff
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
ac4e614ef4779d0f208be8f709052483d57550c0c8843da6a0481c854e402b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Origin
https://wolipop.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 05 Mar 2020 06:02:40 GMT
server
st8
etag
"5e609600-18304"
cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
99076
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8843
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 06 Nov 2024 21:44:13 GMT
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&tcfc=1&t=1699402296486
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
33c0dd264702a04daa49e6f537aad39f9ade3433b418eb48c0862250ce4fae51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
icon_fb.png
awscdn.detik.net.id/wolipop/images/ 		362 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_fb.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
28e0989daad4fc10a03b96b803681e9797fb4392bfca98de53ab81bd4b80c6a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-16a"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_tw.png
awscdn.detik.net.id/wolipop/images/ 		735 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_tw.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
ec9173696b93869aa96958183b74cce3405e903b3f176cade83c0f408138a948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-2df"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_linkedin2.png
awscdn.detik.net.id/wolipop/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_linkedin2.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
238f8c3d8d339295368d0c2a45b3e47e0361e60751a3a54b0949bdf7f42c6300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-461"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_wa.png
awscdn.detik.net.id/wolipop/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_wa.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
180320ea65fbc810fb62f60134ef2329ab4dbce625bce730959440951fed9f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-d63"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_tele.png
awscdn.detik.net.id/wolipop/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_tele.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
8b146b3737f4bebc3869c3bac0c1b7ad6f561490d9551106505a122fae7011f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-1c63"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_comment.png
awscdn.detik.net.id/wolipop/images/ 		633 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/icon_comment.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
4e3df751a7777c377172932e5e47d26a4e79521d9842ef579a9269c9d2d39199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-279"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b7f69d6075fa6c61b69bcf82574e228f826f735b49826463cb0e50d74bc92fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87502
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 00:11:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Nov 2023 23:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1204
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 08 Nov 2023 01:51:32 GMT
collect-rangers-v5.0.0.js
lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
9738943
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
0NGYZsGPAC/sdgY7Low4DQ==
x-cache
TCP_MEM_HIT from a23-54-206-23.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
25516
x-tos-request-id
bd5f15f70136d18963f70136-af54d1e
x-tos-response-time
Thu, 23 Feb 2023 06:01:27 GMT
last-modified
Thu, 23 Feb 2023 05:54:55 GMT
server
nginx
x-tt-logid
2023022306012655381D6778CD7B694AF7
etag
CKWz4Lf6qv0CEAE=
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=1717736
access-control-allow-credentials
false
x-tt-trace-host
014a0769d6da188b26a57aac2f9d3da1d858e12f82c6ebb391307eb764b578ddf873e38f31227e2c92ef804899077d59ff986c3f7359dd4d6d5f02f8a0c5a7126b3ab03e5d482cd009ec7dd00064b0b015089948ab54c9dfef0de1c185eec5b1bab940fc077dea8dbb5b5ace5c088818e4a209f669330c7c07c991d0bac6fefaa1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:22:18 GMT
content-encoding
gzip
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
24558
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
bzXFDZ9jmu7NVZjjUwepht04iVoZhE_Ah63UsrTBEKD-PcsuJdEFlg==
expires
Wed, 08 Nov 2023 17:22:18 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 16:56:49 GMT
content-encoding
gzip
via
1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
26087
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
grexX2suesQitdXT0kJ0xgFVvU0BoJKWoFo7tn6mKqLLVQ4Veq5Xlw==
expires
Wed, 08 Nov 2023 16:56:49 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:29:26 GMT
content-encoding
gzip
age
1114930
x-guploader-uploadid
ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 02:29:26 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Nov 2023 00:11:36 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 06 Nov 2023 12:11:14 GMT
server
cloudflare
x-amz-request-id
TKHHY62A7690CEY2
age
2165
etag
W/"a8dc95d1ffeb5ca5c8e29b69dd9f17dd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
822999823b176919-FRA
x-amz-id-2
XR5FVrouau6hzF72sPDX7oZuIOzgxK7KwoZjneFTCTBNrfXLJmarTsGpYBtxam1xii/VDB/Tdco=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 07 Nov 2023 05:04:04 GMT
Via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
68853
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
UCHiaNLZxqOac6PykjttkHywrQhqDUkE3jETATFJ5_izn43fmT756A==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12557
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQx2ijL9U0OWNpnYlC%2Bv90WUcdxdaySK3%2Fq3muBHBCohE3D8IeGRKzWGZwogPDbo5GznPyvktnzxQBUWlWgENOSHhGtf5%2BDLMJD3CwwjSnPd8n%2BUrxvqui4UhEchsKv7F6bLJCvHbX3k5LA1nnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82299982affbbb80-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:16:16 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
75320
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
h3LP2DzEKzRaGDxHPUGRiSjQFYQId89ZhSdCZPsCkeMn-XbJLCabZw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
82e3873bffd690600544f5fad1b642e2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231108
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a268fda0b2f2099a2df8d8c03602c3b7f2b0810c3c5dae9592240066a3f439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12108
x-jsd-version
1.0.1867
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230099-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-JnTlFCqqRyZz2+hti6jCfqm7a4s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b81hR9hpkKOBPZemD%2Bym%2BHXkM50BRnay%2BEYDW1oTTIAmJEMPs8lQt2A4n7qZduoccjb9CCX62HHxwoaIZsqfAg1bTsAXmCKsFTGMSCPmn%2FR%2Bvf5MInP3LXukDj6nmNDTXVvLqDJCxbYfkZH%2Bwlw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
822999827d3c8fd4-FRA
v1
prg-apac.smartadserver.com/prebid/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
752389d002379b9fe54cdca5bfa019d01b7427927cd4b04990bcaf7a3595575d

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
138cac3491347502f338b570051be911feb1d1d2fc0ec2ab49d0445e3031cb7b

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7416333b05fae12d5574877f464bf7d004117c684c6fb9ce7430432a05a20735

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
2214014
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296926226-1093590841919511848600321-production-app-host-sas-pcode-154
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296925639-1554494815230129991000226-production-app-host-sas-pcode-367
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296927692-710113437519445976300297-production-app-host-vla-pcode-502
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296862286-787523907879465004300240-production-app-host-sas-pcode-205
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296924225-1356592507174153342800287-production-app-host-vla-pcode-226
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296925142-620726375109971338200318-production-app-host-sas-pcode-543
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
2214014
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214014?imp-id=35&target-ref=wolipop.detik.com&ssp-id=10500
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
last-modified
Wed, 08 Nov 2023 00:11:36 GMT
x-yandex-req-id
1699402296926471-949317041692404266700266-production-app-host-sas-pcode-320
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://wolipop.detik.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 08 Nov 2023 00:11:36 GMT
i
ads.adnuntius.delivery/ 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adnuntius.delivery/i?tzo=-60&format=json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.79.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e667df016a220b512cf41bf1d3cf07e1f5cf5f7e0a7718deebff9a43d2103fc

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id
c36a54beb164aec29d3692bae772abc5
x-adn-backend-server-id
h6412ed8
content-length
1821
pragma
no-cache
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSlnO34zZXkoCMT22uG0Apz1m9UUGPxqvZsaKHkKqk6hZPUlfZhzRSugbUm6TAjToPZhAcf4%2FGN%2FiH%2FK0TnChaHAP0iReB93ABpEUwH1mHatpOIbIZlyCetoUX9jcRuH84iy8mU1t2wr"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
82299982dc611981-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
30af116009a7494762c82d2d221731118255a98099f65306bd0a39b256af0997

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 08 Nov 2023 00:11:36 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11530&site_id=466220&zone_id=2747702%3B2747516%3B2748140%3B2747838%3B2747700%3B2748242%3B2747924&size_id=15%3B2%3B2%3B15%3B15%3B57%3B15&alt_size_ids=%3B%3B%3B10%3B%3B%3B10&rf=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&kw=dindahauw%2Ckamerawartawan%2Creymbayang&tg_i.domain=wolipop.detik.com&tg_i.page=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&tg_i.aupname=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle3%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbottomframe%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fleaderboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle1%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle2%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbillboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fparallax_detail&tg_i.pbadslot=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle3%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbottomframe%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fleaderboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle1%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle2%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbillboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fparallax_detail&tk_flint=dmpbjs_v7.54.4&x_source.tid=493243c5-3f08-4821-bfa3-da8e87ce9823%3B626de511-fb79-4476-bdec-9526fd1fc5e5%3Ba2c2e644-64ca-4d47-b6ab-be1ffa113a0e%3Ba03e21f1-5db7-423e-a39b-2dd81f78d495%3B2ad8f21e-6e28-4e04-864e-b35175f3d84a%3B89e1f34e-73be-4054-b420-1135310eddd3%3B685296ee-0b26-471f-9fdd-b396bd5fc9f2&l_pb_bid_id=50cf0750e8d986a%3B51f58e4e23a1a3b%3B5214f2345cf66fd%3B5353cd5b6562a34%3B54d781ad217dc32%3B559075a4287220f%3B5678395a7f9ae15&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=493243c5-3f08-4821-bfa3-da8e87ce9823%3B626de511-fb79-4476-bdec-9526fd1fc5e5%3Ba2c2e644-64ca-4d47-b6ab-be1ffa113a0e%3Ba03e21f1-5db7-423e-a39b-2dd81f78d495%3B2ad8f21e-6e28-4e04-864e-b35175f3d84a%3B89e1f34e-73be-4054-b420-1135310eddd3%3B685296ee-0b26-471f-9fdd-b396bd5fc9f2&rp_maxbids=1&p_gpid=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle3%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbottomframe%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fleaderboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle1%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle2%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbillboard%3B%2F4905536%2Fdetik_desktop%2Fwolipop%2Fparallax_detail&slots=7&rand=0.9051185920712927
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af8855f5480e333ee6339370cd20bd5b61c3336900fd45b1541c88b2f1185459

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CY42M5S751&gtm=45je3b60v873223606z872264312&_p=1699402296267&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=85861306.1699402297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699402296&sct=1&seg=0&dl=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&dt=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.kanalId=2-835-837-234&ep.articleId=7017040&ep.articleType=singlepage&ep.publishDate=2023%2F11%2F03%2012%3A00%3A06&ep.keyword=dinda%20hauw%2Ckamera%20wartawan%2Crey%20mbayang&ep.articleDewasa=dewasatidak&ep.videoPresent=No&ep.contentType=singlepagenews&ep.platform=desktop&ep.author=Vina%20Oktiani&ep.originalTitle=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&ep.createDate=2023%2F11%2F03%2003%3A44%3A40&ep.namaKanal=wolipop&tfd=4134
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CY42M5S751&cid=85861306.1699402297&gtm=45je3b60v873223606z872264312&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CY42M5S751&cid=85861306.1699402297&gtm=45je3b60v873223606z872264312&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1935771054
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=778190883&t=pageview&_s=1&dl=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ul=en-us&de=UTF-8&dt=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=229256809&gjid=2097521714&cid=85861306.1699402297&tid=UA-891770-59&_gid=2001578400.1699402297&_slc=1&gtm=45He3b60n71NG6BTJv72264312&cd1=2-835-837-234&cd2=7017040&cd3=singlepage&cd4=2023%2F11%2F03%2003%3A44%3A40&cd5=2023%2F11%2F03%2012%3A00%3A06&cd6=dinda%20hauw%2Ckamera%20wartawan%2Crey%20mbayang&cd13=dewasatidak&cd14=default&cd15=No&cd16=singlepagenews&cd17=desktop&cd18=Vina%20Oktiani&cd27=nonheadline-0&cd28=nonheadline-0-2-835&cd64=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&cm2=3.958&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1967620266
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-891770-59&cid=85861306.1699402297&jid=229256809&gjid=2097521714&_gid=2001578400.1699402297&_u=YCDAiEABBAAAAGAAI~&z=866094470
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=778190883&t=pageview&_s=1&dl=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ul=en-us&de=UTF-8&dt=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAAI~&jid=896311380&gjid=1656921334&cid=85861306.1699402297&tid=UA-891770-223&_gid=2001578400.1699402297&_r=1&_slc=1&gtm=45He3b60n71NG6BTJv72264312&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=755015247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
index.htm
newcomment.detik.com/static/ Frame 10C6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/libs/newcomment/js/xcomponent.frame.min.js?2023110807
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
afec7ebede0ec4992fc5688ca81289d44e747e70ff0b5fba89212b093d96f04d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
content-type
text/html
date
Wed, 08 Nov 2023 00:11:37 GMT
last-modified
Wednesday, 08-Nov-2023 00:11:37 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
server
comment1
set_cookie_flag
HttpOnly Secure SameSite=None
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomso...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomso...
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&rid=esp&cc=1
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8f99c3f91c0d3070b622a2f4052be4e1e0d94d356fb3b2cd2658ba52642f99b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-foS4COom548ZgbamEy8zi7U8BpU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 08 Nov 2023 00:11:36 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://wolipop.detik.com
location
/esp?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
asyncjs.php
newrevive.detik.com/delivery/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncjs.php
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
expire
Wed, 08 Nov 2023 01:11:37 GMT
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
DFPAudiencePixel;ord=2830381427830.8105;dc_seg=1010791389;gen=Male
pubads.g.doubleclick.net/activity;dc_iu=/4905536/ 		42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/4905536/DFPAudiencePixel;ord=2830381427830.8105;dc_seg=1010791389;gen=Male?
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DFPAudiencePixel;ord=4801752072454.708;dc_seg=1009875724;gen=Female
pubads.g.doubleclick.net/activity;dc_iu=/4905536/ 		42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/4905536/DFPAudiencePixel;ord=4801752072454.708;dc_seg=1009875724;gen=Female?
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame D706 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wolipop.detik.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:36 GMT
server
Kestrel
server-processing-duration-in-ticks
408807
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
jquery.autocomplete.js
cdn.detik.net.id/assets/js/framebar/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/assets/js/framebar/jquery.autocomplete.js?_=1699402296833
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b1801c83b4bed79a6ac656fc214888be8db7d61339144265a28dd65c2310b327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2023 08:40:19 GMT
server
st8
content-encoding
gzip
etag
W/"6549f7f3-447e"
cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
me.html
connect.detik.com/token/ Frame 8556 		288 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.detik.com/token/me.html?clientId=63
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/libs/dc/v1/detikconnect_auto_show_user.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.buzznesia.id *.berbuatbaik.id *.ziswafctarsa.id
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,POST
content-encoding
gzip
content-language
id
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.buzznesia.id *.berbuatbaik.id *.ziswafctarsa.id
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 08 Nov 2023 00:11:36 GMT
eagleid
a3b55c9916994022969516184e
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
same-origin strict-origin-when-cross-origin
server
Tengine
serverloc
dc-02
strict-transport-security
max-age=31536000; includeSubdomains; preload
timing-allow-origin
*
vary
Origin, Accept-Language, Cookie
via
cache15.l2sg2[21,0], ens-cache5.de5[176,0]
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
detiknetwork
wolipop.detik.com/ajax/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/ajax/detiknetwork
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
39a8cfa1da6c1286553a854de855fb2c679894a2cb9458bc2e80f5c4551887ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/json
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
other_article
wolipop.detik.com/ajax/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/ajax/other_article?param=234%7C7017040
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
19f202bdb9f02e395b495206fa5e88206be8bca4d9dc317c234c5138cee5542e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/json
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
photo_gallery_sidebar
wolipop.detik.com/ajax/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/ajax/photo_gallery_sidebar
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
4a0944089334883b9ef77c59347c440a4580de9a2cad00a368988f7260f38716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/json
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
horoscope
wolipop.detik.com/ajax/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/ajax/horoscope
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
3f3d3a67ed69be257ff2a18d7a4ec97d9c353fba838e43455be2e036b9f14c51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/json
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
-
rech.detik.com/article-recommendation/detail/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rech.detik.com/article-recommendation/detail/-?size=8&nocache=1&ids=7017040&acctype=acc-wolipop
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.136.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.136.110.34.bc.googleusercontent.com
Software
/
Resource Hash
a94c882c03a76c460c93f094345766aea2e5dcab4716dbb1dc4df877bc627b32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12835
load.gif
cdn.detik.net.id/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.detik.net.id/assets/images/load.gif
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
725997506cdc0e9d51e9af233fef8a68f63b1d600c655ef950ffe0114180718c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:40 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d4-147c"
cache-status
HIT
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
webid
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/webid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=0 cdn-cache; desc=MISS, edge; dur=2, origin; dur=163
upstream-caught
1699402297062959
x-akamai-request-id
df82cee2
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
165,104.126.37.181
x-tt-logid
2023110800113664C852EE9DA1FF074E4F
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad2c802b88328801ddf98bcefcfe45cb5d2d9ba4b7563ee147bbf1f7d7414c5e59e
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
webid
mcs.tobsnssdk.com/ 		38 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/webid
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
7dd108a4878efcec951ddac3110e53f26a1b7b248f8ab5345f5ad5e667a08fa1

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82cff2
date
Wed, 08 Nov 2023 00:11:37 GMT
upstream-caught
1699402297269457
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=15, cdn-cache; desc=MISS, edge; dur=1, origin; dur=167
content-length
38
pragma
no-cache
server
TLB
x-tt-logid
20231108001136A64675C62B3D3C0327BB
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
168,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d968af5b1c14e577a68a2f9faa5a33557cbde0d79348fe0366fe54fd7f7ef9552e42
expires
Wed, 08 Nov 2023 00:11:37 GMT
thetracker-detik-v4.min.js
cdn.detik.net.id/loganalysistracker/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/loganalysistracker/thetracker-detik-v4.min.js?v=4.0
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
c65ad3507aa9c487819ce5c6c2aac61866f0cd7bf0fc621fd78a3e365ca06bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 06:27:36 GMT
server
st8
content-encoding
gzip
etag
W/"606aadd8-1792"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikBigDataSdk.js
cdn.detik.net.id/loganalysistracker/ 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 08:55:53 GMT
server
st8
content-encoding
gzip
etag
W/"6319ae19-1a7d3"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-891770-59&cid=85861306.1699402297&jid=229256809&_u=YCDAiEABBAAAAGAAI~&z=746984132
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-891770-59&cid=85861306.1699402297&jid=229256809&_u=YCDAiEABBAAAAGAAI~&z=746984132
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=detik.com&p=%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya&u=DCtnp9BKQGx32D6O_&d=wolipop.detik.com&g=54935&g0=wolipop&g1=Vina%20Oktiani&n=1&f=00001&c=0&x=0&m=0&y=4840&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&b=4283&_c=detikcomsocmed&_m=cpc&_x=twitter&_y=wolipop&_z=ctw&t=BGtDpCAw49-CkV9xXDA_cESCAo771&V=141&i=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&tz=-60&sn=1&sv=oLWZCsaE5CDdfw41DpUMp-RMDgz&sd=1&im=061b2fff&_
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.231.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-231-26.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		259 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=detik.com&domain=wolipop.detik.com&path=%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
061e0e68ebdee88eed1359390a054a4ed6a25f3f63df043001e1acdf90e95253

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
844
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
198
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1699402297.947057,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 05 Nov 2023 23:57:32 GMT
embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
a57b22c
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
gzip-server
KFC
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a23-54-207-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
1334
x-tos-request-id
bbd1f40c5506f552640c5506-af54031
x-tos-response-time
Sat, 11 Mar 2023 10:16:38 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
20230314000519FBEAA85982DD249AAB1E
etag
CP6J0dbkkPsCEAE=
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=309684
access-control-allow-credentials
false
x-tt-trace-host
01a590d3cc931e2cc6b2d92fa3b55d0c4e2fdf68f0910c86e8b88f661266b76e9ce7047b09a9fb36b47024a77ebb17944cf145b65fa6fd2b66b943480061438956b08bf54706f53fa8c80a5b37c5b80bad7be5926dd057936f150626b28ec2f1873e0ef6e561d9a3bd80e89dee5d54ecc006d422150a3cc00c021decde5b80c83d
timing-allow-origin
*
access-control-allow-headers
*
embed_lib_v1.0.11.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
a57b22d
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
gzip-server
KFC
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a23-54-207-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
5451
x-tos-request-id
ad9fe0cc42526aa163cc4252-af54d15
x-tos-response-time
Sat, 21 Jan 2023 19:51:46 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
202301220255310E050E5E5A1D2F2D6756
etag
CNX5z9bkkPsCEAE=
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=1031010
access-control-allow-credentials
false
x-tt-trace-host
01d30da60040a33b163d5e9cc3b841e8251b04692773f3759c9468985acde917d0131229ae3a9a8bd1b19fdf9f941beefb3b18a2851e2ef8538cf9860425a9826e148aca105343ed33feee90232f4aa9f51c33805178425e81cc36c10fe49e91b7f83a984cbfc45aed027be4c3d72e90eeafab19fe9d006de9df029291fe16f404
timing-allow-origin
*
access-control-allow-headers
*
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.219.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-219-175.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6e6ca6bc94e55cd105cca2cc6a49527c726d6b74f95ca7106eec8a2f10c78165

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache
x-server
10.45.22.103
access-control-allow-credentials
true
content-length
60
expires
0
iat-realtime-7.0.11-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&tcfc=1&t=1699402296486
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
cdn-edgestorageid
1081
x-amz-request-id
XVY63RPQKTKV1SE5
x-amz-server-side-encryption
AES256
cdn-cachedat
10/31/2023 18:07:11
cdn-pullzone
55316
x-amz-id-2
OxSGwyV44A+UPoEv0j8nNL559Iq2zLjsX/92R3MyIkAZOVf/S1W6zOzKRs0lP9OafSx5FUrd8OY=
last-modified
Tue, 19 Sep 2023 08:22:46 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"75857c4fac071c7c848bbe0f76263cf8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
e441a849e7e53b3ec21dad10e277c85a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
iat-1.14.20.js
cdn.insurads.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.14.20.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&tcfc=1&t=1699402296486
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
cdn-edgestorageid
1082
x-amz-request-id
8RWWGM3CWK3S9TY3
x-amz-server-side-encryption
AES256
cdn-cachedat
10/24/2023 14:39:32
cdn-pullzone
55316
x-amz-id-2
6UsjhvKT4Z+Mei9eByUzaglU/KjgEbkdDbtgplQLp9C7Osp3Sjt8dYCwyj67pdZmSvwg9PWecmY=
last-modified
Tue, 24 Oct 2023 14:38:13 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"2b9d33be45a640fc410b9057606a5237"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
5dd07d3b814186214995c012f1cc304a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		138 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=2414&vId=0DFB0B19CD42A0AB&s=2830&fpc=1&nv=1&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&tcfc=1&lts=0&ts=1699402296916&iatId=75740ad30ede67d312e8bb4d7fdcd431&iatIdB=dbf5b14e7550f873e4d41ecc85e876f6&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=RRUURIEUEZ
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
7294581993583496456
www.tiktok.com/embed/v2/ Frame 17BE 		109 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Requested by
Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-15.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
4fdca1b61d7224a5df2a8b9c05a3def128c8c5f8384b0aa6fc1092adf6611728

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=187 inner; dur=181
x-akamai-request-id
2f1aa734.7c332153
x-cache
TCP_MISS from a23-36-161-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-cache-remote
TCP_MISS from a23-55-171-73.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-origin-response-time
187,23.55.171.73
x-parent-response-time
275,23.36.161.15
x-pumbaa-web-avail
1
x-tt-logid
2023110800113685BC9A5E576BEBB3271B
x-tt-trace-host
01bd308f099a64fbde4400b9f941e6319358c41773b53f82fa9cfa46724b8e0252005cb33e85e0886fdd38c6966e87018b8abc512b613136f4908919c79ddc0b3c7c6833442d4c2b02c1508b7b60296ad90289cfadc4d1aec3a7631bc71a5233b44f4e3cfb802574806a542708c6bc0af1
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
sid
mug.criteo.com/ Frame D706
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=detik.com&sn=ChromeSyncframe&so=0&topUrl=wolipop.detik.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=IyScL3xUOE5nQlhreWEvMHRXVWlOYm9vS3N1MExCWWxkcDZMcERtTmZ0ZzVXSlpJeDRDZkZaZDZqd0ZBVTJKMG5wS3hyVkRyWWE2d0xSQnJmdXFxdkljamEvY0NqQ2lzRmNIT3MzbkNXOElpTy92ZlM4bWIwZVF5RDNNTG...
438 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IyScL3xUOE5nQlhreWEvMHRXVWlOYm9vS3N1MExCWWxkcDZMcERtTmZ0ZzVXSlpJeDRDZkZaZDZqd0ZBVTJKMG5wS3hyVkRyWWE2d0xSQnJmdXFxdkljamEvY0NqQ2lzRmNIT3MzbkNXOElpTy92ZlM4bWIwZVF5RDNNTGRIVTZNOGVFQlQ3VmYzQk5mYkZTQUE5eWFLZ1NJWDk0dVFTZHRJbFh6Ykc3dmNSZGtoYVBvRXNOcWhMQnU0dVlEdHlEb1RjQmYvcTE4OVNLYjdYNXg3ckpxU0tQeWN3WlVXRFNtU1JsZFhwQjRvRlFZWmNMaWZncnFSaGtDU2NaOEhLQWduZnVTWGUrKzFLRUhUTW9nS3Fiak9kOWgzdz09fA&cppv=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
32734708de2b60d67049b01b8c202ea910f44ca2d199c95f1b0b2c4ba626cbd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
981536
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=IyScL3xUOE5nQlhreWEvMHRXVWlOYm9vS3N1MExCWWxkcDZMcERtTmZ0ZzVXSlpJeDRDZkZaZDZqd0ZBVTJKMG5wS3hyVkRyWWE2d0xSQnJmdXFxdkljamEvY0NqQ2lzRmNIT3MzbkNXOElpTy92ZlM4bWIwZVF5RDNNTGRIVTZNOGVFQlQ3VmYzQk5mYkZTQUE5eWFLZ1NJWDk0dVFTZHRJbFh6Ykc3dmNSZGtoYVBvRXNOcWhMQnU0dVlEdHlEb1RjQmYvcTE4OVNLYjdYNXg3ckpxU0tQeWN3WlVXRFNtU1JsZFhwQjRvRlFZWmNMaWZncnFSaGtDU2NaOEhLQWduZnVTWGUrKzFLRUhUTW9nS3Fiak9kOWgzdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
262193
content-length
0
expires
0
/
dtk.id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dtk.id/?https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_source%3Dwhatsapp%26utm_campaign%3Ddetikcomsocmed%26utm_medium%3Dbtn%26utm_content%3Dwolipop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.221.112 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-112-221-49-103.detik.com
Software
detk-new1 /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-brandid
Access-Control-Request-Method
GET
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-BrandId,x-csrf-token
Access-Control-Allow-Origin
https://wolipop.detik.com
Connection
keep-alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:38 GMT
Server
detk-new1
X-Frame-Options
DENY
/
dtk.id/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dtk.id/?https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_source%3Dtelegram%26utm_campaign%3Ddetikcomsocmed%26utm_medium%3Dbtn%26utm_content%3Dwolipop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.221.112 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-112-221-49-103.detik.com
Software
detk-new1 /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-brandid
Access-Control-Request-Method
GET
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-BrandId,x-csrf-token
Access-Control-Allow-Origin
https://wolipop.detik.com
Connection
keep-alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:38 GMT
Server
detk-new1
X-Frame-Options
DENY
/
dtk.id/ 		21 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dtk.id/?https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_source%3Dwhatsapp%26utm_campaign%3Ddetikcomsocmed%26utm_medium%3Dbtn%26utm_content%3Dwolipop
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.221.112 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-112-221-49-103.detik.com
Software
detk-new1 /
Resource Hash
9b1e25003d88cfd0e0e83755460fb2bc9f5f78fca73392af43dad456afc12265
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
X-BrandId
1
Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:38 GMT
Server
detk-new1
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://wolipop.detik.com
Connection
keep-alive
Access-Control-Allow-Headers
X-BrandId,x-csrf-token
Content-Length
21
/
dtk.id/ 		21 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dtk.id/?https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_source%3Dtelegram%26utm_campaign%3Ddetikcomsocmed%26utm_medium%3Dbtn%26utm_content%3Dwolipop
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.49.221.112 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-112-221-49-103.detik.com
Software
detk-new1 /
Resource Hash
031a4c257d233ca5d5303c10cdb7850dd2c328babb4417c63bc3d8cabded520b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
*/*
X-BrandId
1
Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:38 GMT
Server
detk-new1
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://wolipop.detik.com
Connection
keep-alive
Access-Control-Allow-Headers
X-BrandId,x-csrf-token
Content-Length
21
/
apicomment.detik.com/api/comments/old/ 		43 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/api/comments/old/?count&callback=jQuery18103983141426866277_1699402296261&key=7017040&group=234&format=jsonp&_=1699402297006
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
78b3aad5097f420d109fb4ba315b58076e4718118cb6bb5583aba03a2628cdf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-xss-protection
"1; mode=block"
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Nov 2023 00:11:38 GMT
server
comment1
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
expires
Wed, 08 Nov 2023 00:11:38 GMT
__dtm.gif
analytic.detik.com/detikanalytic/ 		32 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytic.detik.com/detikanalytic/__dtm.gif?dtmwv=4.0&dtmn=1520062792&dtmdt=Viral%20Wajah%20Dinda%20Hauw%20Terkena%20Kamera%20Wartawan%2C%20Ternyata%20Begini%20Aslinya&dtmhn=wolipop.detik.com&dtmp=/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop&dtmf=-&dtma=146380193.1520062792.1699402297.1699402297.1699402297.1&dtmb=146380193.1.10.1699402297&dtmr=&createddate=1698987606000&articleid=7017040&kanalid=234&dtmac=acc-wolipop&dtmacsub=desktop&custom_pagetype=singlepage&articledewasa=dewasatidak&articlehoax=default&publishdate=1698987606000&contenttype=singlepagenews&videopresent=No&idfokus=&author=Vina%20Oktiani&keywords=dinda%20hauw%2Ckamera%20wartawan%2Crey%20mbayang&thumbnailUrl=https%3A%2F%2Fawsimages.detik.net.id%2Fcommunity%2Fmedia%2Fvisual%2F2023%2F07%2F30%2Fdinda-hauw-memberikan-4-tips-agar-bibir-tetap-sehat-merona-alami-dan-bebas-dari-pecah-pecah-5.jpeg%3Fw%3D650&status=1&createddate_str=2023%2F11%2F03%2003%3A44%3A40&publishdate_str=2023%2F11%2F03%2012%3A00%3A06&createddate_ori=1698957880000
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.10.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.10.241.35.bc.googleusercontent.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
content-type
image/gif
me.html
connect.detik.com/token/ Frame 8556 		288 B
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.detik.com/token/me.html?autoLogin=1&clientId=63
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/libs/dc/v1/detikconnect_auto_show_user.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.buzznesia.id *.berbuatbaik.id *.ziswafctarsa.id
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET,POST
content-encoding
gzip
content-language
id
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.buzznesia.id *.berbuatbaik.id *.ziswafctarsa.id
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 08 Nov 2023 00:11:37 GMT
eagleid
a3b55c9916994022971856551e
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
same-origin strict-origin-when-cross-origin
server
Tengine
serverloc
dc-02
strict-transport-security
max-age=31536000; includeSubdomains; preload
timing-allow-origin
*
vary
Origin, Accept-Language, Cookie
via
cache35.l2sg2[32,0], ens-cache5.de5[184,0]
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
pd
google-bidout-d.openx.net/w/1.0/ Frame BEF6 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 08 Nov 2023 00:11:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
makanan-yang-mengandung-sianida-alamifoto-pexelslaker_169.jpeg
awsimages.detik.net.id/visual/2023/10/13/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/visual/2023/10/13/makanan-yang-mengandung-sianida-alamifoto-pexelslaker_169.jpeg?w=700&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
63ed7567316546bda8364d243d604fb723d1e5e0b7f8385e468d3f2b33a844ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st10
server
st9
etag
W/"f2b072a89890c84499bd5e631c2a06ded3e2f8b5"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
tren-pernikahan-rustic-1_169.jpeg
awsimages.detik.net.id/visual/2022/12/15/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awsimages.detik.net.id/visual/2022/12/15/tren-pernikahan-rustic-1_169.jpeg?w=700&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
aba5455dbc06e1f78c4b52ebbd242cf438a110bfee1840b795b9e75bc3d29313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st12
server
st9
etag
W/"e695b5fab5a36bc7655ad8e8c8b499c919931e12"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
default-169.gif
awscdn.detik.net.id/detik2/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/detik2/images/default-169.gif?w=700&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b00f7ab2fd37226c3121607d1b6717fdc03460141277653d2936c87b61abba59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Thu, 05 Mar 2020 06:12:31 GMT
server
st8
content-encoding
gzip
etag
W/"5e60984f-24bf"
cache-status
HIT
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
5-800x450.jpg
editorial.femaledaily.com/wp-content/uploads/2023/11/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://editorial.femaledaily.com/wp-content/uploads/2023/11/5-800x450.jpg?w=700&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.76.29.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-29-240.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6751f89415665b475b916c3087aa6f86de225b234ad32e1bb5e072ea3e60273a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 Nov 2023 07:35:38 GMT
etag
"6549e8ca-c215"
content-type
image/jpeg
accept-ranges
bytes
content-length
49685
logo_Beautynesia.png
awscdn.detik.net.id/wolipop/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/logo_Beautynesia.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
aec93c4e1cb844adf72661ca06216f68d970d0b681c6eec35fa88c8823b8dcc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-2784"
cache-status
MISS
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_HaiBunda.png
awscdn.detik.net.id/wolipop/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/logo_HaiBunda.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
0dfa7af0422273cb13ab6d8b09468e1f92745178b531711abd4bfa7ab5f65a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-17ba"
cache-status
MISS
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_Insertlive.png
awscdn.detik.net.id/wolipop/images/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/logo_Insertlive.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
892cbed999e182e677a982593b4a2b1054156fb5730cad5f14e26467119e062d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-1eb2"
cache-status
MISS
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_FemaleDaily.png
awscdn.detik.net.id/wolipop/images/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/logo_FemaleDaily.png?v=2023110807179
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
bbd58a1c832602875a0b34aba97d954d24dfa30ff69f95559ef675047b48a190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-2051"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
horoscope_icon_gemini.png
awscdn.detik.net.id/wolipop/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/horoscope_icon_gemini.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
52b4bbdad8f69942d3539b461925f9a52a989c01c8df185957d9269171a37120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-635d"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
horoscope_icon_cancer.png
awscdn.detik.net.id/wolipop/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/horoscope_icon_cancer.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
3b3def1e7433ee0eb222fb3a7bf99154554e5897e325eb7a660b5bbd3ba6f1cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-7159"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
horoscope_icon_aries.png
awscdn.detik.net.id/wolipop/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/horoscope_icon_aries.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
cfa24c8b0ec882d555dde9ad2f3f8e5bb66d63bec09f5589b2bde2833f8f8a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-6105"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
horoscope_icon_taurus.png
awscdn.detik.net.id/wolipop/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://awscdn.detik.net.id/wolipop/images/horoscope_icon_taurus.png
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b05ef5f969b546feba90d058063c50c94d169ea64c16df5c4d6a397199f0a057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awscdn.detik.net.id/wolipop/css/wolipop_detail.style.css?v=2023110807179
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Tue, 15 Aug 2023 03:49:42 GMT
server
st8
content-encoding
gzip
etag
W/"64daf5d6-6b15"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		745 KB
109 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3456649221265976&correlator=903517084588260&eid=44807935&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=4905536%2Cdetik_desktop%2Cwolipop%2Cmedium_rectangle3%2Cbottomframe%2Cleaderboard%2Cmedium_rectangle1%2Cmedium_rectangle2%2Cbillboard%2Cinbetween%2Cnewstag%2Chiddenquiz%2Cparallax_detail%2Cskyscrapper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13&prev_iu_szs=300x250%7C250x250%2C1x1%7C728x90%7C970x50%2C728x90%2C300x250%7C300x500%7C300x600%7C250x250%2C300x250%7C250x250%2C970x250%2C1x1%2C1x1%2C1x1%2C300x250%7C480x600%7C300x600%7C320x480%2C160x600%7C120x600&ifi=1&didk=2058300351~4073077390~3687219858~1819051668~4288544005~2042672915~1090386746~765130254~2368447945~3780431921~74228353&sfv=1-0-40&ists=16&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699402297278&lmt=1699402297&adxs=1045%2C-12245933%2C436%2C1045%2C1045%2C315%2C255%2C850%2C255%2C403%2C865&adys=1754%2C-12245933%2C561%2C671%2C1328%2C46%2C893%2C3495%2C3521%2C1637%2C893&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0%7C0%7C2%7C0%7C0%7C3%7C4%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&vis=1&psz=300x-1%7C0x-1%7C728x-1%7C0x-1%7C0x-1%7C970x-1%7C770x2820%7C595x0%7C595x2627%7C0x-1%7C160x0&msz=300x-1%7C0x-1%7C728x-1%7C300x-1%7C300x-1%7C970x-1%7C0x0%7C0x0%7C1x-1%7C300x-1%7C160x0&fws=132%2C644%2C132%2C644%2C644%2C644%2C132%2C132%2C132%2C644%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=true&dlt=1699402295090&idt=1474&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D585ff2407c94c66%26hb_bidder%3Dsmartadserver%7C%7Crefresh%3Dtrue%26test%3Devent%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D590665e59705759%26hb_bidder%3Dsmartadserver%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D57d3999bae611fa%26hb_bidder%3Dsmartadserver%7Crefresh%3Dtrue%26test%3Devent%7C%7C%7C%7C%7Cpos%3Dskyscrapper&cust_params=site%3Ddetikcom%26section%3Dwolipop%26medium%3Ddesktop%26keyvalue%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26Keyword_tag%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26militaryconflict%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26ilegal_drugs%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26adult%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26death_injury%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26hate_speech%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26spam_harmfulsite%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26tobacco%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26disaster%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26politic%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26obscenity%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26terorism%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26arms%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26crime%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26online_piracy%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang&adks=1534088838%2C318520305%2C1396284258%2C1372832113%2C674303136%2C2888458640%2C520035767%2C2873035226%2C2612592112%2C2851841614%2C3977952061&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcc78eb47dacc86b8dab1818b654c0190c66130ffbc266d58aa99329462f9dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111854
x-xss-protection
0
google-lineitem-id
5838125185,6393031877,-1,-1,5838125185,-1,-2,6338892642,6315345485,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371792708,138451353892,-1,-1,138371792417,-1,-2,138438600360,138434534781,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 440B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Thu, 07 Nov 2024 00:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
noam-mazal-ben-david_11.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/08/noam-mazal-ben-david_11.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
da8868c1538bedd78cb1e41ef00b3447f19fe229a8efcd4abf024311ea160449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st4
server
st9
etag
W/"f3e89529761c1aff2f37c7dc89ab2f729a83c309"
cache-status
MISS
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
kebaya-jeng-yah_11.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/07/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/07/kebaya-jeng-yah_11.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
b187ca53ddd2e1900e33c4b896558a6466e5473dd47c8d4d28f5d173ce55894b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st6
server
st9
etag
W/"229108afbb5892bda4828376a4edae1554849a89"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
fuji-2_11.png
akcdn.detik.net.id/community/media/visual/2023/11/07/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/07/fuji-2_11.png?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
61268b14700ddb3aef72f067203f53125398eeefed477c13070f2d9087b45482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st14
server
st9
etag
W/"a4f99308c7e2581f5c2832b4fcc76896b4ae9a33"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
bastian-steel-3_11.png
akcdn.detik.net.id/community/media/visual/2023/11/07/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/07/bastian-steel-3_11.png?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
c7f9088bb919d242906a5334558c0d6426cb816c5d6e03890e18b5455ac2db67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st14
server
st9
etag
W/"6db1f30991b9505563ca15d1084bcc0e4a49f559"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jio-world-plaza-2_11.png
akcdn.detik.net.id/community/media/visual/2023/11/06/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/06/jio-world-plaza-2_11.png?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
433d65c08ed611bf6048438f0a053a9dcd44c71735ca7f7c8bbaaa624d37bd6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
middle-cache
MISS
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st8
server
st9
etag
W/"ebd725a00949aeef8fce2d3197c9bfc7a51f4862"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
toblog.tobsnssdk.com/service/2/abtest_config/ 		80 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toblog.tobsnssdk.com/service/2/abtest_config/
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
4e7e2b206e2763a8a7a52419f1bc0f3b595ab80c0808fbb940eea61207a4d592

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:37 GMT
x-akamai-request-id
df82d24e
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
TLB
x-tt-logid
20231108001136E01E8894A4244D385E07
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
175,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b29a2d0b64ada9f5dc21dcfb44cc68e12d0ca03ba9cb7a743a483aea8cf7f3d271ee852ad69f6464f8568eead3593d340
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=175
content-length
80
expires
Wed, 08 Nov 2023 00:11:37 GMT
list
mcs.tobsnssdk.com/ 		7 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82d23b
date
Wed, 08 Nov 2023 00:11:37 GMT
upstream-caught
1699402297690877
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=1, origin; dur=160
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
2023110800113664C852EE9DA1FF074EC0
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
160,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad27f34086dc60633eedb4dcf5f52944482173b25422001186b040e33a8153c7780
expires
Wed, 08 Nov 2023 00:11:37 GMT
list
mcs.tobsnssdk.com/ 		7 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey
566f58151b0ed37e
Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82d236
date
Wed, 08 Nov 2023 00:11:37 GMT
upstream-caught
1699402297691368
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=0, origin; dur=165
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001136DBBBBC2F4E2D07630844
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
165,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf06c49e2f20c2ecbdc9e165da4c6f2e1a10890b74a59ba1786da10073c2c7fdc6f4aca1b4c7ae214dc5a2384af74370f7e
expires
Wed, 08 Nov 2023 00:11:37 GMT
list
mcs.tobsnssdk.com/ 		7 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82d26c
date
Wed, 08 Nov 2023 00:11:37 GMT
upstream-caught
1699402297726195
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=0, origin; dur=164
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001136A64675C62B3D3C0327DB
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
164,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
expires
Wed, 08 Nov 2023 00:11:37 GMT
list
collent.detik.com/ 		2 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collent.detik.com/list
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
via
1.1 google
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
toblog.tobsnssdk.com/service/2/abtest_config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toblog.tobsnssdk.com/service/2/abtest_config/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=3 cdn-cache; desc=MISS, edge; dur=0, origin; dur=158
x-akamai-request-id
df82d14a
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
158,104.126.37.181
x-tt-logid
20231108001136AABA584E71B06D307C79
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf0cdf2b89ac88c606e1f8b759073d7390361b951165df13e1da3852dce3f387806ea0cc9d37eba7979c89cc820696fb0f0
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=156
upstream-caught
1699402297497332
x-akamai-request-id
df82d149
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
156,104.126.37.181
x-tt-logid
20231108001136DBBBBC2F4E2D0763082E
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf06c49e2f20c2ecbdc9e165da4c6f2e1a160ea7151bb4822163bfc634b29af868755e8995ebcf3f94f1389a325070c6c9d
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mcs-appkey
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-mcs-appkey
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=0 cdn-cache; desc=MISS, edge; dur=0, origin; dur=154
upstream-caught
1699402297495482
x-akamai-request-id
df82d14b
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
154,104.126.37.181
x-tt-logid
2023110800113664C852EE9DA1FF074E9B
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad27f34086dc60633eedb4dcf5f52944482173b25422001186b040e33a8153c7780
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:37 GMT
expires
Wed, 08 Nov 2023 00:11:37 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=1, origin; dur=155
upstream-caught
1699402297517102
x-akamai-request-id
df82d160
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
155,104.126.37.181
x-tt-logid
20231108001136909F8D6F6D09B812C510
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf090eb6413492a819c50db914bd599c170ba7b7a5f314edfb945ba15835cd3f4ca7078e12993f19c21d902bf68d4f071c1
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
collent.detik.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collent.detik.com/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
access-control-allow-methods
POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 08 Nov 2023 00:11:38 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
index.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/ Frame 17BE 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cceea0fb02b94dc0343642dde73532e4d5876a66d8e4170a8be5b472e755fdbf

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d251e
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
citvM+v7mXF20co2EZ5kHQ==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
16460
last-modified
Tue, 24 Oct 2023 10:10:12 GMT
opc-request-id
iad-1:IU13VMs3uG_1r_i0218e1qSdd3U3lGl1bc32VbhFfUxNMxTWDSju5A0sENsbZPNu
x-api-id
native
etag
dc9f4d40-cc65-4420-a5c8-7bea7a276328
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
1d6a8f1a-28d7-4acb-9bbb-c6ef09cdfac9
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:38 GMT
webmssdk.js
sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame 17BE 		619 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
9738b9d
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
z6lb4ggvjhvby2nY7JSVRA==
x-cache
TCP_MEM_HIT from a23-54-206-23.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
3,23.192.44.214
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=210
content-length
188901
x-tos-request-id
ea484068ccaa9a3e6368ccaa-abf3427
x-tos-response-time
Mon, 07 Nov 2022 09:15:22 GMT
last-modified
Mon, 07 Nov 2022 03:53:53 GMT
server
nginx
etag
"CLn13/mVm/sCEAE="
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1764126
x-origin-response-time
223,23.192.44.230
access-control-allow-credentials
false
x-tt-trace-host
011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911
timing-allow-origin
*
access-control-allow-headers
*
tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 17BE 		2 MB
565 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f53f372f689059afb73db548dec6c019104427f7796e7c352b394a5c1666dc22

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d251c
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
hDpSiXnffjiXM0FZLTU2WA==
x-cache
TCP_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=2
storage-tier
Standard
content-length
577422
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:ZP9jJzHhrSgywAxSr5VRN7Cdds5egQd0ybIleW4_0I3M4J1NL0LCEWKmiyFfRfrX
x-api-id
native
etag
a911b2c7-ae37-4328-9798-4b56053b580b
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
c8045553-63ca-4728-aeea-0311752d1f89
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:38 GMT
vendors~home.module.e801207375152283d9f9.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 17BE 		154 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/vendors~home.module.e801207375152283d9f9.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82140abb49d323ef675484f9ab07527f7ec42f1abba9710fdeed2cf036891956

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d251b
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
mPg02YcXyGm8DwvmXkmtkw==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
41749
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:F6kY-99dSPWd5x8o4kKdk5YB5a8jdyGxTt9HBDrw4d2bzbUYjJaWb7BNuFkDzgyx
x-api-id
native
etag
45585525-0814-4ac6-9426-e32c9207af1f
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
8d332dbe-8f86-4bf7-af85-dac0471399b0
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:38 GMT
home.module.6fe9d52b239d003fa3a7.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame 17BE 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/home.module.6fe9d52b239d003fa3a7.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7941202bc792f9125d713040a0c460c06fc48eda478112850490c19048978237

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d251d
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
tx1MjiEn15PNGQpdKRx8IA==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
30601
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:X3FFXOICcifmsHV99YHdYOiCQz62UFLQcY1jg_ghsNDJhv0dsh2MBudG86xkd1YE
x-api-id
native
etag
f8f7d8b0-3735-449a-bb06-9ac3d990e024
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
7629e64b-91c5-42bd-b8e1-ce6ab80da7be
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:38 GMT
oQJoibsnwRzKAEIKyxIcW2idBPA7qcfiAlAjB5
p77-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 17BE 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/oQJoibsnwRzKAEIKyxIcW2idBPA7qcfiAlAjB5?x-expires=1699574400&x-signature=j%2FB85BoZceLCmZpEUuixYSdAPkQ%3D
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.212 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
559277417.fra.cdn77.com
Software
CDN77-Turbo / ImageX
Resource Hash
accd7e50512ec80b0537a4c68ce99657062c2988bfb6354afde93ecc707101c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-77-pop
frankfurtDE
x-tt-trace-tag
id=00;cdn-cache=miss
age
159390
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
inner; dur=1
x-77-nzt
AorHJdM3Nzeh1GY43Dc3N++cQAYA
x-77-age
409756
x-tt-logid
20231101100551F56CC5BDA8001AE62027
x-response-date
Wed, 01 Nov 2023 10:05:52 GMT
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2023-11-01T10:05:52.536722509Z 45
cache-control
max-age=31536000
x-request-ip
fdbd:dc51:4000:294:a::141
x-tt-trace-host
01507381b2aa62738053349fa1f660196eaa6f86075e33f8f1439db1643c2737f9eb7d84744217a2be04dbec63f4adb0e904c4a390ae0bf745deb98cd94bb09d4921a903c2b1efa4a2f4821ed2253bf61bea051b5157c2dc2ad804dc6823b6a9e87098e7b9de646083b9e89469f6ff72dc
imagex-fmt
jpeg2jpeg
x-response-cache
edge_hit
date
Wed, 08 Nov 2023 00:11:38 GMT
via
n234-090-045
nw-session-id
20231101100551F56CC5BDA8001AE62027whwg212tt
x-powered-by
ImageX
x-77-cache
HIT
x-length
51095
x-accel-date
1698992542
content-length
51095
x-cache-lb
MISS
x-accel-expires
@1730528542
last-modified
Wed, 01 Nov 2023 10:05:52 GMT
server
CDN77-Turbo
x-77-nzt-ray
69e55521b1ee0b533ad24a65a9154c01
x-response-cinfo
fdbd:dc51:4000:294:a::141
accept-ranges
bytes
timing-allow-origin
*
browser.maliva.js
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame 17BE 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-16.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
c0fad728793d21b5b344f31239c556682a13d08ffdd5d3f0b5b812d02454eb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
8790d16
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
Gf4n/RfeoQU48zTvyfEBNg==
x-cache
TCP_MEM_HIT from a23-54-206-16.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
17751
x-tos-request-id
3e9288435861625d65435861-abf38c5
x-tos-response-time
Thu, 02 Nov 2023 08:05:53 GMT
last-modified
Thu, 02 Nov 2023 08:03:28 GMT
server
TLB
x-tt-logid
202311020805537C5112C7A8EAE7F994BF
etag
W/"19fe27fd17dea10538f334efc9f10136"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-request-ip
fdbd:dc61:c:375::138
cache-control
max-age=300
access-control-allow-credentials
false
x-response-cinfo
fdbd:dc61:c:375::138
x-tt-trace-host
015edd83d8daa8c101d3e5d3d6a1901ec83e4e575a8f1e190ff128c3521a00a8e90870cf440ac9dc1f12fe1d08e5b1ccdbc417d83772455a2523094f311ae436325244f1282567cd944eb243484c8c43d00721d2ac6489a0aaf026c5b0494adfb763d6aaa69050a779e7ac9f4c4a5d49647724ebd734946cb0a7ff817582294f2d
x-response-cache
edge_hit
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 08 Nov 2023 00:16:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj8Vnxy0XJQ2342TkYamF__Cj5jW6rK9op6ya73Ikwzh0FBVByEx4DtHXQJvQG5HWjLU-8ner4J6XHxItuxsg5q3Unh5_TaNDMOFVYTWsHbq6kraPobouyFhLyDrHurxcxCLGP9QKGbH0wYqNZOqomX-we0yA3z3gHtY-2JiGtk-QYSrDJqDcz-P2CuhtgIvflwNuRwF_iNlBJj8zjM7VcQx1YskXL7JZixu5hqiY3pTvvdDRwSo4G6KYgJU6xUao4CtmZyBUOKbNOt90FlewSlbMi1sT6fsuXFUqG3zt4RfLKrSAt6ZbAsfUDOU1ytzlDmTliiJ7kT9N-WDkGJ9wo48qGkUF3lEbXNWEPO4cnuPXhvhbDtpA_Tjzo-go&sai=AMfl-YTm_LmCQT596V68j2qbykSgYhVK5i77wBGqyBFyWge-asKm3GUQ8Gz72W1BxLre0Zxdj0bmYIQGBieIT_cTiOYch8MZFfLKJPpd7LHnAwdWSePsJ6q4uOq60kNqrg&sig=Cg0ArKJSzPtcGQcWg52SEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E6B5 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e7d5842e4d1ca823c3e8a63f7f6fa50eb1a0f7479979d940144cc3fc2139284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32158
x-xss-protection
0
server
cafe
etag
989 / 19669 / m202311020101 / config-hash: 298745424321014486
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6B5 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:38 GMT
viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya
wolipop.detik.com/makeup-and-skincare/d-7017040/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/navbar.portal.v5.js?v=2023110807179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
text/html
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
dtkframebar-controller.js
cdn.detik.net.id/libs/assets/js/framebar/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/assets/js/framebar/dtkframebar-controller.js?_=1699402298556
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
4e660117322b78cf89440b7d5f15d74f12fac132787797bba05406f39aba417b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Wed, 04 Mar 2020 10:11:15 GMT
server
st8
content-encoding
gzip
etag
W/"5e5f7ec3-13ae"
cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D264 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Thu, 07 Nov 2024 00:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 2414 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2414 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2414 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2414 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:48 GMT
age
108230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2414 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 2414 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:48 GMT
age
108230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:48 GMT
truncated
/ Frame 2414 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5efefb96185ed4c2025b21422c6602ba54889de5942803b2dc5f47ae294812

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
img_1.jpg
tpc.googlesyndication.com/sadbundle/15595733776304027178/ Frame 2414 		392 KB
392 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/15595733776304027178/img_1.jpg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba0ce59cd9944729ad8cc287309c2e340c76124c3f006e1afe581d57be367d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 17:16:01 GMT
x-content-type-options
nosniff
age
111337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401139
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 16:54:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Nov 2024 17:16:01 GMT
dustOverlay.png
tpc.googlesyndication.com/sadbundle/15595733776304027178/ Frame 2414 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/15595733776304027178/dustOverlay.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d2e773e8d4e178149eaf884ce7d2bf680daf4341375c2d31b9df91c72936cd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 17:16:01 GMT
x-content-type-options
nosniff
age
111337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27024
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 16:54:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Nov 2024 17:16:01 GMT
logos.svg
tpc.googlesyndication.com/sadbundle/15595733776304027178/ Frame 2414 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/15595733776304027178/logos.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a0338c31a2dda363fc288386f7e6ef00426dcc1f18376434061ee4a0394e364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4014
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 16:54:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 00:01:20 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2414 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:17:15 GMT
x-content-type-options
nosniff
server
cafe
age
64463
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:17:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2414 		344 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
61997
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame 2414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYGUs835aLzKRe_YajjHbOFOjrqLh-3FvMvK7ssb5QT7GGjYhAQlqDf16jSO-hZ1ww5nCj2o0kOescyYiNbluJFMGfOg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 51E3 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 51E3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 51E3 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 51E3 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:48 GMT
age
108230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 51E3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:47 GMT
age
108231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 51E3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Nov 2023 18:07:48 GMT
age
108230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Nov 2024 18:07:48 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 51E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:17:15 GMT
x-content-type-options
nosniff
server
cafe
age
64463
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:17:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 51E3 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
61997
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:58:21 GMT
truncated
/ Frame 51E3 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1af8741f9495b5f06d43d556bbb983cfeb723f569cab1019777de546045b3a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
img_1.jpg
tpc.googlesyndication.com/sadbundle/6426749825418355194/ Frame 51E3 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/6426749825418355194/img_1.jpg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36dc45ca451b3ef3309e4094558c60c8dbca67dc7db5800642f16dc08e69e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 17:14:00 GMT
x-content-type-options
nosniff
age
111458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274028
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:16:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Nov 2024 17:14:00 GMT
dustOverlay.png
tpc.googlesyndication.com/sadbundle/6426749825418355194/ Frame 51E3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/6426749825418355194/dustOverlay.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c1e6f843e3f5a0d5245cf4bc7a903ed73425697a8e64a28bb1051ec4959964a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:01:35 GMT
x-content-type-options
nosniff
age
603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13997
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:16:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 00:01:35 GMT
logos.svg
tpc.googlesyndication.com/sadbundle/6426749825418355194/ Frame 51E3 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/6426749825418355194/logos.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
211f00fbc65c192cd3474af35275ddcbfcdad7d91817ff8d27eb2c4b838d1e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3926
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:16:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 00:01:35 GMT
l
www.google.com/ads/measurement/ Frame 51E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpM2FIvaINHJJkHb-qzypwaByljZrxumfwUchxmSrzpfIFpAX0WMAiyvKJT1XOOsNqORAR9U7ADvWjN1agAxmJk_oIDw
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
container.html
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F737 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Thu, 07 Nov 2024 00:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jquery.min.js
cdn.detik.net.id/libs/newcomment/js/ Frame 10C6 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/js/jquery.min.js
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
ff06e528f84f10aeb70fcfcef8760b592d20cf5bcbdfd216292180a909350c99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 04:01:28 GMT
server
st8
content-encoding
gzip
etag
W/"62676e98-15d8c"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
xcomponent.frame.min.js
cdn.detik.net.id/libs/newcomment/js/ Frame 10C6 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/js/xcomponent.frame.min.js?v=1
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
00b0534e0ea12ee3bc1fc850484e4ec5cb41e59f3bab1a25001035e59295f1b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 11:19:16 GMT
server
st8
content-encoding
gzip
etag
W/"5f22acb4-25702"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge.js
cdn.detik.net.id/libs/newcomment/js/ Frame 10C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/js/bridge.js?v=1.27
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b7e5b9782716544084bbc417c495802bfc509e47c30e75d0b03e9043471a15c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 04:01:49 GMT
server
st8
content-encoding
gzip
etag
W/"6254f9ad-d4f"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
comment-dev.vendor.js
cdn.detik.net.id/libs/newcomment/build/ Frame 10C6 		230 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/build/comment-dev.vendor.js?v=2.28
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
c5602a33bc3762d88eda6891e0740fa068f86de1de5c373c65f0320658befe47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 17 Feb 2021 09:32:04 GMT
server
st8
content-encoding
gzip
etag
W/"602ce294-39677"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
comment-dev.app.js
cdn.detik.net.id/libs/newcomment/build/ Frame 10C6 		454 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
6a6be88bdc5a0a4192e31be5dcb0335086374e7deec413a2a6a847f5ae29ea4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 12:03:50 GMT
server
st8
content-encoding
gzip
etag
W/"61a0cd26-7173a"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
newsfeed_recommendation
wolipop.detik.com/ajax/ 		6 KB
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wolipop.detik.com/ajax/newsfeed_recommendation
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.109 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-109-221-49-103.detik.com
Software
/
Resource Hash
cceb9765e8846a6f10103fc565d5c3743bbd47d0ed49ceab2466e0b78c6c3e82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
content-encoding
gzip
content-type
application/json
x-fastcgi-cache
MISS
access-control-allow-credentials
true
s
21
list
mcs.tobsnssdk.com/ 		7 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82d894
date
Wed, 08 Nov 2023 00:11:39 GMT
upstream-caught
1699402298946702
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=168
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001137A64675C62B3D3C03284E
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
168,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
expires
Wed, 08 Nov 2023 00:11:39 GMT
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Wed, 08 Nov 2023 00:11:38 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=152
upstream-caught
1699402298740112
x-akamai-request-id
df82d782
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
152,104.126.37.181
x-tt-logid
202311080011370E328C4D50612F3C5884
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b6ea6988213330f0c01807437a059ea4b6d3488834e29ece87e5076aaedf48e81c89731111392400176a238e8655732b9
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
batch
services.insurads.com/dfp/mapping/ Frame A857 		2 KB
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/detik_desktop/wolipop/billboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:970,%22h%22:250,%22eId%22:%22main_detik_desktop_wolipop_billboard_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/skyscrapper%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:160,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_skyscrapper_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/medium_rectangle1%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:300,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_medium_rectangle1_0%22},{%22eaUp%22:%22/4905536/detik_desktop/wolipop/leaderboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:728,%22h%22:90,%22eId%22:%22main_detik_desktop_wolipop_leaderboard_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402298637
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7a02e87ecf7338a96b773fe46caec0737044e6cbcc6f87539d248a89f80ca90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1769 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D264 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AikjZqnIWH9nYUEdpB_RgPB-_5zYhVCcVsZydtXXdgXULi2b7Lz7mYwRAmgamA67G7WnRv_1fFYCeAtQfZdTkfO9j4OADNCLcrOqtdYh6ehRgTVY4
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4109526509300251120&x=1&ct=76
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame D264 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:50:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame D264 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame D264 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYxyOemRWdINdgrCIwQOEFvLRwmcS82cF5JUa9qRhZ4NEOK3HuPl88h9455LMhLe0FfJiQfLAVGJnjY6bXdeu7_XGVEQ
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D264 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:38 GMT
ad
services.insurads.com/ Frame 2990 		131 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=910278&appId=2414&s=2830&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&sid=0DFB0B19CD42A0AB&v=1.14.20&ts=1699402298646
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0bf5fbfbc32e4154e3e932bcf9dcdae0e256da51214c009f0410c298600de438

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ Frame E6B5 		426 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8845
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 06 Nov 2024 21:44:13 GMT
core.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/ Frame 17BE 		73 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/core.js?globalName=__PNS_RUNTIME__
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bccc18796cb0cffa1e8c4fccbc34fecc60147c087aebcdb58f8daefbb6d6f69f

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2897
date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
z5PXIV4RsMgyoF52nBzwgQ==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
23131
last-modified
Tue, 24 Oct 2023 10:10:14 GMT
opc-request-id
iad-1:KQRl-tt-d8K5Menn-o3h16mZfLvbojxgE7I6YSqtB7T6J_NyRi0yiiNTR62ovg8E
x-api-id
native
etag
55359fcb-bc0f-4ebd-ade6-277fc61cf362
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
525f9b79-4567-4ce7-9131-e3d0475e3fd2
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A601 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F737 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3420da2b260abe345161cc29857cbbc84426d366c896a1738302e7aa56e9496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32794
x-xss-protection
0
server
cafe
etag
4863332729753539511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F737 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DbUC3r4zkNhrNw4QuCwkVkkx3-fkSioZNK6qHrev1NfQhIHEY_HSMD_DefGNmUw0pQbIPblNzUZgfirXkgsWa6ewabg1w_chMiEK4gOyKX4lUZ3NE
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F737 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1210583404178589213&x=1&ct=76
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame F737 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:50:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame F737 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F737 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:38 GMT
oQJoibsnwRzKAEIKyxIcW2idBPA7qcfiAlAjB5
p77-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/ Frame 17BE 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p77-sign-sg.tiktokcdn.com/obj/tos-alisg-p-0037/oQJoibsnwRzKAEIKyxIcW2idBPA7qcfiAlAjB5?x-expires=1699574400&x-signature=j%2FB85BoZceLCmZpEUuixYSdAPkQ%3D
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.212 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
559277417.fra.cdn77.com
Software
CDN77-Turbo / ImageX
Resource Hash
accd7e50512ec80b0537a4c68ce99657062c2988bfb6354afde93ecc707101c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-77-pop
frankfurtDE
x-tt-trace-tag
id=00;cdn-cache=miss
age
159390
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
inner; dur=1
x-77-nzt
AorHJdM3Nzeh1GY43Dc3N++cQAYA
x-77-age
409756
x-tt-logid
20231101100551F56CC5BDA8001AE62027
x-response-date
Wed, 01 Nov 2023 10:05:52 GMT
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2023-11-01T10:05:52.536722509Z 45
cache-control
max-age=31536000
x-request-ip
fdbd:dc51:4000:294:a::141
x-tt-trace-host
01507381b2aa62738053349fa1f660196eaa6f86075e33f8f1439db1643c2737f9eb7d84744217a2be04dbec63f4adb0e904c4a390ae0bf745deb98cd94bb09d4921a903c2b1efa4a2f4821ed2253bf61bea051b5157c2dc2ad804dc6823b6a9e87098e7b9de646083b9e89469f6ff72dc
imagex-fmt
jpeg2jpeg
x-response-cache
edge_hit
date
Wed, 08 Nov 2023 00:11:38 GMT
via
n234-090-045
nw-session-id
20231101100551F56CC5BDA8001AE62027whwg212tt
x-powered-by
ImageX
x-77-cache
HIT
x-length
51095
x-accel-date
1698992542
content-length
51095
x-cache-lb
MISS
x-accel-expires
@1730528542
last-modified
Wed, 01 Nov 2023 10:05:52 GMT
server
CDN77-Turbo
x-77-nzt-ray
69e55521b1ee0b533ad24a657d70412d
x-response-cinfo
fdbd:dc51:4000:294:a::141
accept-ranges
bytes
timing-allow-origin
*
truncated
/ Frame E6B5 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73602afa2d94bb8f75431c3ff7a674a95a5599fd23fa3782cfddc283f6611d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
/
v19-web-newkey.tiktokcdn.com/10b513d681c988d41d42b819379e8204/654b26c8/video/tos/alisg/tos-alisg-pve-0037/oUlijBAPIHKqMREJmfzb7EcIy7zjWBlZnQiwAA/ Frame 17BE 		380 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v19-web-newkey.tiktokcdn.com/10b513d681c988d41d42b819379e8204/654b26c8/video/tos/alisg/tos-alisg-pve-0037/oUlijBAPIHKqMREJmfzb7EcIy7zjWBlZnQiwAA/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C3&cv=1&br=1668&bt=834&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=bL4kamgdPD12NVL.Uf-Uxj-2LYKt3wv25uaAp&mime_type=video_mp4&qs=0&rc=ODw4NjY7NDY2aTdlNjo4NkBpajgzb205cjdybjMzODgzNEA0YDQvMy5hNjUxYTY1YDIwYSNlc2VhMmRzZXFgLS1kLzFzcw%3D%3D&l=2023110800113685BC9A5E576BEBB3271B&btag=e00088000
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tiktok.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 08 Nov 2023 00:11:38 GMT
via
n234-044-081, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-tt-trace-tag
id=19;cdn-cache=hit;type=static
Age
897352
X-Cache
HIT, HIT, HIT
X-Bdcdn-Cache-Status
TCP_HIT
Content-Range
bytes 0-5033420/5033421
Connection
keep-alive
server-timing
cdn-cache;desc=hit, edge;dur=2
Content-Length
5033421
X-Served-By
cache-qpg1226-QPG, cache-mrs10554-MRS, cache-fra-eddf8230053-FRA
X-Storagegw-Request-Id
02169850494712400000000000000000000ffff0af52cf3f9143f
Last-Modified
Fri, 27 Oct 2023 10:23:53 GMT
X-Timer
S1699402299.908230,VS0,VE2
Etag
"05ad07df3217badc30eaa225539be525"
content-type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Sat, 28 Oct 2023 14:55:47 GMT
Cache-Control
max-age=2592000
x-request-ip
10.240.250.63
x-response-cinfo
10.234.44.81
Accept-Ranges
bytes
x-response-cache
edge_hit
X-Cache-Hits
84, 11, 0
/
v19-web-newkey.tiktokcdn.com/10b513d681c988d41d42b819379e8204/654b26c8/video/tos/alisg/tos-alisg-pve-0037/oUlijBAPIHKqMREJmfzb7EcIy7zjWBlZnQiwAA/ Frame 17BE 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v19-web-newkey.tiktokcdn.com/10b513d681c988d41d42b819379e8204/654b26c8/video/tos/alisg/tos-alisg-pve-0037/oUlijBAPIHKqMREJmfzb7EcIy7zjWBlZnQiwAA/?a=1988&ch=0&cr=3&dr=0&lr=tiktok&cd=0%7C0%7C1%7C3&cv=1&br=1668&bt=834&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=bL4kamgdPD12NVL.Uf-Uxj-2LYKt3wv25uaAp&mime_type=video_mp4&qs=0&rc=ODw4NjY7NDY2aTdlNjo4NkBpajgzb205cjdybjMzODgzNEA0YDQvMy5hNjUxYTY1YDIwYSNlc2VhMmRzZXFgLS1kLzFzcw%3D%3D&l=2023110800113685BC9A5E576BEBB3271B&btag=e00088000
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tiktok.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 08 Nov 2023 00:11:38 GMT
via
n234-044-081, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-tt-trace-tag
id=19;cdn-cache=hit;type=static
Age
897352
X-Cache
HIT, HIT, HIT
X-Bdcdn-Cache-Status
TCP_HIT
Content-Range
bytes 0-5033420/5033421
Connection
keep-alive
server-timing
cdn-cache;desc=hit, edge;dur=1
Content-Length
5033421
X-Served-By
cache-qpg1226-QPG, cache-mrs10554-MRS, cache-fra-eddf8230104-FRA
X-Storagegw-Request-Id
02169850494712400000000000000000000ffff0af52cf3f9143f
Last-Modified
Fri, 27 Oct 2023 10:23:53 GMT
X-Timer
S1699402299.908116,VS0,VE1
Etag
"05ad07df3217badc30eaa225539be525"
content-type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Sat, 28 Oct 2023 14:55:47 GMT
Cache-Control
max-age=2592000
x-request-ip
10.240.250.63
x-response-cinfo
10.234.44.81
Accept-Ranges
bytes
x-response-cache
edge_hit
X-Cache-Hits
84, 11, 0
webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 08 Nov 2023 00:11:39 GMT
Server
TLB
Server-Timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=93
X-Origin-Response-Time
93,104.126.37.172
X-Tt-Logid
202311080011384F9F268D855817FC9C81
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193089dfdb2b2f448cb7e56b20c4c20a5fdb0d28142c27517bc8a864178dbad29218ceba6c4451145f5c50284356ab898a3b5927ca0544da9116db172ed76d03d03b4bc3f4eaf5ce399d94602f6df4e3abb
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 17BE 		58 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
bc06d7117c39728e1a21fc31f98bd4d40bc01bbd1ef7c7f645baa9231ce0ff19

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 08 Nov 2023 00:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
Server
TLB
X-Tt-Logid
202311080011384F9F268D855817FC9C82
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
95,104.126.37.172
Cross-Origin-Resource-Policy
cross-origin
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193089dfdb2b2f448cb7e56b20c4c20a5fdb0d28142c27517bc8a864178dbad29218ceba6c4451145f5c50284356ab898a384aa09e61796811cbe75e98d00b7f4a6a356f325ab113209e7994ff37e0b125b
Server-Timing
inner; dur=10, cdn-cache; desc=MISS, edge; dur=1, origin; dur=94
Connection
keep-alive
Content-Length
58
rum
dsum-sec.casalemedia.com/ Frame 1769
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqhJXFo%2BkwOMkM40846PwSqFlyJ6e3sZ8NUgcARHNydTQhWliJjXuC0L7XdE9q3eowx81KxxhC7dLB3GHe9O2s2TTKF6YZvso4f%2BU%2Bt5OIJ4oFU9P2LB2nQNekh0SjycHiBcOiw6ScCnYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822999912848994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1769
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUrSO-DHgMKaZjBnVxnF7QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h91ajmuK%2Bw3KNTd%2Bnq0i6%2FWod7n8fFe%2BR7i2QEDeZwXTwkriW%2F%2BVJhwNPu2M2kRoAXWocZWO9vuEdnvwCxhB%2Bf43VKt84bTpVzpcWx7DiS67rmIWakbFgtHtQkFjdRf5xVNAFSyeSFa5tA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82299991d8c3994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 1769
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3boujy9wrMbE1Ay1d4vuw&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
9a4c7d29-7ede-4f8a-9b99-a956e533e7ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
076c1efc-468e-441b-86cd-5f5d3ee3358a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1769
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIYzozs_AEwAQ&v=APEucNUULxNrmyv97MTJLpliUcjHlNl8qXgwCS8nG6ZSGSKtl-eAJwRXDq7L3AIGtRltDChEebXRrW5P--tWpz8vflG8ehmCTxRKPrk2G3dhsWtRwr8X7EpwAPxt9Eu3OCbTDfTJJz8aS10jIzHVBJMzDf_ytGfjLk-VX3oWv3Osk__aPr5dATg
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
33bd8bd2-0a68-4422-a61d-deb1f7caae0d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A601
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EecRyVqfaiNLLxszj9SSpoyesKVYIf3pY6pezpBT0SV%2BWwAEOOpKT6gP4L6TesnDlJSjdUnVoov96a16xRCiGYPd3Xi4%2BF%2B0oD5FlNML0np4lUxAi%2F4yJoCOCAVxNrYtuvoM4DFnU8IH0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822999912847994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A601
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUrSOy84xJLwNJ8zQTutuwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B0A577s0NZ5NWdsfqwT7SohrIElh%2BAuxlEkMi4ZaTKoMnIUo0Tf%2FYMT5cM1Z9AAVTmzXROokesnGXVS92TODVt8iCSHXGZffctNzzX3fQAvri5mnDbSKouDGmgHlYCmmxVWM98CWMx9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82299991d8c2994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHvk0m7K8WjfYUR3hZDWE50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A601
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL3boujy9wrMbE1Ay1d4vuw&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
f2062ef1-145d-4cc5-95e1-df9deead70af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
641d092c-6d44-4202-9812-1d11ff95c1a9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEL3boujy9wrMbE1Ay1d4vuw%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A601
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa29wIQlb-o3QIY5Onr_AEwAQ&v=APEucNUNscTweZ29znAIrF6Hk1xrcu_iE7RLTcEr-PLvb-gFrlJ70nrozmBYhok7tPN47Sag0Qs1iyFFIAeuf0BrqjGQ7-xNbA2CXCQRwd0AGRDgct_zUFauV8O97KOE0Ja_a9-Sg0sPF_7BVYHtvtZ4fBmP_S-oq70T36gdaLUPq9HgEwG9K7M
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
33b42a6b-1d15-41c1-814c-19eaf7342afa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
devtools.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/ Frame 17BE 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/core.js?globalName=__PNS_RUNTIME__
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d29d5
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
SBOqY3b5/4rueltCkuSr0w==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
1706
last-modified
Tue, 24 Oct 2023 10:10:11 GMT
opc-request-id
iad-1:OvaLiSBGqsjwswdFP72BnxM9Suprs-tljBSynEH5Wk_pHeQSdTN9KuHZTSJyekYj
x-api-id
native
etag
1ebbd422-67eb-4c1a-b54c-e4ed7815123a
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
9a3307b3-aaa0-4b81-9777-4a73d0925911
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E6B5 		699 KB
95 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3253451422209209&correlator=3360827701766996&eid=31079443%2C31079469%2C31079309%2C31079380%2C44807689&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=21927187246%2C235978_detik.com_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&abxe=1&dt=1699402299038&lmt=1699402299&adxs=436&adys=1199&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=0&ucis=wc7cv1lyxb58&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ref=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&top=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=85861306.1699402297&ga_sid=1699402299&ga_hid=555180962&ga_fc=true&dlt=1699402297933&idt=1094&adks=3008943920&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4538a7ea9e4ba96e01f49608ce101196f39e1b12d17b140436a75ef3d830644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97197
x-xss-protection
0
google-lineitem-id
5848912714
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406575142
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2076 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:39 GMT
expires
Thu, 07 Nov 2024 00:11:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6565877293710&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6565877293710&version=m202309260101&ct=76&x=1&cor=4109526509300251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D264 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW2aQam217L1wAMQclhjwSwwp740SYY2yrG4-n5SYHjjJoa0wL6Us2vV1FVSusDvcajYv5a2OmnY_bSVmNFLnCrKWr_Q&cry=1&dbm_d=AKAmf-BShFO0e9GFItRd_FcPc-BENjHxV9zQoUqJh8CUxSVAiXImcDf-bqTllbqvIilLjiegYeW6xWr7Af4TKaLWkc5uN7iT0RVPi5jbuRmBXQvEua8h1B-tHQ63jzF7HERseTsv7tbNrjGO0qmBC-cX0inJmKu4DAHMT84DqBVhHOWCa5fK-zurLBH0iWMYiw_GGAKkt8h0N9WFqBTrWL7V6SBbcsh2zMrshDs3TfXkPjf-aOBAfrP1CTdkmawSPbMNEpXUFs3I68s4wnjKTY9dM6-C3vzXo0dgJDHmVYaqOhEmGielFbx73YiKquICatZ91g5ls8OiAHKJTg4dBhMhdujMIGJURQFF_sEp8mPkN7oSJzhR5GD3_KCdhB1hHXm0XE-WBepK52HEanFhLOeLsPW6gcyUqueLEfcSDTZMWpcrMHB2ww2HKi0R1YuP3AlShb9oCCFjkdEoVExHiybkOGBWx-GZO-KrGwNPsi5joe-UEHm2vL6ZyF11XPOPE-Qytgb4_VrJqovpeHFB0qH6bbPa1U5qkMWXx_myDGbRSAIf_GUmkNgvMNe9m2lU-cVTxEhNYiKhYeF3NGo-VWNWi9irXb5KWmsPAQkzEW58DHYDUJ265aKKfNApJ88Y0eoms3j7F8PsSmfv-agQk4IPbkisBjNnO65jy1f_gV2KGJ2PrDst38y0zGOMHdXHdQeTEqSgWguT3bV96Gbh9BHPr4f5yOIvEMO_OqgkD7DIIUNKtus-0usMj98Un6nYbjFh_M6IVYaFgN2048BuUvR1wBJ59bxKh021KJ2OqAPdljXFght5yKvRKW8_ncE5dMgWRJEaprAMq_EcbVKz2KOOOpCuEVN6RF-FsVQfT-NxNcyYAVSi4JV6GvSLBpFouvs9YBuM_5NcfeTakwOnVKhvtCeMoLETBpePnyAaufbXxD2DI-kB0S6aFZwHJLoxCuTHzSgEktOHX_SckLjhDIWnIpbOksxdo99emmRpVx3iNQKy21jM3fcC3p_88UOWB6GZRCmO40L-F8nE6Y4ibe4wgyNdFkjePeDNYt1kMY0n8_DJ2EGJWzX2xKi8JcRigOTx8Ly66WY4Xp2XU6b55SVgGcncGdT7OvzwER2oMSqSXogdoLldAjl_xix0G01h8QL7O11vzyB9A-6Cx2UHNz0dxWwnYgAN5Jk4iARueEgDtBAnwktp_ytFkL-h7eOr8ZQWY817sLoUbttWNeXpkbw-mQ64wEYesefLjYwB327dT-Wlra55B4Do0VL5RNmqi9j1ek_KFVPH3Bjed5gyNK9t97mJaqMd46MP1n7YBXA69htiXMgrHqlP86TuuEVxu5Yie2CGxSQzS4ADWqtObCqOko_01lTOxLfopvB9xiT5xz5FI7SULbL2DlFZQ1KYBk1Stm6q8elM5YpD3_YKyyHBQuO2-1Ufr0zLWf7h8ci0NanQEyYPm1m1fzWqrJYFqPIE5ZHAYkbrAF74R_4SR3XCu_TC3ZGaDCyMD10ArAIv1A0Yj9YS2oFRQlkdjh_3P93pRoGNtRgErPEZR6TJ7BwNjlOi_KBO2zsRa-Wep1ygSm7UOMLb4UWKUdYmoyuINlR9uBAXGLDLRe90c7uVJpJTOqHHb5vEy_TRzIWq1rESQN8IgTqiCBi_IN-93Pl622A9gdxI9IcStj5Yc3gJeIAPGmYkbiVNjOGVdVOIiKlWu7Ufe_tY9UnsxU-bCdol8Fy9fMQiEp67HYE_wDdIuUms21AIV2rnAKuk9JHuhP7fNj33OGWw4MKbgsS-7dpVnSSYAvZQ1frmInglnrqyH1gzvXW42yKZCQhSg_BoZNRbcCmOe5GUb7e0Tzw3BFuHJGgTwWh-bAaB8YCCfHZvD4CXTeS7shAc0I74bAQVZ4gJqHgbkdqf7PP2v_JCJKBl_ieNB_Z5lekrmYfmBDhyYqWDPPtEsytDnXoNpoyKOZ85mOFmzDZJuSWlJQoDL_eII_vhCPPPeHDmWJJHYO_ZFBel7VvR2JE5CHlPvEDccb0KUJbqlPVe9bddQpGoNjFC2AvG32dbFN-jCdNBHFUsQ-HnyMMabiZetZwyiKsRWxKZoo8rhxnvrgmPr1pwT4-BmcQ7WkAJjAXhAMKu_odk5Ntq3dCWYccqmhwyMIWY6IGyrlOvjYRF7FMWo1xenKIj95d1wz7htR-1tOwhrs9dQQwg-yMz34dHQoP84xbQltpApGR3WA8fdDyLewnqg9z_7D3ydketyypiYSCQ5ENb0eIdtvwOYefsD1Jx4Y2h7ngtjuOkRe6hL5XqoXtDJPVhZF0_Ju70vFUXiCX9uqTytoJdDUuXohj66DdJmWaNZN0bp6I1U-sVyBZ5f_7txvoCllj1cS_D2lcMUs2Q7x6T6i1gpA_jLiNRH52svvCmDenD5vGq4ahIJXX-M3FukQkOdHp4-TIKyJ_eMeSUhk8VfwFFu-bkWBtLDA0jpQSPoO_Y8oNArQr076Wy7niw7PnKDqT2wCK1EEJ2PoKm6VBkFVfT2D2Aw1kqRgWrDOg_PHzPwWC-KCuCl3faRZqOtX4LWAWGFPuacIQ-coL0lHSkqzbTeydYPscm9gmmicRhYNdIz7jQNjYihbVr7hjAiAslanAJlVn4nWWIbb5mCrCTQ9C8XR6H_zX2pRcNu0r8rtdV5Mlvx39vlz7yWfqy96bcJAZvAPaj7V_6mvP9ofDeMZvCtyj4Uf9QxZCiVtlEsM4mjpl3lhPmpFIS-E-tzHE1Flyfb_qTIpD5qrMhua6hYw0V6eHk0q2L4P2X8wU6urOAzNU0gIN6HgpYoKaQdPex6EB4sHKB_5VwOVGIYdRSYkGMaYtM1Z41Bsvxamz_o8Q4b1SO7tV3_Kuo1jOmYeqMymLlIZgEiOlmeLCO-cAUOG-68vZtTJDx0zhqzjMb_HbFQSffZKKxzAJVmxFOzDhdkpuwKXwKN8J5B7m9VpdnlD0pR3PDCjMrA88JSXHYrXZo5J93_18XqOB8Sdc7lIeCkC9dhJrLPdexPIT-ELDqqaVUe0jjcA07bNlxP3r4kqkXkwv6NylWRfKFgUt4059j5XnVb0DM1p55tBumdI-3EjXnf9aaiKVdrk7U80kn_cQ0b4r_qfFVDpZEbggMPmIx0MvfN3RaAgY8Dp-gNERhvze3IZEI1j2JAhTKeXWMPnDQx0aJkibLVMlE29gT7qpyNEo0o8-QUVcj5MuHZDYvTIsR7KxYdAdsbF8KROEQBE6W3C5IqvP6BVdWs9t_guphs5giKFBgSLPw9OE2xxWgn9Xnn2Ec86y8xSrxl1EapMqmrHfT6KqXuwZKrR3rPrft_OqAuZ5aahEGgvzArF90W9scl3EcCUiI5iXm40XKfDyYTrIRIoOiIp8S4_TPvJvb5bRPZDG8K_F10awGJ4JRYtWmUJXvrN55MIQdxI7nIg6qT9oFjVNITUKznXwQTahgKqahaCwK8hwcE6w1gswCWcoKIzICOyUHEVnFy6tf6-vrsmXl0ES4_wRNBmm4toKfuKbWO1TsUmtxuOQq2bIh4t8qQvypmz08PQ7U8UfCOzRqiu0iTNJg07o1Vz9xYGICJkRBLj3maYyWNf1mMrL61DNgnboxPMbYheDgrKOHfaZjaYFpf64Qyq3X42N_ujEzB7QRm5bZX0C1EV5RtEA7LwXSdSxddqEFagESNDjO7v1Drfi0S53w-CIuXV62yB9VMkbzEgAlJA8ClqeXVM1gSJPVO7k14SYXUJh-xml7Op2-Xg3eV_rG_s5_RrTDiRlHdzPOJZadp-GuY0hO9jN9B0BZrNFh7c4Rw7D3mpAU35PX4DH0Asa94fko1gbG1rd5nnZDIR_wDpA2iZRwD-XeMu3E-WJKejjgTtx3XUnWOtUljV7aPgVBwuAhYUR-iDLP9MAJnvCizXY-nh0N9RCCiaHOZTDWP23JrNk3hYTdvWUUIoABer2V6As&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=4109526509300251000&adk=3944675600&idt=156&cac=0&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c410de06ebf826b9167f8bd247f8867a253b46f141e0735a4dd29dcd7d8e2e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F737 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2427710899395&version=m202311060101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F737 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2427710899395&version=m202311060101&ct=76&x=1&cor=1210583404178589200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F737 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsJdQNKQDFTwUfa_B4_UnnVtsPkTEtrTAGvIY3vctYPzIp8-PtzlWcE87Q6WgAYooNS2_tSF74tql1_B5bjNUQ0Sb1vw&cry=1&dbm_d=AKAmf-A-NKj2vVKjepqRYE1dL2nTG3D9M1X3jVgG8vk46uNXcdw2wWZvY8hKmwy2eUnmHMnj7kx7pO7flID4g2wRlc8jaQSIRaSp_My0LK_vu9eTg6-QOvqucPe3C3a6u2XEx7uXfQ1_wGSrindA2mrCuGU9RFJrMDT6CRiGru6K5Q-pnXPXJK0-9dFErONO3LbDqsw9NbmE7vdeqpxUTdrOj83HLBE9NWBYHJodiZWwAnerPSdnP-vtYzBvVhtlk490UrvR-ppJuzIx1FxHOJc_L0iMxQ2f-pIxbq2R9OuDI4DI0acBHidiJyx_Juihk4ttV9bN0PWMIpUQp0UTuyeyC2-WP7b9z23lJrsueTNSQkM_k02MHz7PWOS7-VL1AdgIOG1uP70CwgZPwDBV2B9dztdOqpugOxW55ZqlNlkJx8Znc1WoqKwfcDBlh9DF938RegVDIqhRcNKE9RpEwtpmpTfyc1CVHICIzFvv_p3bLB7IL-ovdEosY7m21CXzDws1yMR3pP4rABOhq9nFik0oa-KHRGV5NxSZnaFZM18KDxLg0erJuF7Oywv_3UtQrLsymsKUSIf-5vm3w6Aaua31DqJmyuYgzG5uGdzQXH-HgHovx1l5N1c63Zz3DqXp1KuZ6fiLrZQq8-2hZpdS_E5kok07H7_CXUFrR2OqG_cIvR3C3DhA_tRZVtkPxiX_YYbnuL7KizlCUIPyZOcOhUEcFjZey7RWO07OPs1nD385lMdsbZF4Frdvck7kG1pXd85HzAsdMyyiycziVQqD9QVJOfsBgQ9Zo91rNLRmtOIsRipVATsvJ8pE7imR7VCkag4hJlS989fNFt9w4xM3k_otGqkhQRPh5BV1JW-L2Jr5dnCYchj5n0chISJBKRvY-CEdftiZ-HSQNSl5QfANSCYOrnkx6pCGPJRza6JBlv1Re2uSXB0ayr3lCYpgC5CyzJu5TSNcHO_ARozkI4YrrZM9JalSrk4XzHIvnPd2IQW0bYAPTQL7wa74pKTk9QVyqPpamgMQ7xhkfLtJ0LE-qW7tmQ9cS3RGNGNi_5sli1YYynK-_sR89DM3ty6hGy0tEyYHKK5CudXADr9KBlyGPpwHlb1yVy_wNYRwvqvyXtGC9yB5MOCi_3JiDfW2ekaPQA58dvtKDuexKVqAyi55dcyQf274PFrZDjeXttl-BED_crEmcz4dsXz3u6eMIp2xLNAEQEa88_vIzObQZRVU41zCDsHGvoioIZ0jSTnD8kw7eFQ4oPGAr9vePYZaPYTByW2BQSbciuqGc1GmvnWer_prPm213rXSnFpaGTWg9r7VpRS_earwKLreO0-cNrl86_lsBXitOCTy8BnYhWJ6rIAsOwVDQI7ICPlmhUeJlHnBLHg3nZhQY5FMIHEcdQnUI2CPibouXbkDKJs7-wTPLSX0u0hmdUV0bUNo3iVxk-LNeBqeM-_Wg9U-vupGPODyfoyJxw3TrkYxQaOPT8jg32NwloOltSImLZzM5xnBq7v5VcW6i7inpKG_km8wo4VNxAVd1CcO__NmnXgQnTbDDUYe0ssnR3QMbfYGWhUyRt9nOSkncLwFBsLTkkiYPPSAN94FG6m_2sy9hbNQUYsnXT4cGSl4RTV04DTC03I7bR_d-TPUkfWY0w2lFVsLdrEGT6pQlBIJIK7hTbKwTaMfg4lf_tRBE7Mhx0BE41qdMhNuzRjGTuv-A7UiL_6ooVC1Sz8e6QGtPexn7Gr109cUeOvqPQptsfmPJDu7FjWpUHD-1o7enCuSqTSm15yTl4oS3ZkuTUtT3LEtQwKkXlfBs-ntasUfcUJPotyJCLZACx_uIZO-1A03ooQAaRczceuCMNgqUaJpvTtviI2p0PHkMurrfetJ85ptd4iN70RRQSoYwCjSpQwTJdf3iSi-WqqtFfLzGVgfoiZAShOaZpRoq7E5lLcI-f8XtQhHaJcAjZh-8pKgPfSRQ9WzEGJyDOn6ENpdKmhbJiHLEbNOc4Em6ykMiiYwJaHKvV_W2_JfWJyICDNMDSdrJHuZheoZQRoycYRrMB-zjy5QmoPHIERYBC7xlc5pelQAMo2jkXZgwAv7VmmlBq2RDw5sEKCH-MhYGg7YrYTdHLaxR97YkibyfPBq2z71uvCbLAnF2OmNjLtUMVBuWNN45cR5DD8Xr_zqcjQM6KR4UWkhWpf-O3L6euO-Eqb0XSFZtZXQAwvytLVQJtMtSpGZPyN2K5mD4K6yR58XvhV4AZVK_b-jZY_aUlwDzmSaLfooGXs324gQLfAxI4nyHFl9drZZRuZq4FYIlIskPmEsYMPF-qwFUgO2wZBs-ksO23W9plFN7CmXFQSF0SRpI_4GKYSecc_cWKzNz8X3ovw_M-WX99v3PBaMeKoJmdCcR0qKB6_ik_RJ7zEE6spkNY4qVBezBy3GALF9-2g4pOHj0_cTQSAkuK7xrzFvxjBSS0OLpSNH4-6VWMg8UjgnZVgSwKTlvCic7zjYUUjb88ix1a8kbIFbLkmuZhLeBbItBWkRzw54Tg8BmD9Jth0rVxowSHcKwW3k12OH9qm_7M9xx362GFaFPVMbvR036sY1UBVJK4A9OfWhn9ql5pvXZI2Jr3YtgpcXMTTXzrk3EOWb7VWjFQClMocg1j7jA0yJvGbMTatwcvdg4laor0KDMJLfP96rvKroddDVeKVAsdkbYG837Yf_GQ_5UBtGGxguQAvlieYso2_mXiw95d_1C8-MuzAjWXcBieQuQWelt84z5k6JLjlnNlGR5XardAtfbxlENOWZXKVdIogmRQad_F55V8p6zr-utf5hqfwP8PGv8uS8-4NtuISyNBHxXlD4HmHJ-UUREDQ9bVE6Kipsql6vIQttkmfFAXCrx_GOPUalRcOt6oehO21N8-ro8nZKnEUcBHuQ-T-rjvLlCebWaBwtDdhCQ0bUcUwp-ochCCrEAHs3kztKv3IlDRh5F_wlUujP-8t9t3F5ywLNB-0X3MJ3PJuJVNY6sOCaMjYfi0sTDMDjFhjcaBDT8OUpHBJuHWEHMDu1xW5lxEZZb5WYEAxr_WGCmXq3bWTgTAshpTLimnxHF0yjhAZkFDvdxQm0K924eYpzNWyQVeFpYA9SjxRHWDUhM9fR00qxrAH1lOX3AEWIe88g4OBL48or0qdIb6AqgxYGu2__z2BApZbAkn5d-oBdeXrmPNbr8WdW0993fcEQiahHHI0VGx8Hd2EyWVZmvE7-3yp2YAKu7iR5vp3sThKuBqv0w5g-550cI8jhy8WtUIUhOypAdvOYqivAbA7uaishtggXh7_mrcCcZ-m6A6m7o0oMQ6B9GXWJ0tcro_cWpPaZk2XVnCJWJKDVIObPvYdk_Er74t7538Cl6ssPQoCa9QBGLzzw6bSfAYfwwdW5_JJ--V1i3LVmLScye1KAJRKg_JsDEF6JcSk9Mym8UDzQCETpr6J8-dEj3dP71SnvFLlNNipv5WVrPXIQJC1kryPiKWnnZsGy4KglGXlUOuDMiDjxG34oQiHVKT8OgHzlu_MDQ5pgxekv8T227QdRZhoUr_LQWrP-iC--_RKRaeSagJq0FqgguaBurqL0D7WD9GRYkVpTd8f64hkihVIrKABJVCt1KtUY3w-B7PyG7S7pOUS1vP2J-rz-RVafvwQJqv_f4W4iXE95cyF3jZTBcYXwjrR8N9rWHomjiRAQ1ro1vDWz3h5l7rdT4E5gNq2PBELBSnf4ho_aXhW2QfKFNJoYHawUZsH2ClMo4E0xExmR4H8_iwSCeJr1HenOSpGyf6fsq360Rvg5NlVe30LfnUjd9GehWS9pwV0uZfR2tJqI9XMMLBrwd3CUyBdINfSG2OrS6rcJcQq47CwTHIZtXkK9L5E0QudtYiZOSohHlFZq0JVODcklmkcmPylK-To-qForPpqmVpso3xKftJMpwdK2oeeYvGkxXKCizV4DGSkNGHk9l_ilf5E3S_f9LzpAcg2xeI86AN54htGGTVHpyddz_ipQFuz073XP9PK8U_w&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=1210583404178589200&adk=1033480531&idt=144&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
599594aa8e813d120c043b6fe02f5bf18b6efa8c6aa762d2a063d7452acff4f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39250
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2414 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:17:15 GMT
x-content-type-options
nosniff
server
cafe
age
64464
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:17:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2414 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
61998
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:58:21 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 51E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:17:15 GMT
x-content-type-options
nosniff
server
cafe
age
64464
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:17:15 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 51E3 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
61998
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 08 Nov 2023 06:58:21 GMT
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 17BE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
5620f97c518ebd7a5dcb2f5d1142a1c6486646636dd0c0a0b66c779493dcc05b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
access-control-request-method
POST,GET,OPTIONS
content-encoding
br
strict-transport-security
max-age=31536000;includeSubDomains
upstream-caught
1699402299743892
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
server-timing
cdn-cache;desc=MISS, inner; dur=1, origin;dur=107, edge;dur=0
server
Tengine
x-tt-logid
2023110800113840BE1EEA9ACA315547D7
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tiktok.com
cache-control
public, max-age=600
access-control-allow-credentials
true
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193485d6876e409bbde67da7604f4631557dce98b273b7dcc79a73e0a232ffef7e49a4695f8e5fde9cf44d7acd0f27e947b28298b977b02bffff0634d21bf3e7248a2163a1d4e220175b47bd5aec976c318
access-control-allow-headers
Content-Type
bd-request-id
bdd17f1f6e3afa51e594046ba16ec62c
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=2414&acid=330&s=2830&sid=0DFB0B19CD42A0AB&auid=910278&mawId=0&ts=1699402299138&iid=p1c713d900ef5200074195485374e540e5c3b600523&is=0&m=0
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.tiktok.com
access-control-max-age
600
access-control-request-method
POST,GET,OPTIONS
bd-request-id
ef6c635386e7539709cf2eba148507d2
cache-control
public, max-age=600
content-encoding
br
content-type
application/json; charset=utf-8
date
Wed, 08 Nov 2023 00:11:39 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=5, origin;dur=126, edge;dur=0
strict-transport-security
max-age=31536000;includeSubDomains
upstream-caught
1699402299490622
vary
Origin, Accept-Encoding
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
2023110800113861605F6C764A575F5E5F
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aedbb19af8d06516616fd1732209f5627eaffe771d20bf4a72f81d4e60186184f69356af54d79d86f7d1bab9705249044f98ddbe251174a9eaabb9cf1fc39786c8
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
view
securepubads.g.doubleclick.net/pcs/ Frame FDD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUbD8k43lVDABLt8KozqJRocjGzS4iSogQruheBH_9HFdHFywais5KsYwVGaYqjSMVrAMIoZnxafDnyU13eO6q-HTRaJfNtofXPWEyGg4mRmAhqaHLHaEUZ6bjw1tdcPPtUERcTX20CmvqCkH3anCEb61CK6ZUcVAOBgY2F7oeLjfcmMGEdCjXJ1s4llJafRHNkX3n-IUaP3GO81H4tgnz2GDVtnNXCzHW22CPDWI8FM1I_D_kE-5BnjcBSSxsGO479KGtv8__L-w6TPtJgtAnr2qYHt8Pa_SPOCjh5y7UGuECXePUiGfez-bMcbRTi05cP16m1VkX3sfJavDe3lzfwjGEbg&sai=AMfl-YRtghHltUD8yxPxqPX5prfjFaL3i1MV6yXb4y6Dvrge39s6TkpT8CgQgEK0bNRiO7ORMGSWcDXGPI5nN1lGezNjA7_tf_xQjcW8YwHWzNqCbHGZLAKe81jL8dDvWw&sig=Cg0ArKJSzIRVXIoruzTTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame FDD9 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 11:40:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FDD9 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:39 GMT
emojione.min.js
cdn.detik.net.id/libs/newcomment/emojione/1.5.2/lib/js/ Frame 10C6 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/emojione/1.5.2/lib/js/emojione.min.js?_=1699402299189
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.vendor.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
8339a47a5089b099276443f0f4ec4bc9c6025711e456ea6e798c60905e341ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Sat, 26 Sep 2020 08:20:28 GMT
server
st8
content-encoding
gzip
etag
W/"5f6ef9cc-16d45"
cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
asyncjs.php
newrevive.detik.com/delivery/ Frame 10C6 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncjs.php
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
expire
Wed, 08 Nov 2023 01:11:39 GMT
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
fonticon.css
newcomment.detik.com/frontend/static/src/assets/css/ Frame 10C6 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newcomment.detik.com/frontend/static/src/assets/css/fonticon.css?v=1.3
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
825d9735b1f46d77ddd08900fb38eedb3d9eddcda1b24899b28d5467cdc77725
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Nov 2021 06:19:55 GMT
server
comment1
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
W/"619f2b0b-52b4"
content-type
text/css
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
x-xss-protection
"1; mode=block"
slick.min.css
cdn.detik.net.id/libs/newcomment/css/ Frame 10C6 		1 KB
830 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/css/slick.min.css?v=1.0
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Fri, 16 Oct 2020 11:21:34 GMT
server
st8
content-encoding
gzip
etag
W/"5f89823e-50a"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick-theme.min.css
cdn.detik.net.id/libs/newcomment/css/ Frame 10C6 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/css/slick-theme.min.css?v=1.0
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Fri, 16 Oct 2020 11:21:34 GMT
server
st8
content-encoding
gzip
etag
W/"5f89823e-92d"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.detik.net.id/libs/newcomment/css/ Frame 10C6 		240 B
547 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/css/style.css?v=1.0
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
f54517768c11a8e0bfbc84bb7962ef16f8af25cd119a1aadd1748097eba8d3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Fri, 16 Oct 2020 11:21:34 GMT
server
st8
etag
"5f89823e-f0"
cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
240
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
graphql
apicomment.detik.com/ Frame 10C6 		39 B
893 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
69eb8794163c82e04d2e3d9f97dabff40bf59fc52644c42dbb323a82291be55c
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Accept
application/json
Referer
https://newcomment.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
"1; mode=block"
referrer-policy
strict-origin-when-cross-origin
server
comment1
vary
Cookie, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://newcomment.detik.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-max-age
1728000
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
graphql
apicomment.detik.com/ Frame 10C6 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
f81bc1e33c99136c6dc087afd52fe48f19ef2c4be171e4ad254df273502136f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Accept
application/json
Referer
https://newcomment.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
"1; mode=block"
referrer-policy
strict-origin-when-cross-origin
server
comment1
vary
Cookie, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://newcomment.detik.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-max-age
1728000
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 17BE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2baf
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
blePM8lPs3jjHrZ2xR1qwg==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
1134
last-modified
Thu, 12 Oct 2023 01:04:56 GMT
opc-request-id
iad-1:tgvmJzoTRDqo9CEpyuJpb-7L5me-8FBpJW0L__-RAB3kH39VIwLB0zipaD97e4jF
x-api-id
native
etag
2fe71e5a-a82c-4aa3-b8f1-c5d0d4fca0e0
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
image/svg+xml
version-id
4f75af0f-39ed-4b9b-ac2b-7b7cd5447b94
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:39 GMT
f43bcd305b0ab9e2f747edc309638353.jpeg
p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/ Frame 17BE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-sg.tiktokcdn.com/aweme/100x100/tos-alisg-avt-0068/f43bcd305b0ab9e2f747edc309638353.jpeg?x-expires=1699574400&x-signature=uzwdMzT79vJa4sj2M5I8SlEXDAs%3D
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-5.deploy.static.akamaitechnologies.com
Software
TLB / ImageX
Resource Hash
230043bdbf2bbed494610aea51695dea805462ef390722ff19e2e7ff44fc6c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
2e53be8.a442152
date
Wed, 08 Nov 2023 00:11:39 GMT
x-crop-loc
(0,0)-(200,200)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-check-cacheable
YES
nw-session-id
20231012044018B546CD4C821811E5AB63mw9q512tt
x-powered-by
ImageX
x-cache
TCP_MISS from a23-54-207-5.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
13,23.54.207.5
cross-origin-resource-policy
cross-origin
akamai-mon-iucid-del
1085629
server-timing
cdn-cache; desc=MISS, edge; dur=13, origin; dur=0, inner; dur=1
x-length
4711
content-length
4711
last-modified
Thu, 12 Oct 2023 04:40:20 GMT
server
TLB
x-tt-logid
20231012044018B546CD4C821811E5AB63
x-response-date
Thu, 12 Oct 2023 04:40:20 GMT
x-cache-remote
TCP_HIT from a23-54-207-166.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-imagex-extra
{"algo.succ":"crop","enc":{"h":100,"nq":95,"q":95,"w":100}}
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2023-10-12T04:40:20.170265169Z 166
x-request-ip
fdbd:dc51:ff:8:0:244:9:243
cache-control
max-age=31536000
x-response-cinfo
fdbd:dc51:ff:8:0:244:9:243
imagex-fmt
jpeg2jpeg
x-response-cache
edge_hit
timing-allow-origin
*
x-tt-trace-host
0170d71d52ae07907d2fba9dfb5d314b87ce1bff836617054d3f1d5b51385444f6fb13b9a9b0c8381a2a702f1b3d72a758ee4e8bc2bba50f3eed8a4e123effb261570190d9b8e2871adeb7c7a7639b1c5276704e2fb395bd8514aa889d8824eb278a1fc09fc0fe659ce10ef358620778d3369e05e33411168d55c50a80efda42bd
img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 17BE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2bb1
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
0TNfsTXegqCmuSPfLlFcBg==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
498
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:O7G5hHChrrvaDkh8OEBzZCwIFkFUQcLi3iohdcnZ-EWW4PDEPHJWJQS_Eb4wlf9Q
x-api-id
native
etag
29e5fdb8-faba-4ee1-83a7-f910b0b62c32
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
image/svg+xml
version-id
f3a01793-76d3-4596-acc7-d07c02110ec6
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:39 GMT
img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 17BE 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2bb0
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
JoR/w/DG+LZnwmiwwKK9Dw==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
368
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:LTWJxxDuGFTEnyDcZAWj2ka4qOErlx2QnCYtY3CSlWHBIu7vEHxBfEHViyjQooUO
x-api-id
native
etag
9590c8ec-0616-4e1c-92a8-735e22997c8c
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
image/svg+xml
version-id
5658807c-1921-4d27-bf31-a1b02dc0bed2
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:39 GMT
TikTokFont-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 17BE 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1&v=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
23f5ecb1
date
Wed, 08 Nov 2023 00:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
/fJgDZBaD6oGDWkeAhLhpw==
x-tt-trace-id
00-efba2c30105c8f66657e4d060282049c-efba2c30105c8f66-01
x-cache
TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length
56492
x-tos-request-id
53b6d455f238e56b6455f238-af54d2d
x-tos-response-time
Sat, 06 May 2023 06:22:48 GMT
last-modified
Fri, 05 May 2023 11:48:04 GMT
server
nginx
x-tt-logid
2023050606224784E5D1FB585CF87BF7AF
etag
CNHJjeWN3v4CEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=991719
access-control-allow-credentials
false
x-tt-trace-host
01c552f39abfd8b5dc951657f40ed0317f64d42228e4b044d40772ddde881da0ec648510a07c12ab1f93d2587c09c486772ab2cffe77c6ef681d30a40f4060e38b18b5b5573d564a9ef4534e5f5a264d6f3caa7c40682ebfa05b0f6898354428e24ef105190a5a7b38b67884e7748186fbe293b618d11ad621fbd802c5799e0bce
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
TikTokFont-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 17BE 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1&v=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
23f5ecb4
date
Wed, 08 Nov 2023 00:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
z9iG4cqEmn+OJgB2PyNteA==
x-tt-trace-id
00-efba2a8d1060eab31e6c95c602d6049c-efba2a8d1060eab3-01
x-cache
TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length
56968
x-tos-request-id
1dc7db55f2377ad26455f237-af54405
x-tos-response-time
Sat, 06 May 2023 06:22:48 GMT
last-modified
Fri, 05 May 2023 11:48:04 GMT
server
nginx
x-tt-logid
2023050606224795819C54D0949B685230
etag
CJzWjeWN3v4CEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=779645
access-control-allow-credentials
false
x-tt-trace-host
013ab5c6e35edce4c8480d5404b045d49f2c5e087b395f46baaf2f7bb2d1d7d1b4ec59d6f105336bf47482acc401687df0657224363ceda31fb1b0e7367fc72feb699f38c0cacaa3984fbace91fc7ef4f0ca399a6d945d9ef6efd11bf8c33653fd1e3ca18d4999a6fb3660f04fd6bdd2709834a63ea333f017f5f9cad87236ca7c
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
adview
securepubads.g.doubleclick.net/pagead/ Frame 2414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAc_fOdJKZejWFpCdjuwPyt6M6AaY59uGdLLAzeemEr-Hgc3YPxABIOD_5hxglYKAgKAHoAHV3dy1AcgBCakCnD-RfzaitD7gAgCoAwHIAwiqBLADT9ARQmXHn_vc0_M-44hz44TbfzWLUOQ_GFIt9X7NjY0pAc9SxAOg_kS-DkeEdSFuWV1gnJp3jmRyOBT0ioKi_9OTFoCY6F40eB3-O5cB4ZIydmC7pfFeEQ2aMNj2RXNYxYc8o6gql66HeRp5zM5u9w9Ws0-ko8NPNLQ2PP__xdw6YfvgThJlxqMEK9hzuCiZf1m3zdUoPmP3iullgKre13BF1W1yMhy9M3eSby64XMOEx5ewyrxLSiTU4aFk6lVzwdtGInXh6LzmCucejy7CJz3wmnUBt7CgORopYO6Oi9itzSkc0KX7LLSEZWXNIHuyfYC5w2N7UkGylSpWqjFVHZHj4RJoqpRw6EynsXSxvjta7jIx8xwH9tiUJdnKlrPw-Xlux_-JqAIApClxN7dmTEoG9iKpRR8H9lFf3sXyuDwcC2bvcxouhoWGJDpoiUgCpSoUjwvopD_f_ElQmkRz2wlBe6tCFHiZ-e5pldDg44uVcG-SvR6aD7U5r_eC_HkGvMZWagblS-7FYqXN-2V-rrxn0E6Ji93UhXOZe-bPMSZLi3tEaXN11VY81mgiuZmvwATGuvvQvQTgBAGIBYqmoqBNkgUECAQYAZIFBAgFGASgBi6AB5Oio8oCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ754N0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJJmh0dHBzOi8vYXV0b21vdGl2ZS5pbnRlcnBvbi5jb20vZGUvZXYvgAoDyAsB4g0TCPGHjfKOs4IDFZCOgwcdSi8DbdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi02ODgwNTMzMjYzNTM1MjM0GODPEQ&sigh=ndfs9K1FBSc&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&template_id=419&cbvp=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
/
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 17BE 		553 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-131.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID
d9fc5849.3e2cbfd5
Date
Wed, 08 Nov 2023 00:11:39 GMT
Content-Encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a2-16-1-127.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
X-Parent-Response-Time
268,2.16.1.127
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS, edge; dur=257, origin; dur=11, inner; dur=8
Content-Length
316
Pragma
no-cache
Server
TLB
X-Tt-Logid
202311080011380167EF45F166144E2BA6
X-Cache-Remote
TCP_MISS from a23-220-105-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
PUT,POST,GET,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
X-Origin-Response-Time
11,23.220.105.152
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631938e958d49824d7f19f39ac50d3f1a48551b6ea0b3c994ab7e27cb55ede675211cf0da6e08d5d7d92c24037db73c73f45b220adf7f67d1fc467164b75769ccd35bf0fdb43dfe42d6cdc49178a2deaf611b3b242f17c9bd1855a64c529e3ff1ceab
Vary
Accept-Encoding
Access-Control-Allow-Headers
Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires
Wed, 08 Nov 2023 00:11:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 51E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCUsFOdJKZe3WFpCdjuwPyt6M6AaY59uGdOq-zeemEr-Hgc3YPxABIOD_5hxglYKAgKAHoAHV3dy1AcgBCakCnD-RfzaitD7gAgCoAwHIAwiqBKoDT9BfWmM1YMRdBEmERBfN_bBOegNZy0aM3a-05sHyn9oKWcF8mifZ8T-vtL0RpAnHIRtLTuvN9G_TtENBInLH3uz106DOjeSLHt5A6e_ciV4vPWNaK08Ame8RGMrdvouxeHkv3TP4hxF0oysasotzdwSVbP586jScgX56aHKFHysUc3zJGnLHA_Fj2wwJjOMZhjJZzEBcclbO2j60dFqj1MKiSXPKDmgC5m3nc82zzO2Y97JTdzE3dEaLAvdTFeJ07B-v7rBAL7VNvhovqm7tF3Z-QeRapPaW_N4bgvc9hmcmUP2BNdD1EcmMscVIhzVY17YZND6vRBfHRjtDPrvQw184wco-bj423MyTX26rDmHLqTL1adi5Se8bv0JrMknzvjAV_-q0bFUi5_ohJvaMMTlhFVa7R-6AQxDeziHrM2pSkDMKODOv_67QcF3nYgC8F00IptIi8LGr9PmbjdmIwlkJrCnDVNNyyZSfhqczD0LESWWBRqH-04W3MMFPSN0lzGF9vEu6baetpKsCPVihNNshXW2b7pewuF5hL34EFJZtKXMXYJ1DYwXbwATGuvvQvQTgBAGIBYqmoqBNkgUECAQYAZIFBAgFGASgBi6AB5Oio8oCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhKIN0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJJmh0dHBzOi8vYXV0b21vdGl2ZS5pbnRlcnBvbi5jb20vZGUvZXYvgAoDyAsB4g0TCPiHjfKOs4IDFZCOgwcdSi8DbdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi02ODgwNTMzMjYzNTM1MjM0GODPEQ&sigh=N65bwMZQLRo&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&template_id=419&cbvp=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D264 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Origin
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 02:22:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame D264 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW2aQam217L1wAMQclhjwSwwp740SYY2yrG4-n5SYHjjJoa0wL6Us2vV1FVSusDvcajYv5a2OmnY_bSVmNFLnCrKWr_Q&cry=1&dbm_d=AKAmf-BShFO0e9GFItRd_FcPc-BENjHxV9zQoUqJh8CUxSVAiXImcDf-bqTllbqvIilLjiegYeW6xWr7Af4TKaLWkc5uN7iT0RVPi5jbuRmBXQvEua8h1B-tHQ63jzF7HERseTsv7tbNrjGO0qmBC-cX0inJmKu4DAHMT84DqBVhHOWCa5fK-zurLBH0iWMYiw_GGAKkt8h0N9WFqBTrWL7V6SBbcsh2zMrshDs3TfXkPjf-aOBAfrP1CTdkmawSPbMNEpXUFs3I68s4wnjKTY9dM6-C3vzXo0dgJDHmVYaqOhEmGielFbx73YiKquICatZ91g5ls8OiAHKJTg4dBhMhdujMIGJURQFF_sEp8mPkN7oSJzhR5GD3_KCdhB1hHXm0XE-WBepK52HEanFhLOeLsPW6gcyUqueLEfcSDTZMWpcrMHB2ww2HKi0R1YuP3AlShb9oCCFjkdEoVExHiybkOGBWx-GZO-KrGwNPsi5joe-UEHm2vL6ZyF11XPOPE-Qytgb4_VrJqovpeHFB0qH6bbPa1U5qkMWXx_myDGbRSAIf_GUmkNgvMNe9m2lU-cVTxEhNYiKhYeF3NGo-VWNWi9irXb5KWmsPAQkzEW58DHYDUJ265aKKfNApJ88Y0eoms3j7F8PsSmfv-agQk4IPbkisBjNnO65jy1f_gV2KGJ2PrDst38y0zGOMHdXHdQeTEqSgWguT3bV96Gbh9BHPr4f5yOIvEMO_OqgkD7DIIUNKtus-0usMj98Un6nYbjFh_M6IVYaFgN2048BuUvR1wBJ59bxKh021KJ2OqAPdljXFght5yKvRKW8_ncE5dMgWRJEaprAMq_EcbVKz2KOOOpCuEVN6RF-FsVQfT-NxNcyYAVSi4JV6GvSLBpFouvs9YBuM_5NcfeTakwOnVKhvtCeMoLETBpePnyAaufbXxD2DI-kB0S6aFZwHJLoxCuTHzSgEktOHX_SckLjhDIWnIpbOksxdo99emmRpVx3iNQKy21jM3fcC3p_88UOWB6GZRCmO40L-F8nE6Y4ibe4wgyNdFkjePeDNYt1kMY0n8_DJ2EGJWzX2xKi8JcRigOTx8Ly66WY4Xp2XU6b55SVgGcncGdT7OvzwER2oMSqSXogdoLldAjl_xix0G01h8QL7O11vzyB9A-6Cx2UHNz0dxWwnYgAN5Jk4iARueEgDtBAnwktp_ytFkL-h7eOr8ZQWY817sLoUbttWNeXpkbw-mQ64wEYesefLjYwB327dT-Wlra55B4Do0VL5RNmqi9j1ek_KFVPH3Bjed5gyNK9t97mJaqMd46MP1n7YBXA69htiXMgrHqlP86TuuEVxu5Yie2CGxSQzS4ADWqtObCqOko_01lTOxLfopvB9xiT5xz5FI7SULbL2DlFZQ1KYBk1Stm6q8elM5YpD3_YKyyHBQuO2-1Ufr0zLWf7h8ci0NanQEyYPm1m1fzWqrJYFqPIE5ZHAYkbrAF74R_4SR3XCu_TC3ZGaDCyMD10ArAIv1A0Yj9YS2oFRQlkdjh_3P93pRoGNtRgErPEZR6TJ7BwNjlOi_KBO2zsRa-Wep1ygSm7UOMLb4UWKUdYmoyuINlR9uBAXGLDLRe90c7uVJpJTOqHHb5vEy_TRzIWq1rESQN8IgTqiCBi_IN-93Pl622A9gdxI9IcStj5Yc3gJeIAPGmYkbiVNjOGVdVOIiKlWu7Ufe_tY9UnsxU-bCdol8Fy9fMQiEp67HYE_wDdIuUms21AIV2rnAKuk9JHuhP7fNj33OGWw4MKbgsS-7dpVnSSYAvZQ1frmInglnrqyH1gzvXW42yKZCQhSg_BoZNRbcCmOe5GUb7e0Tzw3BFuHJGgTwWh-bAaB8YCCfHZvD4CXTeS7shAc0I74bAQVZ4gJqHgbkdqf7PP2v_JCJKBl_ieNB_Z5lekrmYfmBDhyYqWDPPtEsytDnXoNpoyKOZ85mOFmzDZJuSWlJQoDL_eII_vhCPPPeHDmWJJHYO_ZFBel7VvR2JE5CHlPvEDccb0KUJbqlPVe9bddQpGoNjFC2AvG32dbFN-jCdNBHFUsQ-HnyMMabiZetZwyiKsRWxKZoo8rhxnvrgmPr1pwT4-BmcQ7WkAJjAXhAMKu_odk5Ntq3dCWYccqmhwyMIWY6IGyrlOvjYRF7FMWo1xenKIj95d1wz7htR-1tOwhrs9dQQwg-yMz34dHQoP84xbQltpApGR3WA8fdDyLewnqg9z_7D3ydketyypiYSCQ5ENb0eIdtvwOYefsD1Jx4Y2h7ngtjuOkRe6hL5XqoXtDJPVhZF0_Ju70vFUXiCX9uqTytoJdDUuXohj66DdJmWaNZN0bp6I1U-sVyBZ5f_7txvoCllj1cS_D2lcMUs2Q7x6T6i1gpA_jLiNRH52svvCmDenD5vGq4ahIJXX-M3FukQkOdHp4-TIKyJ_eMeSUhk8VfwFFu-bkWBtLDA0jpQSPoO_Y8oNArQr076Wy7niw7PnKDqT2wCK1EEJ2PoKm6VBkFVfT2D2Aw1kqRgWrDOg_PHzPwWC-KCuCl3faRZqOtX4LWAWGFPuacIQ-coL0lHSkqzbTeydYPscm9gmmicRhYNdIz7jQNjYihbVr7hjAiAslanAJlVn4nWWIbb5mCrCTQ9C8XR6H_zX2pRcNu0r8rtdV5Mlvx39vlz7yWfqy96bcJAZvAPaj7V_6mvP9ofDeMZvCtyj4Uf9QxZCiVtlEsM4mjpl3lhPmpFIS-E-tzHE1Flyfb_qTIpD5qrMhua6hYw0V6eHk0q2L4P2X8wU6urOAzNU0gIN6HgpYoKaQdPex6EB4sHKB_5VwOVGIYdRSYkGMaYtM1Z41Bsvxamz_o8Q4b1SO7tV3_Kuo1jOmYeqMymLlIZgEiOlmeLCO-cAUOG-68vZtTJDx0zhqzjMb_HbFQSffZKKxzAJVmxFOzDhdkpuwKXwKN8J5B7m9VpdnlD0pR3PDCjMrA88JSXHYrXZo5J93_18XqOB8Sdc7lIeCkC9dhJrLPdexPIT-ELDqqaVUe0jjcA07bNlxP3r4kqkXkwv6NylWRfKFgUt4059j5XnVb0DM1p55tBumdI-3EjXnf9aaiKVdrk7U80kn_cQ0b4r_qfFVDpZEbggMPmIx0MvfN3RaAgY8Dp-gNERhvze3IZEI1j2JAhTKeXWMPnDQx0aJkibLVMlE29gT7qpyNEo0o8-QUVcj5MuHZDYvTIsR7KxYdAdsbF8KROEQBE6W3C5IqvP6BVdWs9t_guphs5giKFBgSLPw9OE2xxWgn9Xnn2Ec86y8xSrxl1EapMqmrHfT6KqXuwZKrR3rPrft_OqAuZ5aahEGgvzArF90W9scl3EcCUiI5iXm40XKfDyYTrIRIoOiIp8S4_TPvJvb5bRPZDG8K_F10awGJ4JRYtWmUJXvrN55MIQdxI7nIg6qT9oFjVNITUKznXwQTahgKqahaCwK8hwcE6w1gswCWcoKIzICOyUHEVnFy6tf6-vrsmXl0ES4_wRNBmm4toKfuKbWO1TsUmtxuOQq2bIh4t8qQvypmz08PQ7U8UfCOzRqiu0iTNJg07o1Vz9xYGICJkRBLj3maYyWNf1mMrL61DNgnboxPMbYheDgrKOHfaZjaYFpf64Qyq3X42N_ujEzB7QRm5bZX0C1EV5RtEA7LwXSdSxddqEFagESNDjO7v1Drfi0S53w-CIuXV62yB9VMkbzEgAlJA8ClqeXVM1gSJPVO7k14SYXUJh-xml7Op2-Xg3eV_rG_s5_RrTDiRlHdzPOJZadp-GuY0hO9jN9B0BZrNFh7c4Rw7D3mpAU35PX4DH0Asa94fko1gbG1rd5nnZDIR_wDpA2iZRwD-XeMu3E-WJKejjgTtx3XUnWOtUljV7aPgVBwuAhYUR-iDLP9MAJnvCizXY-nh0N9RCCiaHOZTDWP23JrNk3hYTdvWUUIoABer2V6As&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=4109526509300251000&adk=3944675600&idt=156&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
33768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 14:48:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame D264 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CW2aQam217L1wAMQclhjwSwwp740SYY2yrG4-n5SYHjjJoa0wL6Us2vV1FVSusDvcajYv5a2OmnY_bSVmNFLnCrKWr_Q&cry=1&dbm_d=AKAmf-BShFO0e9GFItRd_FcPc-BENjHxV9zQoUqJh8CUxSVAiXImcDf-bqTllbqvIilLjiegYeW6xWr7Af4TKaLWkc5uN7iT0RVPi5jbuRmBXQvEua8h1B-tHQ63jzF7HERseTsv7tbNrjGO0qmBC-cX0inJmKu4DAHMT84DqBVhHOWCa5fK-zurLBH0iWMYiw_GGAKkt8h0N9WFqBTrWL7V6SBbcsh2zMrshDs3TfXkPjf-aOBAfrP1CTdkmawSPbMNEpXUFs3I68s4wnjKTY9dM6-C3vzXo0dgJDHmVYaqOhEmGielFbx73YiKquICatZ91g5ls8OiAHKJTg4dBhMhdujMIGJURQFF_sEp8mPkN7oSJzhR5GD3_KCdhB1hHXm0XE-WBepK52HEanFhLOeLsPW6gcyUqueLEfcSDTZMWpcrMHB2ww2HKi0R1YuP3AlShb9oCCFjkdEoVExHiybkOGBWx-GZO-KrGwNPsi5joe-UEHm2vL6ZyF11XPOPE-Qytgb4_VrJqovpeHFB0qH6bbPa1U5qkMWXx_myDGbRSAIf_GUmkNgvMNe9m2lU-cVTxEhNYiKhYeF3NGo-VWNWi9irXb5KWmsPAQkzEW58DHYDUJ265aKKfNApJ88Y0eoms3j7F8PsSmfv-agQk4IPbkisBjNnO65jy1f_gV2KGJ2PrDst38y0zGOMHdXHdQeTEqSgWguT3bV96Gbh9BHPr4f5yOIvEMO_OqgkD7DIIUNKtus-0usMj98Un6nYbjFh_M6IVYaFgN2048BuUvR1wBJ59bxKh021KJ2OqAPdljXFght5yKvRKW8_ncE5dMgWRJEaprAMq_EcbVKz2KOOOpCuEVN6RF-FsVQfT-NxNcyYAVSi4JV6GvSLBpFouvs9YBuM_5NcfeTakwOnVKhvtCeMoLETBpePnyAaufbXxD2DI-kB0S6aFZwHJLoxCuTHzSgEktOHX_SckLjhDIWnIpbOksxdo99emmRpVx3iNQKy21jM3fcC3p_88UOWB6GZRCmO40L-F8nE6Y4ibe4wgyNdFkjePeDNYt1kMY0n8_DJ2EGJWzX2xKi8JcRigOTx8Ly66WY4Xp2XU6b55SVgGcncGdT7OvzwER2oMSqSXogdoLldAjl_xix0G01h8QL7O11vzyB9A-6Cx2UHNz0dxWwnYgAN5Jk4iARueEgDtBAnwktp_ytFkL-h7eOr8ZQWY817sLoUbttWNeXpkbw-mQ64wEYesefLjYwB327dT-Wlra55B4Do0VL5RNmqi9j1ek_KFVPH3Bjed5gyNK9t97mJaqMd46MP1n7YBXA69htiXMgrHqlP86TuuEVxu5Yie2CGxSQzS4ADWqtObCqOko_01lTOxLfopvB9xiT5xz5FI7SULbL2DlFZQ1KYBk1Stm6q8elM5YpD3_YKyyHBQuO2-1Ufr0zLWf7h8ci0NanQEyYPm1m1fzWqrJYFqPIE5ZHAYkbrAF74R_4SR3XCu_TC3ZGaDCyMD10ArAIv1A0Yj9YS2oFRQlkdjh_3P93pRoGNtRgErPEZR6TJ7BwNjlOi_KBO2zsRa-Wep1ygSm7UOMLb4UWKUdYmoyuINlR9uBAXGLDLRe90c7uVJpJTOqHHb5vEy_TRzIWq1rESQN8IgTqiCBi_IN-93Pl622A9gdxI9IcStj5Yc3gJeIAPGmYkbiVNjOGVdVOIiKlWu7Ufe_tY9UnsxU-bCdol8Fy9fMQiEp67HYE_wDdIuUms21AIV2rnAKuk9JHuhP7fNj33OGWw4MKbgsS-7dpVnSSYAvZQ1frmInglnrqyH1gzvXW42yKZCQhSg_BoZNRbcCmOe5GUb7e0Tzw3BFuHJGgTwWh-bAaB8YCCfHZvD4CXTeS7shAc0I74bAQVZ4gJqHgbkdqf7PP2v_JCJKBl_ieNB_Z5lekrmYfmBDhyYqWDPPtEsytDnXoNpoyKOZ85mOFmzDZJuSWlJQoDL_eII_vhCPPPeHDmWJJHYO_ZFBel7VvR2JE5CHlPvEDccb0KUJbqlPVe9bddQpGoNjFC2AvG32dbFN-jCdNBHFUsQ-HnyMMabiZetZwyiKsRWxKZoo8rhxnvrgmPr1pwT4-BmcQ7WkAJjAXhAMKu_odk5Ntq3dCWYccqmhwyMIWY6IGyrlOvjYRF7FMWo1xenKIj95d1wz7htR-1tOwhrs9dQQwg-yMz34dHQoP84xbQltpApGR3WA8fdDyLewnqg9z_7D3ydketyypiYSCQ5ENb0eIdtvwOYefsD1Jx4Y2h7ngtjuOkRe6hL5XqoXtDJPVhZF0_Ju70vFUXiCX9uqTytoJdDUuXohj66DdJmWaNZN0bp6I1U-sVyBZ5f_7txvoCllj1cS_D2lcMUs2Q7x6T6i1gpA_jLiNRH52svvCmDenD5vGq4ahIJXX-M3FukQkOdHp4-TIKyJ_eMeSUhk8VfwFFu-bkWBtLDA0jpQSPoO_Y8oNArQr076Wy7niw7PnKDqT2wCK1EEJ2PoKm6VBkFVfT2D2Aw1kqRgWrDOg_PHzPwWC-KCuCl3faRZqOtX4LWAWGFPuacIQ-coL0lHSkqzbTeydYPscm9gmmicRhYNdIz7jQNjYihbVr7hjAiAslanAJlVn4nWWIbb5mCrCTQ9C8XR6H_zX2pRcNu0r8rtdV5Mlvx39vlz7yWfqy96bcJAZvAPaj7V_6mvP9ofDeMZvCtyj4Uf9QxZCiVtlEsM4mjpl3lhPmpFIS-E-tzHE1Flyfb_qTIpD5qrMhua6hYw0V6eHk0q2L4P2X8wU6urOAzNU0gIN6HgpYoKaQdPex6EB4sHKB_5VwOVGIYdRSYkGMaYtM1Z41Bsvxamz_o8Q4b1SO7tV3_Kuo1jOmYeqMymLlIZgEiOlmeLCO-cAUOG-68vZtTJDx0zhqzjMb_HbFQSffZKKxzAJVmxFOzDhdkpuwKXwKN8J5B7m9VpdnlD0pR3PDCjMrA88JSXHYrXZo5J93_18XqOB8Sdc7lIeCkC9dhJrLPdexPIT-ELDqqaVUe0jjcA07bNlxP3r4kqkXkwv6NylWRfKFgUt4059j5XnVb0DM1p55tBumdI-3EjXnf9aaiKVdrk7U80kn_cQ0b4r_qfFVDpZEbggMPmIx0MvfN3RaAgY8Dp-gNERhvze3IZEI1j2JAhTKeXWMPnDQx0aJkibLVMlE29gT7qpyNEo0o8-QUVcj5MuHZDYvTIsR7KxYdAdsbF8KROEQBE6W3C5IqvP6BVdWs9t_guphs5giKFBgSLPw9OE2xxWgn9Xnn2Ec86y8xSrxl1EapMqmrHfT6KqXuwZKrR3rPrft_OqAuZ5aahEGgvzArF90W9scl3EcCUiI5iXm40XKfDyYTrIRIoOiIp8S4_TPvJvb5bRPZDG8K_F10awGJ4JRYtWmUJXvrN55MIQdxI7nIg6qT9oFjVNITUKznXwQTahgKqahaCwK8hwcE6w1gswCWcoKIzICOyUHEVnFy6tf6-vrsmXl0ES4_wRNBmm4toKfuKbWO1TsUmtxuOQq2bIh4t8qQvypmz08PQ7U8UfCOzRqiu0iTNJg07o1Vz9xYGICJkRBLj3maYyWNf1mMrL61DNgnboxPMbYheDgrKOHfaZjaYFpf64Qyq3X42N_ujEzB7QRm5bZX0C1EV5RtEA7LwXSdSxddqEFagESNDjO7v1Drfi0S53w-CIuXV62yB9VMkbzEgAlJA8ClqeXVM1gSJPVO7k14SYXUJh-xml7Op2-Xg3eV_rG_s5_RrTDiRlHdzPOJZadp-GuY0hO9jN9B0BZrNFh7c4Rw7D3mpAU35PX4DH0Asa94fko1gbG1rd5nnZDIR_wDpA2iZRwD-XeMu3E-WJKejjgTtx3XUnWOtUljV7aPgVBwuAhYUR-iDLP9MAJnvCizXY-nh0N9RCCiaHOZTDWP23JrNk3hYTdvWUUIoABer2V6As&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=4109526509300251000&adk=3944675600&idt=156&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
23605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 17:38:14 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D264 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
150317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 06:26:22 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F737 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Origin
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 02:22:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame F737 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsJdQNKQDFTwUfa_B4_UnnVtsPkTEtrTAGvIY3vctYPzIp8-PtzlWcE87Q6WgAYooNS2_tSF74tql1_B5bjNUQ0Sb1vw&cry=1&dbm_d=AKAmf-A-NKj2vVKjepqRYE1dL2nTG3D9M1X3jVgG8vk46uNXcdw2wWZvY8hKmwy2eUnmHMnj7kx7pO7flID4g2wRlc8jaQSIRaSp_My0LK_vu9eTg6-QOvqucPe3C3a6u2XEx7uXfQ1_wGSrindA2mrCuGU9RFJrMDT6CRiGru6K5Q-pnXPXJK0-9dFErONO3LbDqsw9NbmE7vdeqpxUTdrOj83HLBE9NWBYHJodiZWwAnerPSdnP-vtYzBvVhtlk490UrvR-ppJuzIx1FxHOJc_L0iMxQ2f-pIxbq2R9OuDI4DI0acBHidiJyx_Juihk4ttV9bN0PWMIpUQp0UTuyeyC2-WP7b9z23lJrsueTNSQkM_k02MHz7PWOS7-VL1AdgIOG1uP70CwgZPwDBV2B9dztdOqpugOxW55ZqlNlkJx8Znc1WoqKwfcDBlh9DF938RegVDIqhRcNKE9RpEwtpmpTfyc1CVHICIzFvv_p3bLB7IL-ovdEosY7m21CXzDws1yMR3pP4rABOhq9nFik0oa-KHRGV5NxSZnaFZM18KDxLg0erJuF7Oywv_3UtQrLsymsKUSIf-5vm3w6Aaua31DqJmyuYgzG5uGdzQXH-HgHovx1l5N1c63Zz3DqXp1KuZ6fiLrZQq8-2hZpdS_E5kok07H7_CXUFrR2OqG_cIvR3C3DhA_tRZVtkPxiX_YYbnuL7KizlCUIPyZOcOhUEcFjZey7RWO07OPs1nD385lMdsbZF4Frdvck7kG1pXd85HzAsdMyyiycziVQqD9QVJOfsBgQ9Zo91rNLRmtOIsRipVATsvJ8pE7imR7VCkag4hJlS989fNFt9w4xM3k_otGqkhQRPh5BV1JW-L2Jr5dnCYchj5n0chISJBKRvY-CEdftiZ-HSQNSl5QfANSCYOrnkx6pCGPJRza6JBlv1Re2uSXB0ayr3lCYpgC5CyzJu5TSNcHO_ARozkI4YrrZM9JalSrk4XzHIvnPd2IQW0bYAPTQL7wa74pKTk9QVyqPpamgMQ7xhkfLtJ0LE-qW7tmQ9cS3RGNGNi_5sli1YYynK-_sR89DM3ty6hGy0tEyYHKK5CudXADr9KBlyGPpwHlb1yVy_wNYRwvqvyXtGC9yB5MOCi_3JiDfW2ekaPQA58dvtKDuexKVqAyi55dcyQf274PFrZDjeXttl-BED_crEmcz4dsXz3u6eMIp2xLNAEQEa88_vIzObQZRVU41zCDsHGvoioIZ0jSTnD8kw7eFQ4oPGAr9vePYZaPYTByW2BQSbciuqGc1GmvnWer_prPm213rXSnFpaGTWg9r7VpRS_earwKLreO0-cNrl86_lsBXitOCTy8BnYhWJ6rIAsOwVDQI7ICPlmhUeJlHnBLHg3nZhQY5FMIHEcdQnUI2CPibouXbkDKJs7-wTPLSX0u0hmdUV0bUNo3iVxk-LNeBqeM-_Wg9U-vupGPODyfoyJxw3TrkYxQaOPT8jg32NwloOltSImLZzM5xnBq7v5VcW6i7inpKG_km8wo4VNxAVd1CcO__NmnXgQnTbDDUYe0ssnR3QMbfYGWhUyRt9nOSkncLwFBsLTkkiYPPSAN94FG6m_2sy9hbNQUYsnXT4cGSl4RTV04DTC03I7bR_d-TPUkfWY0w2lFVsLdrEGT6pQlBIJIK7hTbKwTaMfg4lf_tRBE7Mhx0BE41qdMhNuzRjGTuv-A7UiL_6ooVC1Sz8e6QGtPexn7Gr109cUeOvqPQptsfmPJDu7FjWpUHD-1o7enCuSqTSm15yTl4oS3ZkuTUtT3LEtQwKkXlfBs-ntasUfcUJPotyJCLZACx_uIZO-1A03ooQAaRczceuCMNgqUaJpvTtviI2p0PHkMurrfetJ85ptd4iN70RRQSoYwCjSpQwTJdf3iSi-WqqtFfLzGVgfoiZAShOaZpRoq7E5lLcI-f8XtQhHaJcAjZh-8pKgPfSRQ9WzEGJyDOn6ENpdKmhbJiHLEbNOc4Em6ykMiiYwJaHKvV_W2_JfWJyICDNMDSdrJHuZheoZQRoycYRrMB-zjy5QmoPHIERYBC7xlc5pelQAMo2jkXZgwAv7VmmlBq2RDw5sEKCH-MhYGg7YrYTdHLaxR97YkibyfPBq2z71uvCbLAnF2OmNjLtUMVBuWNN45cR5DD8Xr_zqcjQM6KR4UWkhWpf-O3L6euO-Eqb0XSFZtZXQAwvytLVQJtMtSpGZPyN2K5mD4K6yR58XvhV4AZVK_b-jZY_aUlwDzmSaLfooGXs324gQLfAxI4nyHFl9drZZRuZq4FYIlIskPmEsYMPF-qwFUgO2wZBs-ksO23W9plFN7CmXFQSF0SRpI_4GKYSecc_cWKzNz8X3ovw_M-WX99v3PBaMeKoJmdCcR0qKB6_ik_RJ7zEE6spkNY4qVBezBy3GALF9-2g4pOHj0_cTQSAkuK7xrzFvxjBSS0OLpSNH4-6VWMg8UjgnZVgSwKTlvCic7zjYUUjb88ix1a8kbIFbLkmuZhLeBbItBWkRzw54Tg8BmD9Jth0rVxowSHcKwW3k12OH9qm_7M9xx362GFaFPVMbvR036sY1UBVJK4A9OfWhn9ql5pvXZI2Jr3YtgpcXMTTXzrk3EOWb7VWjFQClMocg1j7jA0yJvGbMTatwcvdg4laor0KDMJLfP96rvKroddDVeKVAsdkbYG837Yf_GQ_5UBtGGxguQAvlieYso2_mXiw95d_1C8-MuzAjWXcBieQuQWelt84z5k6JLjlnNlGR5XardAtfbxlENOWZXKVdIogmRQad_F55V8p6zr-utf5hqfwP8PGv8uS8-4NtuISyNBHxXlD4HmHJ-UUREDQ9bVE6Kipsql6vIQttkmfFAXCrx_GOPUalRcOt6oehO21N8-ro8nZKnEUcBHuQ-T-rjvLlCebWaBwtDdhCQ0bUcUwp-ochCCrEAHs3kztKv3IlDRh5F_wlUujP-8t9t3F5ywLNB-0X3MJ3PJuJVNY6sOCaMjYfi0sTDMDjFhjcaBDT8OUpHBJuHWEHMDu1xW5lxEZZb5WYEAxr_WGCmXq3bWTgTAshpTLimnxHF0yjhAZkFDvdxQm0K924eYpzNWyQVeFpYA9SjxRHWDUhM9fR00qxrAH1lOX3AEWIe88g4OBL48or0qdIb6AqgxYGu2__z2BApZbAkn5d-oBdeXrmPNbr8WdW0993fcEQiahHHI0VGx8Hd2EyWVZmvE7-3yp2YAKu7iR5vp3sThKuBqv0w5g-550cI8jhy8WtUIUhOypAdvOYqivAbA7uaishtggXh7_mrcCcZ-m6A6m7o0oMQ6B9GXWJ0tcro_cWpPaZk2XVnCJWJKDVIObPvYdk_Er74t7538Cl6ssPQoCa9QBGLzzw6bSfAYfwwdW5_JJ--V1i3LVmLScye1KAJRKg_JsDEF6JcSk9Mym8UDzQCETpr6J8-dEj3dP71SnvFLlNNipv5WVrPXIQJC1kryPiKWnnZsGy4KglGXlUOuDMiDjxG34oQiHVKT8OgHzlu_MDQ5pgxekv8T227QdRZhoUr_LQWrP-iC--_RKRaeSagJq0FqgguaBurqL0D7WD9GRYkVpTd8f64hkihVIrKABJVCt1KtUY3w-B7PyG7S7pOUS1vP2J-rz-RVafvwQJqv_f4W4iXE95cyF3jZTBcYXwjrR8N9rWHomjiRAQ1ro1vDWz3h5l7rdT4E5gNq2PBELBSnf4ho_aXhW2QfKFNJoYHawUZsH2ClMo4E0xExmR4H8_iwSCeJr1HenOSpGyf6fsq360Rvg5NlVe30LfnUjd9GehWS9pwV0uZfR2tJqI9XMMLBrwd3CUyBdINfSG2OrS6rcJcQq47CwTHIZtXkK9L5E0QudtYiZOSohHlFZq0JVODcklmkcmPylK-To-qForPpqmVpso3xKftJMpwdK2oeeYvGkxXKCizV4DGSkNGHk9l_ilf5E3S_f9LzpAcg2xeI86AN54htGGTVHpyddz_ipQFuz073XP9PK8U_w&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=1210583404178589200&adk=1033480531&idt=144&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 14:48:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
33768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 14:48:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame F737 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsJdQNKQDFTwUfa_B4_UnnVtsPkTEtrTAGvIY3vctYPzIp8-PtzlWcE87Q6WgAYooNS2_tSF74tql1_B5bjNUQ0Sb1vw&cry=1&dbm_d=AKAmf-A-NKj2vVKjepqRYE1dL2nTG3D9M1X3jVgG8vk46uNXcdw2wWZvY8hKmwy2eUnmHMnj7kx7pO7flID4g2wRlc8jaQSIRaSp_My0LK_vu9eTg6-QOvqucPe3C3a6u2XEx7uXfQ1_wGSrindA2mrCuGU9RFJrMDT6CRiGru6K5Q-pnXPXJK0-9dFErONO3LbDqsw9NbmE7vdeqpxUTdrOj83HLBE9NWBYHJodiZWwAnerPSdnP-vtYzBvVhtlk490UrvR-ppJuzIx1FxHOJc_L0iMxQ2f-pIxbq2R9OuDI4DI0acBHidiJyx_Juihk4ttV9bN0PWMIpUQp0UTuyeyC2-WP7b9z23lJrsueTNSQkM_k02MHz7PWOS7-VL1AdgIOG1uP70CwgZPwDBV2B9dztdOqpugOxW55ZqlNlkJx8Znc1WoqKwfcDBlh9DF938RegVDIqhRcNKE9RpEwtpmpTfyc1CVHICIzFvv_p3bLB7IL-ovdEosY7m21CXzDws1yMR3pP4rABOhq9nFik0oa-KHRGV5NxSZnaFZM18KDxLg0erJuF7Oywv_3UtQrLsymsKUSIf-5vm3w6Aaua31DqJmyuYgzG5uGdzQXH-HgHovx1l5N1c63Zz3DqXp1KuZ6fiLrZQq8-2hZpdS_E5kok07H7_CXUFrR2OqG_cIvR3C3DhA_tRZVtkPxiX_YYbnuL7KizlCUIPyZOcOhUEcFjZey7RWO07OPs1nD385lMdsbZF4Frdvck7kG1pXd85HzAsdMyyiycziVQqD9QVJOfsBgQ9Zo91rNLRmtOIsRipVATsvJ8pE7imR7VCkag4hJlS989fNFt9w4xM3k_otGqkhQRPh5BV1JW-L2Jr5dnCYchj5n0chISJBKRvY-CEdftiZ-HSQNSl5QfANSCYOrnkx6pCGPJRza6JBlv1Re2uSXB0ayr3lCYpgC5CyzJu5TSNcHO_ARozkI4YrrZM9JalSrk4XzHIvnPd2IQW0bYAPTQL7wa74pKTk9QVyqPpamgMQ7xhkfLtJ0LE-qW7tmQ9cS3RGNGNi_5sli1YYynK-_sR89DM3ty6hGy0tEyYHKK5CudXADr9KBlyGPpwHlb1yVy_wNYRwvqvyXtGC9yB5MOCi_3JiDfW2ekaPQA58dvtKDuexKVqAyi55dcyQf274PFrZDjeXttl-BED_crEmcz4dsXz3u6eMIp2xLNAEQEa88_vIzObQZRVU41zCDsHGvoioIZ0jSTnD8kw7eFQ4oPGAr9vePYZaPYTByW2BQSbciuqGc1GmvnWer_prPm213rXSnFpaGTWg9r7VpRS_earwKLreO0-cNrl86_lsBXitOCTy8BnYhWJ6rIAsOwVDQI7ICPlmhUeJlHnBLHg3nZhQY5FMIHEcdQnUI2CPibouXbkDKJs7-wTPLSX0u0hmdUV0bUNo3iVxk-LNeBqeM-_Wg9U-vupGPODyfoyJxw3TrkYxQaOPT8jg32NwloOltSImLZzM5xnBq7v5VcW6i7inpKG_km8wo4VNxAVd1CcO__NmnXgQnTbDDUYe0ssnR3QMbfYGWhUyRt9nOSkncLwFBsLTkkiYPPSAN94FG6m_2sy9hbNQUYsnXT4cGSl4RTV04DTC03I7bR_d-TPUkfWY0w2lFVsLdrEGT6pQlBIJIK7hTbKwTaMfg4lf_tRBE7Mhx0BE41qdMhNuzRjGTuv-A7UiL_6ooVC1Sz8e6QGtPexn7Gr109cUeOvqPQptsfmPJDu7FjWpUHD-1o7enCuSqTSm15yTl4oS3ZkuTUtT3LEtQwKkXlfBs-ntasUfcUJPotyJCLZACx_uIZO-1A03ooQAaRczceuCMNgqUaJpvTtviI2p0PHkMurrfetJ85ptd4iN70RRQSoYwCjSpQwTJdf3iSi-WqqtFfLzGVgfoiZAShOaZpRoq7E5lLcI-f8XtQhHaJcAjZh-8pKgPfSRQ9WzEGJyDOn6ENpdKmhbJiHLEbNOc4Em6ykMiiYwJaHKvV_W2_JfWJyICDNMDSdrJHuZheoZQRoycYRrMB-zjy5QmoPHIERYBC7xlc5pelQAMo2jkXZgwAv7VmmlBq2RDw5sEKCH-MhYGg7YrYTdHLaxR97YkibyfPBq2z71uvCbLAnF2OmNjLtUMVBuWNN45cR5DD8Xr_zqcjQM6KR4UWkhWpf-O3L6euO-Eqb0XSFZtZXQAwvytLVQJtMtSpGZPyN2K5mD4K6yR58XvhV4AZVK_b-jZY_aUlwDzmSaLfooGXs324gQLfAxI4nyHFl9drZZRuZq4FYIlIskPmEsYMPF-qwFUgO2wZBs-ksO23W9plFN7CmXFQSF0SRpI_4GKYSecc_cWKzNz8X3ovw_M-WX99v3PBaMeKoJmdCcR0qKB6_ik_RJ7zEE6spkNY4qVBezBy3GALF9-2g4pOHj0_cTQSAkuK7xrzFvxjBSS0OLpSNH4-6VWMg8UjgnZVgSwKTlvCic7zjYUUjb88ix1a8kbIFbLkmuZhLeBbItBWkRzw54Tg8BmD9Jth0rVxowSHcKwW3k12OH9qm_7M9xx362GFaFPVMbvR036sY1UBVJK4A9OfWhn9ql5pvXZI2Jr3YtgpcXMTTXzrk3EOWb7VWjFQClMocg1j7jA0yJvGbMTatwcvdg4laor0KDMJLfP96rvKroddDVeKVAsdkbYG837Yf_GQ_5UBtGGxguQAvlieYso2_mXiw95d_1C8-MuzAjWXcBieQuQWelt84z5k6JLjlnNlGR5XardAtfbxlENOWZXKVdIogmRQad_F55V8p6zr-utf5hqfwP8PGv8uS8-4NtuISyNBHxXlD4HmHJ-UUREDQ9bVE6Kipsql6vIQttkmfFAXCrx_GOPUalRcOt6oehO21N8-ro8nZKnEUcBHuQ-T-rjvLlCebWaBwtDdhCQ0bUcUwp-ochCCrEAHs3kztKv3IlDRh5F_wlUujP-8t9t3F5ywLNB-0X3MJ3PJuJVNY6sOCaMjYfi0sTDMDjFhjcaBDT8OUpHBJuHWEHMDu1xW5lxEZZb5WYEAxr_WGCmXq3bWTgTAshpTLimnxHF0yjhAZkFDvdxQm0K924eYpzNWyQVeFpYA9SjxRHWDUhM9fR00qxrAH1lOX3AEWIe88g4OBL48or0qdIb6AqgxYGu2__z2BApZbAkn5d-oBdeXrmPNbr8WdW0993fcEQiahHHI0VGx8Hd2EyWVZmvE7-3yp2YAKu7iR5vp3sThKuBqv0w5g-550cI8jhy8WtUIUhOypAdvOYqivAbA7uaishtggXh7_mrcCcZ-m6A6m7o0oMQ6B9GXWJ0tcro_cWpPaZk2XVnCJWJKDVIObPvYdk_Er74t7538Cl6ssPQoCa9QBGLzzw6bSfAYfwwdW5_JJ--V1i3LVmLScye1KAJRKg_JsDEF6JcSk9Mym8UDzQCETpr6J8-dEj3dP71SnvFLlNNipv5WVrPXIQJC1kryPiKWnnZsGy4KglGXlUOuDMiDjxG34oQiHVKT8OgHzlu_MDQ5pgxekv8T227QdRZhoUr_LQWrP-iC--_RKRaeSagJq0FqgguaBurqL0D7WD9GRYkVpTd8f64hkihVIrKABJVCt1KtUY3w-B7PyG7S7pOUS1vP2J-rz-RVafvwQJqv_f4W4iXE95cyF3jZTBcYXwjrR8N9rWHomjiRAQ1ro1vDWz3h5l7rdT4E5gNq2PBELBSnf4ho_aXhW2QfKFNJoYHawUZsH2ClMo4E0xExmR4H8_iwSCeJr1HenOSpGyf6fsq360Rvg5NlVe30LfnUjd9GehWS9pwV0uZfR2tJqI9XMMLBrwd3CUyBdINfSG2OrS6rcJcQq47CwTHIZtXkK9L5E0QudtYiZOSohHlFZq0JVODcklmkcmPylK-To-qForPpqmVpso3xKftJMpwdK2oeeYvGkxXKCizV4DGSkNGHk9l_ilf5E3S_f9LzpAcg2xeI86AN54htGGTVHpyddz_ipQFuz073XP9PK8U_w&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fwolipop.detik.com%2F&ds=l&xdt=1&iif=1&cor=1210583404178589200&adk=1033480531&idt=144&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
23605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 17:38:14 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F737 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
150317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 06:26:22 GMT
common-monitors.1.12.1.js
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame 17BE 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.12.1.js
Requested by
Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-16.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
a65634ad828e4cc58a93b42d6b27e9f8c45782545e72640a85bd6d41574a86ca

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
8790ecc
date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
v/nuCuWdOdnB5ucRx3luPg==
x-tt-trace-id
00-8f10e8431064c01cc41382c61b2004d1-8f10e8431064c01c-01
x-cache
TCP_MEM_HIT from a23-54-206-16.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length
7849
x-tos-request-id
54a155435837b07065435837-abf411a
x-tos-response-time
Thu, 02 Nov 2023 08:05:11 GMT
last-modified
Thu, 02 Nov 2023 08:03:28 GMT
server
TLB
x-tt-logid
20231102080530C40000F7AB000A05A6E2
etag
W/"bff9ee0ae59d39d9c1e6e711c7796e3e"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-request-ip
fdbd:dc61:c:375::132
cache-control
max-age=300
x-origin-response-time
53,23.222.242.214
access-control-allow-credentials
false
x-response-cinfo
fdbd:dc61:c:375::132
x-tt-trace-host
014296f0efe8fe3558b9fd7e3ff7e8e777c4f3811b788d048709768af76997dbe038f94f41055619e4771e3f46615eb6041058ebe06f8cf09beb96083e6a885e78e1e0d70773771ab3c478a3af2918a9e01a27c91a6c4d9365675c06b132254e7335dd5408c7df403acd090cb998dfa8c7
x-response-cache
edge_hit
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 08 Nov 2023 00:16:39 GMT
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 17BE 		21 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 08 Nov 2023 00:11:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
Cross-Origin-Resource-Policy
cross-origin
Server-Timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
Connection
keep-alive
Content-Length
21
Pragma
no-cache
Server
TLB
X-Tt-Logid
2023110800113806C58C00DB8813FB68ED
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
91,104.126.37.172
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193089dfdb2b2f448cb7e56b20c4c20a5fdb0d28142c27517bc8a864178dbad29212ddb30f6507f718bfdaaa299f0b41881dc3db764bc319d6e74954b5fe1a439d34642394f6e42d72abf634511daa1ad4e
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9B39 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 08 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-1-131.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods
PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
60
Content-Type
application/json; charset=utf-8
Date
Wed, 08 Nov 2023 00:11:39 GMT
Expires
Wed, 08 Nov 2023 00:11:39 GMT
Pragma
no-cache
Server
TLB
Server-Timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=11 inner; dur=8
X-Akamai-Request-ID
2c16be53.3e2cbfb1
X-Cache
TCP_MISS from a2-16-1-127.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
X-Cache-Remote
TCP_MISS from a23-217-116-246.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
X-Origin-Response-Time
11,23.217.116.246
X-Parent-Response-Time
97,2.16.1.127
X-Tt-Logid
20231108001138DF2ADDACF5E4FD4FF899
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631938e958d49824d7f19f39ac50d3f1a4855bed6748d696c9ffcea6bd4daf04c6bb3ed050c038e25bfc71b85c69480332f427be1e4d77714ce8c0758d76c6310eb296cbb8be8449a2cff86c5ddb0f35cd959b6ea3d49d97aa6ee7e775e7d737c1dab
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 08 Nov 2023 00:11:39 GMT
Server
TLB
Server-Timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=133
X-Origin-Response-Time
133,104.126.37.172
X-Tt-Logid
2023110800113806C58C00DB8813FB68D7
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193089dfdb2b2f448cb7e56b20c4c20a5fdb0d28142c27517bc8a864178dbad29212ddb30f6507f718bfdaaa299f0b41881b58432eb00c3d6280b57963c022601a344c236f08fca8663f726b36475d80f8c
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
graphql
apicomment.detik.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newcomment.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://newcomment.detik.com
access-control-max-age
86400
content-encoding
gzip
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 00:11:39 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
server
comment1
set_cookie_flag
HttpOnly Secure SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
graphql
apicomment.detik.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newcomment.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://newcomment.detik.com
access-control-max-age
86400
content-encoding
gzip
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 00:11:39 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
server
comment1
set_cookie_flag
HttpOnly Secure SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
truncated
/ Frame D264 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3bf328ff3e0ec98a0e52d8d148a51b92dd5ee39b8cac661f2dffdcf56f780ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F15B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28182
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 08 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F737 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3e5f97fbfdf1df08db28405bc5c78d43eedde5ba37732c2eb5fad308e5eba14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:39 GMT
expires
Wed, 08 Nov 2023 00:11:39 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=157
upstream-caught
1699402299612590
x-akamai-request-id
df82dcd2
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
158,104.126.37.181
x-tt-logid
20231108001138E09ED3CFEE89BB060DB4
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf0380a9e77c6fcf535f3d5ea405b758ec2af62a1ace6c6c0a3370dadc1830fb7fd8b1158912463d36960b27e4b07a0bbf8
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ 		7 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82ddf1
date
Wed, 08 Nov 2023 00:11:39 GMT
upstream-caught
1699402299808962
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=158
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001138A64675C62B3D3C032892
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
160,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
expires
Wed, 08 Nov 2023 00:11:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FDD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufQs8XzX8EhTozIGpvb9b2kN3mk3gElL80OTD6bO5ydjOFfWmue-OWzwMSgB9a46QwuUd0-Sxw8V26FYjo0VV9Ub0tqSuiMNhH0Vf4lBCnB-6AlIME15won1rp267KqO7IPgQoEGD0yEOjTF4FcPYLNsiBkOKtgZhkkIcml87z_vbN51tzlB9EyZrq0e1Zu0NB_F1lu2MVIe9QDglLfiWPXvG2Nr2FSVRid_V3mO3WxUWuQpGJkqVZjjCmmH-wT2RKfCesnIFUYRjt5KWiMemvGP9ItT6SzuRfNE6CMnxw3afulFw6-Wk2U68-XrpqCfxPQu6QM4vtw9gASzmHERYXFqs_bqeh&sai=AMfl-YS1a7_0rUf65ib8ALl_1JofrJQ4O5OtQvmiZ533saVEKho6qtkTt2laCQK5b-NzLUtoCGDBka7Sx7nM215Z9nzX9qSqw9wg7LGWnTyKWHcbPXPlf2KyJLSeyYf3ew&sig=Cg0ArKJSzOYeV35B8kehEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 00:11:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMLcC6XYSD9G7Afhp2kfxf6IwZTlLk2yHLjQBBJAUsH_HbYkr4aM6BwYXRMxl9VdMyQFjClzC8Z1qnFqH7M_UVovkwqP-aKY66HVGDmIGsNLkHwF3iCjDv_vkqYAh8-MxgJgPZEqd5gR5fiqG5_KJ1ehMRiJrN0agsJxOwzkHy1TGoMycF47N-xOpZeua4K7Ssam1vAzbwTzOObrnsY1qzxLfZ1hJmO0b0EmBnRKTLBAX0gnKwGka1pvYkARQocZ_sXXpd7joNWdYw42051KYemiKQ3CS5U2CHS7ealD13Hi-KRYxtnG2460jUo-Ughj4hO_c65edXI1Ran0hyLVR7ak6dJk2uvusnKOe5oe3-c8E&sai=AMfl-YSMt6h3xwyg0T43RdMm0t3GzsZw64Lem9AX6bp1bjjUQPgyeCPoMJfAJbPP3sZzbZk1gruj5YeS1QCTdLFw-5RWP-ZjXrQX0kAZMq3MQKq5zf3wEiNdAEFpZUa9wA&sig=Cg0ArKJSzLkzGMaXSD8UEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 00:11:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E6B5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3cd347fe99e5933a2fe93e59e456a3bab2f17e08aa45376a0fb87061054e7ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12046
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 9B39
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEABNQ3tCpp3eini06hSCZjo&google_cver=1&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr2EF_LhmuiBND0omM&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr2EF_LhmuiBND0omM&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR4eNGONzJ-Q7wkdy66E2bwlRZIVZhgDhs0imz96tRF4KRyU8iZgYw8S6zXjPZfuGXlYr_jOCk-Rmr2EF_LhmuiBND0omM&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 9B39 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6fOQplLa6eNqNHs55AG0M&google_cver=1&google_push=AXcoOmRsmgM0GHxqZa21X6D4ns1AMA4tS3e5ObdcFDUhNjRq_CpHXZWbihzpwXdrMU9P8rq80Dvg67RVL3mSTbXQk7mBcZDEAg
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dds
rtb.openx.net/sync/ Frame 9B39 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENlM1XmQKj1oIlpUyC8FNmM&google_cver=1&google_push=AXcoOmRUYItshPEav7V3y5ZrqlCY4tDlkTK43T69w5kPbA0v4Yo-g6V88c3-Ht65hQMhpZRS3uja46xqVuNqfnLafgOOENFPAA
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 9B39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHEblQyuQvW4piFukeGgZUg&google_cver=1&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9QMDkwRFMtMjEtTEY4&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wtqxRj2qbjhIHLd-gwiXM-bKrA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9QMDkwRFMtMjEtTEY4&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wtqxRj2qbjhIHLd-gwiXM-bKrA
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9QMDkwRFMtMjEtTEY4&google_push=AXcoOmQhsTMoCzzJ3dSqsuI42Bkaj_HFL7-EQga-IkOSvHjddrREjqYFjP49j5jv4J3aQrBB8wtqxRj2qbjhIHLd-gwiXM-bKrA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
-
s.ad.smaato.net/c/n/// Frame 9B39 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPkVUSmqVoJH4wsLPFeu3L8&google_cver=1&google_push=AXcoOmSSsA67ReyrAvV2RH82zDsJ-tgQX1LR2NiRcgrNizuZidELfc1fnezsIbwd18uu3G1T4sj0EcKsg1FBbeQL9f2Cwj4f5w
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
cache-control
no-cache, must-revalidate
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
u74tjvQKnO_jG7JjSocoVZ9N7LdPYzqTxiZnCaa2D76ewPGlkK1q2g==
x-cache
Miss from cloudfront
sync
ssbsync.smartadserver.com/api/ Frame 9B39 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPIxKGb0BUfzoe4snTqycyE&google_cver=1&google_push=AXcoOmSE13HOnagod21NDLU-qHvuAkJ0t1xYYNX6FQaiF-9D3m3mqRu1bKgA36VaDEVnvyzfXl3CS0rPsPJYuRvpFv-zP-S0frY
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.69 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:38 GMT
content-length
0
report
sync.teads.tv/um/ Frame 9B39
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKnjcpj_rDM1...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT8CyJ0Cuj8LWjgZX4rwmh_g3cbK0F4TdyykAkc7EHGYwj9NWzNZmwg6-iQgPXGZEQggxlvIO7ksPiiLrCh9QjON8_xEACd
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Wed, 08 Nov 2023 00:11:39 GMT
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9B39 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7pQfpYlcu9VumSnGi2iLBSAk9c-ydpfXG1_T6pH9cTaGJjTGMfqtN3LP3Kcbu1fM_4TosCA
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame F15B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPmef1cOekqkjudYjC3aBvA&google_cver=1&google_push=AXcoOmTrXNkmOseREirbL-KoeLMtmKcThcLaurXxHHdZ9jgo75wup0ZjvhlSk6jhM6otXLDuLizYqDl7aBeLc2_3O4hD_MlZNX8
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F15B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHdPR3B3bUoxUjB3YXY1&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHdPR3B3bUoxUjB3YXY1&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie4fjgxg7aoyIq_Gz5kjs_oL_iSyDeX-lC1JJsDPmpKi9zRek28O1w
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0876b9bf50f8ab74e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eHdPR3B3bUoxUjB3YXY1&google_gid=CAESEBIYhzv_rdsZyqEXT9yUrYo&google_cver=1&google_push=AXcoOmQ2AIqlpinfllE7F8sAlWex8vbW0bWFD4Gzvl-svie4fjgxg7aoyIq_Gz5kjs_oL_iSyDeX-lC1JJsDPmpKi9zRek28O1w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame F15B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo...
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822999964c443a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
540
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSzZyL6LCkVCTaaSLqhhbmYlDrh5iWHcC24r07WKSCd7geWasU8Qy1GXWbu3oQ2DkgDpALwtcDRz43EaGKonfiFeQ3Elfo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82299994ea813a78-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame F15B 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMQwLzjYMaSieo4kd_9ivtQ&google_cver=1&google_push=AXcoOmQK2qZA95Og69puHcu-yF0jpLjOZ5ZTCer5I8LQ16Q3m-lyPryKj4sg6fyvXx0FSUsd-Pmc5RWiE1YgpX47TJzD73gBGGA
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F15B 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELBvxZnn3ANTd92FkAaYViw&google_cver=1&google_push=AXcoOmTfyeRKbCY4azac8DJj8kUCYiNU9sgDKaOZdH_QtN6IQHj15BoFbm6JEZksPyu8E2KoU2CkpHtGGE_1dUy7-Vq8Xr_BTVY
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame F15B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENfQLpj3U5Xgpo-wNgMBS_4&google_cver=1&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7m...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENfQLpj3U5Xgpo-wNgMBS_4&google_cver=1&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7m...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc&google_hm=HnnrtGZHCkXwMt58TgqqPv27
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc&google_hm=HnnrtGZHCkXwMt58TgqqPv27
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Nov 2023 00:11:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQqS3VsXigcpgJH_4UWU_5LSiSiXj6jEN_LsH3zF5EkDHpLfmdfhzp5riq-vzYHcrB68xCjgKsEFTQSXob7mM0iBhHH3sc&google_hm=HnnrtGZHCkXwMt58TgqqPv27
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F15B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXft...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXftmP4PmLtHUqA69iGqO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXftmP4PmLtHUqA69iGqOzQAISqnR9NrxAm2V74uD5dbYvQtZHdZIv3pjn_RUICqFsCe-k6q693r4u1-MJ0J7y9
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
an-x-request-uuid
23662ff7-5ce9-44bb-b756-02f2cb928da7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTMwMzM1Njk1NTU3NjEzOTI2OA%3D%3D&google_gid=CAESEFefFPo9k_8E0jovwDbzHyI&google_cver=1&google_push=AXcoOmTw5f1SCWXftmP4PmLtHUqA69iGqOzQAISqnR9NrxAm2V74uD5dbYvQtZHdZIv3pjn_RUICqFsCe-k6q693r4u1-MJ0J7y9
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F15B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqnTJSolkQTHU6g1n94nPRdxyVvDyufktvAO_2HURD9JG2scN356r5gseTMo8vIMnhBDsA1Q
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
emojione.sprites.css
cdn.detik.net.id/libs/newcomment/emojione/1.5.2/assets/sprites/ Frame 10C6 		79 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/newcomment/emojione/1.5.2/assets/sprites/emojione.sprites.css
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.vendor.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
4e81ea33256277be61e086d13820e31000f8c2fad4d866bbcee58d80d9c6b8ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Sat, 26 Sep 2020 08:20:28 GMT
server
st8
content-encoding
gzip
etag
W/"5f6ef9cc-13d9d"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
emojione.sprites-min.png
cdn.detik.net.id/libs/newcomment/ Frame 10C6 		72 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.detik.net.id/libs/newcomment/emojione.sprites-min.png
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/frontend/static/src/assets/css/fonticon.css?v=1.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
a2f435d01803e94ed206716ea5626d49b3341d0b764fda579800f3140faa7b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Wed, 04 Mar 2020 10:11:15 GMT
server
st8
content-encoding
gzip
etag
W/"5e5f7ec3-120b9"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.html
s0.2mdn.net/sadbundle/12154654814575565117/ Frame BA9A 		78 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83ffcaaedcce5daa842ae95dd1ccba7bad10f4d9cbe9dba80eb1eaef3cec7e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
29277
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 11:09:32 GMT
expires
Sat, 02 Nov 2024 11:09:32 GMT
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F737 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEZXSKBgBCy8W9d4BTkocXnGsLI6uAaSEhQ4z8W02EeuMFQbOOVAoZ3t-ZcPp4DLZIwbTR2fYJ4HHCf2qXElHUFHyYubdpxbyPS-BT4UQ3S3TDfIMRC_xAZjQY3vEmmeJSJeuJBtTa_e6vass0KbYH-8ROq2Zky6jfIoBPwMSkKhRYginEJ6MIiHkb_jnGsRFDVB1X5LTrcOOdzk2PsKCOyCtwQuA5mpjl04oUu8vSXzbKBkFTx2jqrN9C0cO67aA8QHVa5xjmTyUOToNzUJyRPRZvuM6ddP8vkbdn3cx-6EQhG96uTkeYhEbg_mf5xI3V37p0sbQSxWDalJ5FGsrYNUySoG9Dq-K1703aT_165Z8X0O0SZ7bbByuT2UCxDiNO5szHvXgd44xlSWNWEYlQbzc-X_A1lQHqJrezxA9zOGYiR9Gn4TOSsNhqCqydFk-eTxr2Io3jtFmJ7_AFL714j5X4CB8HIf65I14Qn871858pfbZLrDYLA6D3ACb54e9rfUPPuwioqtxUSHLXgPGGUxIc2hpURSt-utPJGyY6ZdSV0xDJnBxjeecSKMyKO9xld5rckqREveO1lqy-GurVDNPkDNSJJ64J3yxiPkQq9qFD7BtAMEFQ7rRIuJwW5wkEazr13DwPaGCvjuAhSMulPSEMR9uiiONu76X7WicAHVVQh7LfNvYEOdbiGbnypJzxrNN9Yby62yEEfmImTvuLELZdSYkABWQ_cexnNhqacxE_TXPa6uwc8ee9H_u9xzTwWAHWYQE-HmQPoqAm39DF7MybpU8PKer2x2ILhNwe4GORqcKRQLlXWwOF2au8qNQlAoexWzqeRxMZCrWjgdEiFo6A5woxqEFkP1MZpWnkIQOHRBs-k7MjMRtXVly5i569m-HEsN4gAkDL_FlFY2HG4qq9B6fnusUB1IRqOiPtnqGisGUQaPgmyaDakqwQpB-KZCQ_2jw0RreJySbbKXcPlPLih9NdjcJ7w2HKgg_rX75yF839EtMnJSGyyuR1h6NikxEMkzHc0YxZhDFpKFuBnY_002w6ZcXj7i_0loi_7z9Mz8oswOu9SNs7CczCZBgdIrXFmFyKMeyPkn7mo5OsI3uKA3E9fj-SxIQ7RwQvupbgtnWyNOz8nNdJ8JJaVcsC3Lbde3vC3edarSOLmxGrAFMupx_9lcPLsMxztNGA4jokXov_tqA7q1FNFXhI2alXrU1KFwHQXJuPKbRyJk1Kchht53aDs9altmO6Uwg1VhiCaL9mhVWeJnFxocfDAKImObcYk3KBsqXq5tEL6Y61p-lMJSfuampNOoiG1wcgNam6B9FbyFNyBR8RQiLG-QhUl29T92rSx-kdKTRpvUcbxDhZux71D__CsJSMFq8v7LNRvx2g2_nhXopY9_0ANlN9xAku6W9nGEHnrZujloMxaZlJpwDbKk0nG8pwJVdHXC82vgxwN6VEM3jF68cadNHS1jfM9RrASAjjrw&sai=AMfl-YRFfMIFWw2CGR8DxlbuVtds3yyiiWzd_De_-BlTY_UoxEEsviVjs9c2Vf_zqg9PLbXTnyVOLLm8xswY8E9NtC7AcB44dDnEe2Cc8Wlgf97FBjSEUvqVLFZc_n1Yg6oh7M7LGdxYUOd8iADPS3sLkqV7WHfrs4fwnSh9tZ7ndkYbVfdmn7AZXfwQLM13gUv4d8qtnj9E91OkDw-p_eRya3wkyQVjSv1XaHppfZFt2bKxF1tVCLvzpMbr644o1gSBa63TCt2gjsV19gOwbeQiaizW11-t9F0&sig=Cg0ArKJSzIeihN3CC5yxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=233&cisv=r20231102.49379&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5046 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
150317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:26:22 GMT
expires
Tue, 05 Nov 2024 06:26:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AE35 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
150317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:26:22 GMT
expires
Tue, 05 Nov 2024 06:26:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16220614310661960/ Frame 28B8 		78 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9646d73acc6c6c757dd1645d1a597114c3f1634982f54a7521dd9352bf5b79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
391958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
29273
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 11:19:01 GMT
expires
Sat, 02 Nov 2024 11:19:01 GMT
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D264 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvogtf6LYlGXBVXvOym7ol29h-RzOCwur7GieViM_qbG2EzllMzjiy1vZtHM3Fo2TsJl8Y7-z9c7HbThxgIt33jCnppBjmEcbsaD_SETLdrGZxVChNfFd2G7M2E7ig-M4n9v66mkl-ZMPc4oXF1EvTX3S243J1lje0arifLnI9KQWQL7UF6bf1amWe5wwJ0NeQkL-nTmfTe-PAIqyPytKFsmxg1Zz6eGLp_6oBpBYulYbdCmkApgEzp_7Fc0H_B8ivMpp1oAtbZzSvcqNN-7f7uKUgpByawQN02WIA7jMXJFmeYEIO0gyHWmMWg9dl1AgNYE2yk9_ELZ-wCs-JBcX7DHraeZ-hKd4HDAPnsedg9syfXgR_EBKnO54BcHDSlmBQYI5xERV5DmIdoYnedbf7CtI5zSwdrQDqfhif61akdfbdS0K6YoafJHKGRE8aRjvAVZ2qpWzeYy4g1_rnFBqR4XGYMCjLs4XMCD-8wstKYuwdgFR7oRwg6QtA9_CnEVCkBG6zM-lHM0WJVwwmIbNMZTSPPIFmY_ZqDInhtb_pSwZW3A7mbsZ9ZtbXb4wzy7oH8Kas_Q0twXXPOT2269GK5RHYq19WCUR32Azp1dB-bPEUxu0njJf6czu5L912kBP-Q9d9cMA6DQS_ZybtWsGPwxIJRFzWRM3GidA3gEhUmqBQnsedpn1Bme00YbOffj-ayHiE3LMmSMrxpx0ayqLvYxhJTpUbP9LTkBkzB89T-d1b5cdWiCyn86PjWo4d01L0-N0EAszs-k5VNBAz33QOzvvEN8YbBywkkPCrruWC1stF-DgSwIzbPDgr6jiPrUxk7lWF81nlbqC5dXU-0WmLilRZhqyTetd_omcU3Hk3UGXhrDmK-FwXcg_uz9fK2XTOsyEzoifhCwqwRK-de_TzeGSqQPp4wyGJ6ogztia6jWPko2ZSpbBxLRqL3wRIXnQjtcJtjFt9DGVMRZ-i9nJhn_wXafwP2v2e6I53NWyWMGudQPam7sI6CBSYf-fTCHSqwubNKywlnGnt-22x15EbsGz0BEty9MjpUtxC6JWTTxwbKTKtxypeoGM7Hbxw_eT4bSpLf3_2dIu3TJfmf0U6jB5TWlEuJI_oPNHhQ7jZCxgd_v1KoeL63cGmGhy8sS658fOa4FnHzOD9qFGzykpeDBXCxk0cfc6Fuyvn6MjVyRFCEFwJ-6RUJxLpOVywNaoN39gmE9CER7_oklFdIStzmIVOev6Vjr_BNUMh-wDJ0t4IOLKKQnE0xcd8Sdjd-wPNzVB317eKWUAe2XqsP7DniX8GrO5vX_fiEpisI-wFBGRz3n6ZAeYK1AfJEuI_HCYWxykZvkRSglVxnwdDWx9gV_oKl7lTJtlcapj9K-t4arfwJB7eAVLgMOE-PylFykp3PY9RtqKpY2stz_JlY6UpiGDXxzBAMqbf_BmEsgK6DT3XaiyH9nAlL9397i9Eqh2QrHgu2asDe9AE&sai=AMfl-YRGBdUd0fEQdnYIpYliTCnGuxZ3zM8UxNI0Jp-Aw5pL41GewvE153IxZNbyV5t8BCFdxtp6hHJgjhjVV94ZZqXw2W4HRqdD6z-K7y6900VJB8RKNopHP1uWaSaexnkqGTeonNI6r04i_ir_otya_LRbMyFeFGye_kFGbfXvkjvvOa1bXDGMcEGTAwbZPxD4plhp7toq7A4W5zGH0CbnEZVvn_4q_KCKmNcAEdIVbhQ4hIpfkl3J0jXd-A4yZyDWoZEFovWBAaxpDqFolnu5a0WKwPptVQo&sig=Cg0ArKJSzE16ewFDOUpcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&cbvp=1&cstd=267&cisv=r20231102.84872&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E6B5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 00:11:39 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 5046 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
46024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 11:24:35 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame AE35 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
46024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 11:24:35 GMT
truncated
/ Frame 17BE 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
MangoSans-Bold.woff2
s0.2mdn.net/sadbundle/12154654814575565117/fonts/mangosans/ Frame BA9A 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/fonts/mangosans/MangoSans-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55c7c4307285eb8ca071d5fb28d0b4ab43e23a33e7c55e285dc4afc08763d39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49196
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
mango_white.svg
s0.2mdn.net/sadbundle/12154654814575565117/assets/common/ Frame BA9A 		2 KB
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/common/mango_white.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b266296e43440ff6ec4e7db57aa17e3cf7066d333fdce919cccc85bad19a731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
990
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
mango_black.svg
s0.2mdn.net/sadbundle/12154654814575565117/assets/common/ Frame BA9A 		3 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/common/mango_black.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de884b5c344004ff4f6332583e6685af92ae92f792f097bf1014af6ffd4e41a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
882
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
claim.svg
s0.2mdn.net/sadbundle/12154654814575565117/assets/common/ Frame BA9A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/common/claim.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6398701663a474d38695de7a5c41d627e21283fe1b4f79005ca7da4319a016d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1964
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
claim_black.svg
s0.2mdn.net/sadbundle/12154654814575565117/assets/common/ Frame BA9A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/common/claim_black.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe91a665f766809bbcdd7d59c1ebe99b60ace8fa2eee2c51572ea12f134b9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1997
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
1-970x250-clean.jpg
s0.2mdn.net/sadbundle/12154654814575565117/assets/ Frame BA9A 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/1-970x250-clean.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34dfd15f2be49ca29d9b326555f11b0c5366cc7ca80e9b8c5b65033a2e461543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31918
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
2-970x250-clean.jpg
s0.2mdn.net/sadbundle/12154654814575565117/assets/ Frame BA9A 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12154654814575565117/assets/2-970x250-clean.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbb36a06b82d9d7d2ade97d47a9c55eb04ad3fe68b0f66a045c823b95d977450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12154654814575565117/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:09:33 GMT
x-content-type-options
nosniff
age
392526
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54811
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:09:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 560C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 21:04:38 GMT
expires
Wed, 06 Nov 2024 21:04:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A62A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
792a99e282ccc16b813a512d025afdf0ef3f2634999dba7ec7118bb450c940cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WfxCxBm8kStpDZpmRAHPlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WfxCxBm8kStpDZpmRAHPlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:39 GMT
expires
Wed, 08 Nov 2023 00:11:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MangoSans-Bold.woff2
s0.2mdn.net/sadbundle/16220614310661960/fonts/mangosans/ Frame 28B8 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/fonts/mangosans/MangoSans-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55c7c4307285eb8ca071d5fb28d0b4ab43e23a33e7c55e285dc4afc08763d39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:01 GMT
x-content-type-options
nosniff
age
391958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49196
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:01 GMT
mango_white.svg
s0.2mdn.net/sadbundle/16220614310661960/assets/common/ Frame 28B8 		2 KB
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/common/mango_white.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b266296e43440ff6ec4e7db57aa17e3cf7066d333fdce919cccc85bad19a731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
990
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:01 GMT
mango_black.svg
s0.2mdn.net/sadbundle/16220614310661960/assets/common/ Frame 28B8 		3 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/common/mango_black.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de884b5c344004ff4f6332583e6685af92ae92f792f097bf1014af6ffd4e41a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
882
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:01 GMT
claim.svg
s0.2mdn.net/sadbundle/16220614310661960/assets/common/ Frame 28B8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/common/claim.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6398701663a474d38695de7a5c41d627e21283fe1b4f79005ca7da4319a016d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1964
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:02 GMT
claim_black.svg
s0.2mdn.net/sadbundle/16220614310661960/assets/common/ Frame 28B8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/common/claim_black.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe91a665f766809bbcdd7d59c1ebe99b60ace8fa2eee2c51572ea12f134b9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1997
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:01 GMT
2-728x90-clean.jpg
s0.2mdn.net/sadbundle/16220614310661960/assets/ Frame 28B8 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/2-728x90-clean.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71a3ace46042d2c3fc3b5ffba3c6dd6b2b71652251a957638828b11f51459cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:02 GMT
x-content-type-options
nosniff
age
391957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19447
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:02 GMT
5-728x90-clean.jpg
s0.2mdn.net/sadbundle/16220614310661960/assets/ Frame 28B8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16220614310661960/assets/5-728x90-clean.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cbae38cb278c74757d7a7ae8b0ed4c93f89dc38eb96d6956cd12645557e0fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16220614310661960/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:19:02 GMT
x-content-type-options
nosniff
age
391957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17114
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 10:55:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 11:19:02 GMT
resource
mssdk-va.byteoversea.com/web/ Frame 17BE 		223 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mssdk-va.byteoversea.com/web/resource?eq=8fhrTbdoUUs46LGV978KruLEL4JJDgj3vje1rU-wwHcUwdv4osmKYJkwy5rtQ6pLojfLkOCGbJuwQt8k0A23CLTeFdqsTHWK
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
bfee8ae071d345a9f9c45f775ee9b8881308b80ff6856b52f58af41d1876fe5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Akamai-Request-ID
6b7282a5.1b8eb8ba
Date
Wed, 08 Nov 2023 00:11:40 GMT
Content-Encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a104-126-37-172.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
X-Parent-Response-Time
259,104.126.37.172
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=172, inner; dur=170
Content-Length
229
X-Ms-Token
FGWRBJ6e1T491sPLrzIw3BpuEe7mn4NNSsvpzYB-bu0o0sc8P5FMTrFUT72c-5XA8Nz0pNYobaI15XJXZQiMzvTyovk6X5Pbx-pWHXJkZSU=
Pragma
no-cache
Server
TLB
X-Tt-Logid
202311080011380D9E0B746B63694D858C
X-Cache-Remote
TCP_MISS from a23-220-105-154.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Expose-Headers
x-ms-token,x-ms-resp
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
173,23.220.105.154
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193ce5e23f64308e733449e405c95d04e3eb37a7ea8d88f22db7090592e46303684eec8110faacd02365faaea6af1bfc2def7848b65d5f2e971b1b57824947a1f56efc2b8ce3312a8bba98e6dd3499ebd5dc38b5548d821fcbc12ce9fc83c7f4496
Access-Control-Allow-Headers
x-mssdk-info,x-ms-req
Expires
Wed, 08 Nov 2023 00:11:40 GMT
container.html
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C7A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Thu, 07 Nov 2024 00:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D264 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvogtf6LYlGXBVXvOym7ol29h-RzOCwur7GieViM_qbG2EzllMzjiy1vZtHM3Fo2TsJl8Y7-z9c7HbThxgIt33jCnppBjmEcbsaD_SETLdrGZxVChNfFd2G7M2E7ig-M4n9v66mkl-ZMPc4oXF1EvTX3S243J1lje0arifLnI9KQWQL7UF6bf1amWe5wwJ0NeQkL-nTmfTe-PAIqyPytKFsmxg1Zz6eGLp_6oBpBYulYbdCmkApgEzp_7Fc0H_B8ivMpp1oAtbZzSvcqNN-7f7uKUgpByawQN02WIA7jMXJFmeYEIO0gyHWmMWg9dl1AgNYE2yk9_ELZ-wCs-JBcX7DHraeZ-hKd4HDAPnsedg9syfXgR_EBKnO54BcHDSlmBQYI5xERV5DmIdoYnedbf7CtI5zSwdrQDqfhif61akdfbdS0K6YoafJHKGRE8aRjvAVZ2qpWzeYy4g1_rnFBqR4XGYMCjLs4XMCD-8wstKYuwdgFR7oRwg6QtA9_CnEVCkBG6zM-lHM0WJVwwmIbNMZTSPPIFmY_ZqDInhtb_pSwZW3A7mbsZ9ZtbXb4wzy7oH8Kas_Q0twXXPOT2269GK5RHYq19WCUR32Azp1dB-bPEUxu0njJf6czu5L912kBP-Q9d9cMA6DQS_ZybtWsGPwxIJRFzWRM3GidA3gEhUmqBQnsedpn1Bme00YbOffj-ayHiE3LMmSMrxpx0ayqLvYxhJTpUbP9LTkBkzB89T-d1b5cdWiCyn86PjWo4d01L0-N0EAszs-k5VNBAz33QOzvvEN8YbBywkkPCrruWC1stF-DgSwIzbPDgr6jiPrUxk7lWF81nlbqC5dXU-0WmLilRZhqyTetd_omcU3Hk3UGXhrDmK-FwXcg_uz9fK2XTOsyEzoifhCwqwRK-de_TzeGSqQPp4wyGJ6ogztia6jWPko2ZSpbBxLRqL3wRIXnQjtcJtjFt9DGVMRZ-i9nJhn_wXafwP2v2e6I53NWyWMGudQPam7sI6CBSYf-fTCHSqwubNKywlnGnt-22x15EbsGz0BEty9MjpUtxC6JWTTxwbKTKtxypeoGM7Hbxw_eT4bSpLf3_2dIu3TJfmf0U6jB5TWlEuJI_oPNHhQ7jZCxgd_v1KoeL63cGmGhy8sS658fOa4FnHzOD9qFGzykpeDBXCxk0cfc6Fuyvn6MjVyRFCEFwJ-6RUJxLpOVywNaoN39gmE9CER7_oklFdIStzmIVOev6Vjr_BNUMh-wDJ0t4IOLKKQnE0xcd8Sdjd-wPNzVB317eKWUAe2XqsP7DniX8GrO5vX_fiEpisI-wFBGRz3n6ZAeYK1AfJEuI_HCYWxykZvkRSglVxnwdDWx9gV_oKl7lTJtlcapj9K-t4arfwJB7eAVLgMOE-PylFykp3PY9RtqKpY2stz_JlY6UpiGDXxzBAMqbf_BmEsgK6DT3XaiyH9nAlL9397i9Eqh2QrHgu2asDe9AE&sai=AMfl-YRGBdUd0fEQdnYIpYliTCnGuxZ3zM8UxNI0Jp-Aw5pL41GewvE153IxZNbyV5t8BCFdxtp6hHJgjhjVV94ZZqXw2W4HRqdD6z-K7y6900VJB8RKNopHP1uWaSaexnkqGTeonNI6r04i_ir_otya_LRbMyFeFGye_kFGbfXvkjvvOa1bXDGMcEGTAwbZPxD4plhp7toq7A4W5zGH0CbnEZVvn_4q_KCKmNcAEdIVbhQ4hIpfkl3J0jXd-A4yZyDWoZEFovWBAaxpDqFolnu5a0WKwPptVQo&sig=Cg0ArKJSzE16ewFDOUpcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=522&vt=11&dtpt=253&dett=3&cstd=267&cisv=r20231102.84872&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F737 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEZXSKBgBCy8W9d4BTkocXnGsLI6uAaSEhQ4z8W02EeuMFQbOOVAoZ3t-ZcPp4DLZIwbTR2fYJ4HHCf2qXElHUFHyYubdpxbyPS-BT4UQ3S3TDfIMRC_xAZjQY3vEmmeJSJeuJBtTa_e6vass0KbYH-8ROq2Zky6jfIoBPwMSkKhRYginEJ6MIiHkb_jnGsRFDVB1X5LTrcOOdzk2PsKCOyCtwQuA5mpjl04oUu8vSXzbKBkFTx2jqrN9C0cO67aA8QHVa5xjmTyUOToNzUJyRPRZvuM6ddP8vkbdn3cx-6EQhG96uTkeYhEbg_mf5xI3V37p0sbQSxWDalJ5FGsrYNUySoG9Dq-K1703aT_165Z8X0O0SZ7bbByuT2UCxDiNO5szHvXgd44xlSWNWEYlQbzc-X_A1lQHqJrezxA9zOGYiR9Gn4TOSsNhqCqydFk-eTxr2Io3jtFmJ7_AFL714j5X4CB8HIf65I14Qn871858pfbZLrDYLA6D3ACb54e9rfUPPuwioqtxUSHLXgPGGUxIc2hpURSt-utPJGyY6ZdSV0xDJnBxjeecSKMyKO9xld5rckqREveO1lqy-GurVDNPkDNSJJ64J3yxiPkQq9qFD7BtAMEFQ7rRIuJwW5wkEazr13DwPaGCvjuAhSMulPSEMR9uiiONu76X7WicAHVVQh7LfNvYEOdbiGbnypJzxrNN9Yby62yEEfmImTvuLELZdSYkABWQ_cexnNhqacxE_TXPa6uwc8ee9H_u9xzTwWAHWYQE-HmQPoqAm39DF7MybpU8PKer2x2ILhNwe4GORqcKRQLlXWwOF2au8qNQlAoexWzqeRxMZCrWjgdEiFo6A5woxqEFkP1MZpWnkIQOHRBs-k7MjMRtXVly5i569m-HEsN4gAkDL_FlFY2HG4qq9B6fnusUB1IRqOiPtnqGisGUQaPgmyaDakqwQpB-KZCQ_2jw0RreJySbbKXcPlPLih9NdjcJ7w2HKgg_rX75yF839EtMnJSGyyuR1h6NikxEMkzHc0YxZhDFpKFuBnY_002w6ZcXj7i_0loi_7z9Mz8oswOu9SNs7CczCZBgdIrXFmFyKMeyPkn7mo5OsI3uKA3E9fj-SxIQ7RwQvupbgtnWyNOz8nNdJ8JJaVcsC3Lbde3vC3edarSOLmxGrAFMupx_9lcPLsMxztNGA4jokXov_tqA7q1FNFXhI2alXrU1KFwHQXJuPKbRyJk1Kchht53aDs9altmO6Uwg1VhiCaL9mhVWeJnFxocfDAKImObcYk3KBsqXq5tEL6Y61p-lMJSfuampNOoiG1wcgNam6B9FbyFNyBR8RQiLG-QhUl29T92rSx-kdKTRpvUcbxDhZux71D__CsJSMFq8v7LNRvx2g2_nhXopY9_0ANlN9xAku6W9nGEHnrZujloMxaZlJpwDbKk0nG8pwJVdHXC82vgxwN6VEM3jF68cadNHS1jfM9RrASAjjrw&sai=AMfl-YRFfMIFWw2CGR8DxlbuVtds3yyiiWzd_De_-BlTY_UoxEEsviVjs9c2Vf_zqg9PLbXTnyVOLLm8xswY8E9NtC7AcB44dDnEe2Cc8Wlgf97FBjSEUvqVLFZc_n1Yg6oh7M7LGdxYUOd8iADPS3sLkqV7WHfrs4fwnSh9tZ7ndkYbVfdmn7AZXfwQLM13gUv4d8qtnj9E91OkDw-p_eRya3wkyQVjSv1XaHppfZFt2bKxF1tVCLvzpMbr644o1gSBa63TCt2gjsV19gOwbeQiaizW11-t9F0&sig=Cg0ArKJSzIeihN3CC5yxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=521&vt=11&dtpt=285&dett=3&cstd=233&cisv=r20231102.49379&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A62A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=3253451422209209&rc=
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
/
www.tiktok.com/api/recommend/embed_videos/ Frame 17BE 		39 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/api/recommend/embed_videos/?aid=1284&count=24&secUid=MS4wLjABAAAAbaA6quWzLafPtVXKoGh7murOqWuwokSbyp3xZ8lRWl_Wo7h_0vShcy3cuTCTcyVR&lang=en-US&msToken=&X-Bogus=DFSzswSOCnxANxRBtFVIXBVeovZg&_signature=_02B4Z6wo00001uKks2gAAIDDbCl13j7GONripLfAAN3xd8
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-15.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
986d807bfd4900dd5a73c05631fe8b070f30ffa01c05497b3719abeb28dd1f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/embed/v2/7294581993583496456?lang=en-US&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
2822273.7c33304e
date
Wed, 08 Nov 2023 00:11:41 GMT
content-encoding
br
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
bd-tt-error-code
0
tt_stable
1
x-cache
TCP_MISS from a23-36-161-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time
1315,23.36.161.15
server-timing
cdn-cache; desc=MISS, edge; dur=236, origin; dur=1080, inner; dur=1062
content-length
12564
pragma
no-cache
server
TLB
x-tt-logid
20231108001139A55CDEDB509A5BB38848
x-cache-remote
TCP_MISS from a23-44-110-167.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
1080,23.44.110.167
x-tt-trace-host
01bd308f099a64fbde4400b9f941e6319358c41773b53f82fa9cfa46724b8e0252cc9d780b35982b6a5daa5e916a51204d67b2a8f9283e62e7a6d020b9e56f3f288fa8ce4b8232244052b339b4137b941be88cf984c1811211c114a9bb6364594ffc2561200033e8d40c83bd142a8d54e5
expires
Wed, 08 Nov 2023 00:11:41 GMT
img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 17BE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1487bfed1f532d8cff7ec61ac6bb53dc91e8745905444ba4fdb237eb19071cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2eaa
date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
UGM/1pfjpUx2xCwqA6qz6g==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
569
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:qfFS3BiMaLkDSsbIDtXPsB_HQOnikI3SfHEi22TI1fgXlEHcAZVJJqwp0N6mqXjY
x-api-id
native
etag
86abffbf-41cd-4560-8528-68b1d12f643c
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
image/svg+xml
version-id
a68f504c-432d-48f4-a96a-8159167c4d4b
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:40 GMT
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 17BE 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 17BE 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.0beb9a8cc31ba28fc6d9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 560C 		38 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
46025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 11:24:35 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4C2E 		162 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
03a420fcae383dfabf110e491fc02256622dc5be6d163e91d5e8c93c7afaf61d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SxXMrBgi6j7zX4UUDFGIJf-KScw8byx2y19TyQA_tszaw-IzJIq21gVAc2yK_ZDE3Z8omDRaxyFUameCRgevm1S8kihEjTRqD8Rekmj14vOmjv8NMo-e17MoPpS14m1iiG_qLJ7Qhpi3wg5tTkUc7uxxxNZm8554SqC7OaivmLyiPvi38uILSMdG-_SEmjtymhFsiu7k4GV0njlAoJkGYTpS0RW2It9EdOuUr2m4eUEXpElyWCXTUrgaYpjyMNYotG0gzg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
46666398
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C7A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:50:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 47D2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 08 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame C7A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame C7A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtHm1tfGGuDwU8uYzUdwiF9URtV47xGWb38QsqCYNHtXh1gaRb8r1YqD41KNrmKYnstcvUz_yvo2j4KhDmwxyY153VSQ
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C7A8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
140261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Nov 2024 09:13:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C7A8 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:40 GMT
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 17BE 		21 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 08 Nov 2023 00:11:40 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time
125,104.126.37.172
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS, edge; dur=107, origin; dur=18, inner; dur=3
Content-Length
21
Pragma
no-cache
Server
TLB
X-Tt-Logid
20231108001139EE3C173940A6970162F4
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
18,104.78.78.85
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193ce5e23f64308e733449e405c95d04e3e23ff6ed4de9d66fd7887007bc802b9866543b0cea105b27b772619716116d5f4b00e994dde462b56d416ae344a819efc2d60869ea1ac0e337aed1824e00b5d41b805fa7263d4520017729c442c4c23b2
Expires
0
list
mcs-va-useast2a.tiktokv.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-176.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 08 Nov 2023 00:11:40 GMT
Server
TLB
Server-Timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=90
X-Origin-Response-Time
90,104.126.37.172
X-Tt-Logid
2023110800113906C58C00DB8813FB692C
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193089dfdb2b2f448cb7e56b20c4c20a5fdb0d28142c27517bc8a864178dbad29212ddb30f6507f718bfdaaa299f0b41881b58432eb00c3d6280b57963c022601a344c236f08fca8663f726b36475d80f8c
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
batch
services.insurads.com/dfp/mapping/ Frame FDBF 		1 KB
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/detik_desktop/wolipop/parallax_detail%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:480,%22h%22:600,%22eId%22:%22main_detik_desktop_wolipop_parallax_detail_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402300021
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d836b9895cd89f5ff460c62f935de64df516af5e40d5e27468599139bb05ef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame E6B5 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FDD9 		0
0
check
rtbdemand.apiip.net/api/ 		169 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b59c12d2dd20b7609703e387cd50e78d55f18c014204d36e2453bcbbfeae3454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"a9-dljk71H+BHM2pHlZLx9oeFXeg84"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
822999983baf3737-FRA
alt-svc
h3=":443"; ma=86400
prebid-custom.js
rtbpass.andbeyond.media/ 		579 KB
581 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
via
1.1 varnish
x-amz-request-id
294XTKFFE8BZ966D
age
1004
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
592965
x-amz-id-2
CKEt/MCEqM3bT+agU57LXmwEH/F26KAm5YJR3rPf4B7/M2U64cl2rSblkGjGzN3xltK2kurwqSc=
x-served-by
cache-cph2320044-CPH
last-modified
Thu, 14 Sep 2023 12:31:36 GMT
server
AmazonS3
x-timer
S1699402300.266540,VS0,VE1
etag
"9fb8da6fcf32018d4c93d5df53a0b36d"
content-type
text/javascript
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		265 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:42:48 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 21:46:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1733
x-amz-server-side-encryption
AES256
etag
W/"952090f32d44601808d121a61e707826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
lUtda6vuToxQ77TPC5sbaPsb454c2tDvX02dHL8hTppoOWNnOfl1WQ==
pixel
cm.g.doubleclick.net/ Frame 47D2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGXFlYSnEt_6F9VFrBQFhXo&google_cver=1&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4ysRDKQg0xhC7Z
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7755536A1CD74E54B478517B392FB406&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7755536A1CD74E54B478517B392FB406&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4ysRDKQg0xhC7Z
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7755536A1CD74E54B478517B392FB406&google_push=AXcoOmSgf3oLis_y-_Go2N_Wk99esfYC_cHyDgAeJoVxVFsqQS1uOoCFwTzIiZdVx9Mg83g3PP4kSly20fQLOE4ysRDKQg0xhC7Z
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 07 Nov 2023 00:11:40 GMT
google
match.adsrvr.org/track/cmf/ Frame 47D2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMQwLzjYMaSieo4kd_9ivtQ&google_cver=1&google_push=AXcoOmRFiSues9GElW5J5sWvvqYjOIHIjmJ4ZObH8tc3fLBXcGTXekHfmyWeGZhvrwyGfFRNGSOeYn6DXwCmVnpQbMjjQXEOYzk6
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 47D2
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEABNQ3tCpp3eini06hSCZjo&google_cver=1&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4NAFSl4qa5vjPb6sI8&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4NAFSl4qa5vjPb6sI8&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ3dvELcRE7Xuixt4X4NwRJCcKkpgDOAy2cwjfbyPiB8oGJ_imPQN1bPUtXYwJD2s_p7El6c4GOfI4NAFSl4qa5vjPb6sI8&google_hm=rMFVOS3_Te6iXGLJ7ooH2Bg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 47D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMbR9wKPdQOQFbqlF8Z1PZ0&google_cver=1&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gu...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMbR9wKPdQOQFbqlF8Z1PZ0&google_cver=1&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4doj...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIxOTM1OTc4OTQwOTY0MjY0OQ&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIxOTM1OTc4OTQwOTY0MjY0OQ&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gukqkFaOQ2ormS9LR8KNIl
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIxOTM1OTc4OTQwOTY0MjY0OQ&google_push=AXcoOmRkz74-Hb4b0okq_gm3KRCIm_x5rUA1ae_nZPWOVF-RjVUZ_pXmT84mjqZ29DrTo1D4dojHj3gukqkFaOQ2ormS9LR8KNIl
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 47D2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBeGBxEVAYk0ap9x4qIT4II&google_cver=1&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joG...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjMzMjEzNzIxMzYzNTA2NjIwMg%3D%3D&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj994...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjMzMjEzNzIxMzYzNTA2NjIwMg%3D%3D&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIyNjMzMjEzNzIxMzYzNTA2NjIwMg%3D%3D&google_push=AXcoOmR1jk6aJQiqGZ493dpIxN-5VPWzrCI4jAv8fId8JBvHD3gsj9943HlqVjMaHKeZK4t1JMhmnCS6i698HyjPlCPRx991joGL
date
Wed, 08 Nov 2023 00:11:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 47D2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJB7IvY2e7dn46u9N2qOVpg&google_cver=1&google_push=AXcoOmRlH_6UZnWU60WBhajPzAqZWqV_erPhsKdQFMi24I6DWGGWfteQuB564upkdyMW0eknzNd8NPn3KFh...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRlH_6UZnWU60WBhajPzAqZWqV_erPhsKdQFMi24I6DWGGWfteQuB564upkdyMW0eknzNd8NPn3KFhrDkw9eCT4IE74_O6SDg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 47D2
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b9cc4920-d303-48fd-b033-d9f19aeae91c&google_cver=1&google_gid=CAESEOk_ZL6fBDPopuYl23Nwmck&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b9cc4920-d303-48fd-b033-d9f19aeae91c&google_cver=1&google_gid=CAESEOk_ZL6fBDPopuYl23Nwmck&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRuUv9M8b0MLKnCDGzVqhzd-Vh_kZ0HWd0G-pn7-O7DPy7eqlgNqMXjmA1gPPew476UsYmg9hGyHdAHJkWacYi93IKza3dJ&gdpr=${GDPR}
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b9cc4920-d303-48fd-b033-d9f19aeae91c&google_cver=1&google_gid=CAESEOk_ZL6fBDPopuYl23Nwmck&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRuUv9M8b0MLKnCDGzVqhzd-Vh_kZ0HWd0G-pn7-O7DPy7eqlgNqMXjmA1gPPew476UsYmg9hGyHdAHJkWacYi93IKza3dJ&gdpr=${GDPR}
date
Wed, 08 Nov 2023 00:11:40 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 47D2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFCjrOw9Ru_oAtm2L1p9ZJsU9WJ9zK0jTkydnRZVk0S8aKNQ81Tqxh9N2CSHLGk-ihwSLe5Rs
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame C7A8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0a5b32220e12740f329f34d1a351c9f76735208026f18d3e6ed8d6b35a16c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5046 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BC4QRO9JKZYyJBofnx_AP-460-A0AAAAAOAHgBAI&bg=!5-Sl5KvNAAb4oU7C2KE7ADQBe5WfOB9kCSbFFNbd_V2oiD1KIubk7oM7hsPxX1P1T4qV9ne8vJOACmdqbqTXpZTLFwgQAgAAAYJSAAAABWgBBwoAXjwFHym-qCTpQVYVGEl3umtLGnjE9Vj1Q5ssI7Qt9FSMmV4s0U4TrvBjyozVbQoXMeS5VdyhLe3sefSjuJBF_gqYl9AxhSeApTGktZ_oFq24J4YzOPJoBg3Va1Jxx6OZAw1f6m2PDF4N6wNzEZAs3yeTtgmxvqjNEQx6XvKfunOIrEwHiBqEvc1QJcikVLXRBKjjFdRfDUP_2YS46Haw95DBwpeaep5g1t_qBKoBvKhZQheMKcqTG_tmSfDi-Y3tLHO-O0rNC4YYyRpJnLHf9NXQ8hdpKoGmRTtZhWySsesZ2kMIW4Hq6B5n7u2oAgTmdxDog2rju6OGLnRNXpbf9_J7Q3eTkDfZOXjsiV0H6PYASYs98q51ccwq3UMFuEDedTVJenLE-P81JmZ4wCUp13FBEX3gwlqIjDec6_VQr_BO6eMHIThWQBaCwxU3fgtTv3JtUvOVpsp-I73lNhXrBnUbaKn6ipwowmpBic4heFT2x-pFxxiMBqhaa9-LxG2zammTKUcC6YWpGep2LYYEC70w7jBB7HHAcv39Dhi8jgvUTIdaXE5SJRu8FqOXUpTccjdfMXEeoGiNZ66CdD3Fu8xhmt-8J5zwPMbZHxLjchA-TYQ7GY3zIW_VpH1N_2ITfHN30KSWotzUwG7azRUqG5mPvLEzfteDSffoiasXifj1FxSj7LrJrbhoX1jK-QGnXjWdyGQ8b3S7l0FtdqFAahlbbnITjoGojoRUI8MIY2Y80VSL-FaJ_28tj_agpIoAEo9xxuQYKbvYcrYqYUK8FBYYT5Zfs4BM3PcEMtKTEsPCqlIJE176kJ-9sjW5hmt3bai5FjNXgM-RK3zT3o2S2b1fdmGkjT2RQSGVG5_0ad6WsK2oymt47Tp8wg7EiqaxXNAFHCe6g2nciA1DDgQECJBmHCATdMuwcSxJT3o9acmUKFxAEzpPFZjLMp3xblvmrCOdTbgpz5GKPlbXrmyQmhRp2ObXqlpjiUdMS2JqooWvn59amwm95HKd2Hyf00r3RB-j57YUt7coM1KRoKIay9Jg-JIZ6wtExISmz3Vm_Z2BmlB77ptxSpk1LgW6vL8719jJ1dmqKB2MnMlroAiJwTEnoPxx_mBXODIt3xFV3qw4b2Ik2IPRxLiSCPbwv2EbX9hVzwR48fAISI5ic_PV
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE35 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcJLZO9JKZcL6BqXhx_APpMS60AkAAAAAOAHgBAI&bg=!QkGlQQ7NAAb4oU7C2KE7ADQBe5WfOMC3ahXnktUgafUKa-2faussKs88YI7mADz-gxE96-vkazzwZnOj0zrN-kDUjNFDAgAAAXBSAAAABWgBB5kC_XkPd4kL7O97ew4p4FOMxbkjoxQX0rIXG3n5-0CHjrggvdK-AR2iJEahaGqhH0i5JaqwheNY2tdwNE8i2fRvnsIGHvmo8kg1Ux_nJZBIvU8FSGyWhxS3NBgbnGoEYFuN2nr07yJZUSaVPR58ucOgB_eIGPlJcVzxa1L6CmEbGuGqWD-2YKcJwFut-EvGq3y_W-CeVL2Nz9b30ECBysi852n_wnVqH53m2bojzBF6efWbBzzXcmqLcyLEltWPT3_pyuFMcjLJEo9K1QnZ8sVDbNDQeKNK9vMR_pDjJj0oe8PtLoBXHcVsmomA_Fu_hxaq9o4_I3NsKw4qFsKh-tOE7FVbuLWqMenWEp_zNdPmwAGCr7V95fi3wNKztrM52mC3st9BzJ0UfzvYGw1R0xdWVQtUNivakqUufua4_r-rTFZe6ZPbZnOr2AnueGsTSEOWYkS-uerpXiNlSp32BMqEdfUbYGOsWwuzNSYb7LJ9FoPyyUJeKLlaAxDwEHqcAPZJNnD1IvDup6bu1Xc8fNLnffihHu9kDh4KuRHjbcdzuZ5VX6eQDTalzSHivcE4bSZi1bOOdkY_CVPX7Abhy27BCwpjVbgPkvy9vttI1cdXTkweNiPUDKrjVo-ZEDSMI1t3wLFACJW0V7KDmH_8QIr1uO1a4_qy-tYdvoHMNe_lXtn4AR64tng9Ti3Vl6v6PRzkzRFXfXSZsaKtyoMuPGt3oHIwF_SB_EidagD9DtNlq4Hmls4NCpE1TNyrms3BNzNA6lnbG4HKueTpdApZj1NB4n-yteB5q_reXh8yXTFyX9OVq9OvqfunHXwC0-vlLHi2UGPQb3UEraqMnjDSwUXUC7w0B6O-Kku2Ni49jbL41OShhcSmCib67a3_9XmSeRMDPvFUF5h51iyppaSqHCfP3_pje1OrDq64-gPZ2G6vmfCSjzvvFLuNSIXPOB4r1lF7z3OV0II7kOoMAX_r5kfkFl3dg5Gd5Cl1I87p9CGHXpDgbeHVH9j7hZ-1VnfWrw
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C7A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvS-2OdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEmgNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg5iTJRP5A0uVlPUWv1MM5FbiP9cNesVSJzZNgUPvap13QIwQPVQ6eAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0wNDI4NTE2MTY0MjI1MTcyGODPEQ&sigh=cJbPrZ5VIv4&uach_m=[UACH]&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&cbvp=2&vis=1
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C7A8 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k9nGErr5ROAD2ASdg2ICAgAAAApzKoTG88ZIG8_bHqcQwXwQONJKZR--A33iIjuYuO0AABIAAAoKQVFVRER3RUJEdw&wp=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&cbvp=2
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
127468
server
Kestrel
content-length
0
webmssdk_ex.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/ Frame 17BE 		409 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Requested by
Host: sf16-secsdk.ttwstatic.com
URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d2fc9
date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
JOY5i10QgUHN/Pm1oN7JQg==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time
13,23.33.32.244
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
132588
last-modified
Fri, 16 Jun 2023 05:21:54 GMT
opc-request-id
iad-1:4v8yN94Krvu21A_UsHSXUfiyYBd8Zqh_suW2OY39t5Tqt7S-zCMA7ZikOf0oQFRj
x-api-id
native
etag
e40a7621-2775-455f-b406-bb1cc47ba38c
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
95f3a350-ab1d-468d-b639-5b320546947c
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:40 GMT
graphql
apicomment.detik.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newcomment.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://newcomment.detik.com
access-control-max-age
86400
content-encoding
gzip
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 00:11:40 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
server
comment1
set_cookie_flag
HttpOnly Secure SameSite=None
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-xss-protection
"1; mode=block"
graphql
apicomment.detik.com/ Frame 10C6 		87 B
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apicomment.detik.com/graphql
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
d2338531fe975287b3799b97ebb0fdde831cf2706af648efcf6edff1461a3e64
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Accept
application/json
Referer
https://newcomment.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
"1; mode=block"
referrer-policy
strict-origin-when-cross-origin
server
comment1
vary
Cookie, Origin
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://newcomment.detik.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-max-age
1728000
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
default.png
connect.detik.com/assets/images/ Frame 10C6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.detik.com/assets/images/default.png
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
327876e6dc85bc451f302f0034dfb6ec90b4e2af215b313c1a855ab5bd14e94b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
via
cache15.l2sg2[15,0], ens-cache5.de5[170,0]
x-content-type-options
nosniff
last-modified
Mon, 13 Mar 2023 09:03:57 GMT
server
Tengine
etag
"640ee6fd-250e"
serverloc
dc-01
content-type
image/png
accept-ranges
bytes
timing-allow-origin
*
content-length
9486
x-cached
HIT
eagleid
a3b55c9916994023002723568e
7d95d9ce4fb4b2c91082e2591e34d6b5.jpeg
images.detik.com/community/media/detikconnect/document/2022/5/29/ Frame 10C6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/document/2022/5/29/7d95d9ce4fb4b2c91082e2591e34d6b5.jpeg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
e25fce41907af3e09bbbd455b405fa9e8b0880650f539502b3e7ea6e03563390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
middle-cache
HIT
content-encoding
gzip
iresizer
ir-st11
server
st9
etag
W/"ca12c1d12e844aa1652088bab32c31c2de9f8216"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
febf5651533ddb82d43fad5c6a6cf2cd.jpeg
images.detik.com/community/media/detikconnect/document/2022/5/14/ Frame 10C6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.detik.com/community/media/detikconnect/document/2022/5/14/febf5651533ddb82d43fad5c6a6cf2cd.jpeg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
e25fce41907af3e09bbbd455b405fa9e8b0880650f539502b3e7ea6e03563390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
middle-cache
HIT
content-encoding
gzip
iresizer
ir-st9
server
st9
etag
W/"ca12c1d12e844aa1652088bab32c31c2de9f8216"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*, *
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
asyncspc.php
newrevive.detik.com/delivery/ Frame 10C6 		554 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncspc.php?zones=394&prefix=revive-0-&loc=https%3A%2F%2Fnewcomment.detik.com%2Fstatic%2Findex.htm%3Fv%3D1.27%26version%3Dlatest%26uid%3D2b05b4c2d6%26logLevel%3Derror%26xcomponent%3D1&referer=https%3A%2F%2Fwolipop.detik.com%2F
Requested by
Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
f5aa68d1d8d572508048788d657a0fd586976155a283f0bdd0ea5f2f67266537
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
revive12
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://newcomment.detik.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
expires
0
komentar1.woff
cdn.detik.net.id/libs/font-newcomment/ Frame 10C6 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/libs/font-newcomment/komentar1.woff
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
caaebdf9674bb63031880c354edbc7f4187e2e718ed7ec0f2aeec31861e4b6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://newcomment.detik.com/
Origin
https://newcomment.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 04 Mar 2020 10:11:15 GMT
server
st8
etag
"5e5f7ec3-978"
cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2424
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4C2E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4C2E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4C2E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 02 Nov 2024 00:11:40 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4C2E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 02 Nov 2024 00:11:40 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4C2E 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0IFFzWOzsLq0bPNE_9Q1_caUjsxJB-d9Kp4fVL6-iosUcGxKsr5n_w7PXEAQ7yzVy_F2Sg-ZUg5hednpnUK_eEhchyG7lmInxiUj7PoBdKPtXSqtOpVIkRclMy8D9Nthy-JuIcGAoIa_dXnhcmZ3zSD8zCZv_sRVyzdDBzuaNU6kYwHQaC4DNx1GN_s26EBBHX3lmzqLIaDHvI8dV0XHyMv8yrodLZDIV_9KGVFYxnQw5NOJsQS_snAimTZO52u49VC-vXQPV5GjU3W6bW00Ue5jnzRqD6-jNbCzMK_Naua6aXobb8ce52ID5Kth-r9FsGJ8Vr6a59mhk0sfRakL1OLKVYm_mNJeqtwSoBmzdvPVEkLwx-rURkFt_bSsuqhsHfyaJw5_wl_lo22MAyQIxSP4cRVJFSXAjVxP9KJTqEfn_JJh
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2892442
expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2414 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjR1ureFZ2UlJTuYP4x9OL55sOAhu-BlxXlykbVGld971hPlmTiIfudAoGOtlg6R7l4b0D79gHrozEpNjPxscL02CGu90n4kjAwt_m7iG10OGiKcTIr2Vd7g8s88tn-Jui50BTd6gU_wVS&sai=AMfl-YQumMZtpFYwYkMR4H44_mz1IdGakpC7Eo4WhV-G7avrl8NzEZ0gOfYRdPgT-qZEe4iYPXT4a-cwmTl-plG8ZUqdu576txvfG36F3LDnbvwcIwQMn6C3AjkMayQ&sig=Cg0ArKJSzPI49M3KhmVkEAE&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&id=ampim&o=1045,671&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1008&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&tfs=698&tls=1706&g=88.16666603088379&h=88.16666603088379&tt=1706&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 51E3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4Z8R4PZFNajlfXwSJtNMBly7hYa8vErbFxhKGpt0V-HP8LIBgmqJkWPw7KNE8mGwRkTfwht_sQV4pDGrm66YZjR7wxIxrB8RVtGmJB05pXViygE6rdVRMb5493Wpn9mDJdGstrmvVekYh&sai=AMfl-YRRbhKWqKl_QXVbKXyqa-AN0hfMW20DTZm7lQVXv639_Ju4VAEPzkyenBXtrLc0Cr7KXBi39S6PMyA5-D2ZKyXlWj2ztshB_5QMRtB-GkGhUhXmFVlIZqS2uC4&sig=Cg0ArKJSzDrihE6flrnREAE&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&id=ampim&o=865,893&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1008&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&tfs=689&tls=1697&g=51.16666555404663&h=51.16666555404663&tt=1697&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4C2E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3459604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGP0HHWHPVRXPeGaKyLZGZtI7ZZ%2FSaWip9tbFG21DwtkyKUloRP5nsxc49zOh2%2FSXGwn%2FKYT%2Bu2NIEA%2FPuXT9kqMwNsE%2BrpijBjUI1XK6PELt6FaSlP85I%2FClEM1ISohwG5Uusn%2B46Ew9obm7A65nFPW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8229999959a59128-FRA
expires
Mon, 28 Oct 2024 00:11:40 GMT
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:20:07 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3093
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
3jw7I9SguR9Y5zo0nIaC3O9apVfPQ4DL7RBkZirAVztiXf4m6mwU8A==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwolipop.detik.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:57:44 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
15235
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
sLoqMX2XglJY1M8Bom_hH1e3yAELBj22_2TlaWUoGT9Wh1QOW0j6JQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
date
Tue, 07 Nov 2023 04:56:16 GMT
x-amz-cf-pop
FRA2-C1
age
69325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
F8gifkU0laBT5FV2YmcbaPfKRLUdKUWovCYeDWq0ObT_gqnws-qcog==
animejs.js
static.criteo.net/animejs/ Frame 4C2E 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=956&rid=4&s=TWGiRgnEOasuyUxaFyGhq7O9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
814
expires
Wed, 02 Oct 2024 01:16:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1519820112_VS&v=3&w=800&rid=4&s=bQDBR2DBTWSl2K2OZGuFpf5f&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
114c5302ceb26a46f85a9005ddf67fb528675bd68f2a68e6c8d6c17e984500ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
83016
expires
Wed, 08 Nov 2023 00:41:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1553310111_1&v=3&w=800&rid=4&s=OPjWR_AtNW-Yu5mW5dwk5BSi&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
35d5137258365a4a68ed46ad9427e900c91000d30213feac8ad8573fce7c5079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
137522
expires
Wed, 08 Nov 2023 00:37:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F155142-01&v=3&w=800&rid=4&s=EjUG66PhR7DPkkRQx9b27DoG&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69f3a028811691af318463d3ee24db6106a24f5935dc47263f0c389a53bf39cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
48682
expires
Wed, 08 Nov 2023 00:14:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1515030120_Motivseite&v=3&w=800&rid=4&s=Wl9BcxJfDPMi1hHwsszkJlv5&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94779c136ceadbf6d18802b64103c3a7c445dbef82bee58ad3549f77ea715483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
88166
expires
Wed, 08 Nov 2023 00:21:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1551780117_VS&v=3&w=800&rid=4&s=Vro2cTiF2GoqwAsyAHP923Z2&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eee0564fdf87f35bf1809c756013d091c82de4519287598cf7cf82548c88457c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
66986
expires
Wed, 08 Nov 2023 00:41:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4C2E 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1537850109_Bud%2520Spencer%25205-Euro-Schein%2520VS&v=3&w=800&rid=4&s=cY0OZ8Ted_b_DF9Y9DSP6qAS&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d4c82d9e4d57b7de1576f87e32fe01108b6c10629f88b4f11c575a3c80db7cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
timing-allow-origin
*
content-length
102078
expires
Wed, 08 Nov 2023 00:37:34 GMT
all
csm.eu.criteo.net/ Frame 4C2E 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SxXMrBgi6j7zX4UUDFGIJf-KScw8byx2y19TyQA_tszaw-IzJIq21gVAc2yK_ZDE3Z8omDRaxyFUameCRgevm1S8kihEjTRqD8Rekmj14vOmjv8NMo-e17MoPpS14m1iiG_qLJ7Qhpi3wg5tTkUc7uxxxNZm8554SqC7OaivmLyiPvi38uILSMdG-_SEmjtymhFsiu7k4GV0njlAoJkGYTpS0RW2It9EdOuUr2m4eUEXpElyWCXTUrgaYpjyMNYotG0gzg&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:39 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4C2E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4C2E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
wanita-ini-renovasi-rumah-kontrakan-tiga-petak-jadi-aesthetic-dan-rapi-6.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/05/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/05/wanita-ini-renovasi-rumah-kontrakan-tiga-petak-jadi-aesthetic-dan-rapi-6.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
de5f9796f69ffbe3f54ae0e2dce2e218d2e5d5aea896dc43b75a4bfeeba1e5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st8
server
st9
etag
W/"ac290eb23348b5d4ea90049194428d25dd0f99f4"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
bastian-steel-dan-el-rumi_43.png
akcdn.detik.net.id/community/media/visual/2023/11/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/06/bastian-steel-dan-el-rumi_43.png?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
421d8abf49ef001726fab1455d93087f10547176b0eb90c32efeedfc7bff4f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st3
server
st9
etag
W/"733a26a4a7287c098a551fcb8221fb3c4eaa5d50"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
liga-champions-4_43.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/08/liga-champions-4_43.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
c2bcc7946328604b98d6ac3a841680dc2826efb646ca41f39e6b3bdf751c12e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st13
server
st9
etag
W/"aeedbe5696b3b0c98b36662c3f0d9d9dfca21b85"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
raisa-dan-hamish-daud-2_43.png
akcdn.detik.net.id/community/media/visual/2023/10/09/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/10/09/raisa-dan-hamish-daud-2_43.png?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
443226297c50ec60437cec4a034055a6f50b01a968979113c14cc0e459265ce2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
MISS
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st13
server
st9
etag
W/"6ed2ab63acc86dd39609d4eea971e6c35b5d075e"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
perekat-nusantara-dan-tpdi-dok-istimewa_43.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/08/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/08/perekat-nusantara-dan-tpdi-dok-istimewa_43.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
db84e19cd68938449edf6116b8e0ab34402121148fce66bedb76d20449004592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st1
server
st9
etag
W/"db368c04595d3a5a5c58e75d191ad9391de4b483"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
turun-berat-badan-makan-nasi_43.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/07/turun-berat-badan-makan-nasi_43.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
2f7145a03e0ef52e245eed721111dbc86659db80e8d808f53bc084af19755527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st14
server
st9
etag
W/"c908a22b640d77657046d56ec3a6e505157cc867"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
keluarga-kabur-1.webp
akcdn.detik.net.id/community/media/visual/2023/11/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/06/keluarga-kabur-1.webp?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
bedfa3d15259d08a70052140123bf5aea4596d71b918c6abbbde3545fb48460e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st11
server
st9
etag
"120027a7046942ec92703ef69e0b9e60b4138bad"
cache-status
HIT
content-type
image/webp; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
16046
expires
Thu, 31 Dec 2037 23:55:55 GMT
jenazah-mahasiswi-fkh-unair-yang-ditemukan-tewas-dalam-mobil-di-apartemen-sidoarjo-disemayamkan-di-kediri-3_43.jpeg
akcdn.detik.net.id/community/media/visual/2023/11/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://akcdn.detik.net.id/community/media/visual/2023/11/06/jenazah-mahasiswi-fkh-unair-yang-ditemukan-tewas-dalam-mobil-di-apartemen-sidoarjo-disemayamkan-di-kediri-3_43.jpeg?w=300&q=90
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.102 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-102-242.190.203.detik.com
Software
st9 /
Resource Hash
236efd1b5d4b4758ab0fa79cc1988ca94ac929542a7889d2353bccaf11e76032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
middle-cache
HIT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
iresizer
ir-st9
server
st9
etag
W/"81a889e51efe0584c72f6fbc10258905f05ac534"
cache-status
HIT
vary
Accept-Encoding
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
1768
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 08 Nov 2023 00:26:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:02:22 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
79763
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-lX3Kc8q0rEciaUYXlSn01ei-_v1O3be-hXUalhVp6D9YilEJwULwg==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ref=&_it=amazon&partner_id=632
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907Z07N0H4YQRTZE
age
1634
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8229999a6f9e1917-FRA
x-amz-id-2
FTX4uTVOoCJnlfZvtg3cS2GHfBFAI/wkwGXMvvfwDzP+hX8bS7Tqr3U+IhvV3h140Zc4iKtAHTg=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 06 Nov 2023 12:11:14 GMT
server
cloudflare
x-amz-request-id
9QPF05AJ1J8A4JJX
age
1781
etag
W/"6ce75de2ac970b38b3610ecd0ccc9b5c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
822999999ac46919-FRA
x-amz-id-2
6kIHbP6TNXEqKyPAxjcjtyU9QOmLb7DbGVgiUrpP/33USNpoeImMbzM/kaRvY9WBYoOrXBdrkv8=
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.tiktok.com
access-control-max-age
600
access-control-request-method
POST,GET,OPTIONS
bd-request-id
8b93e0331702ecb9441ed4a56e96d2a2
cache-control
public, max-age=600
content-encoding
br
content-type
application/json; charset=utf-8
date
Wed, 08 Nov 2023 00:11:40 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=1, origin;dur=108, edge;dur=1
strict-transport-security
max-age=31536000;includeSubDomains
upstream-caught
1699402300516851
vary
Origin, Accept-Encoding
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
2023110800113961605F6C764A575F6009
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aedbb19af8d06516616fd1732209f5627eaffe771d20bf4a72f81d4e60186184f6f63773bf405ed5895598194d1fcc59c015d4d476dd7516ac9390a4203116d9dd
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 17BE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
ab0ad32556e156ba545d591d0ad7f8a9ffea8022ec79d14e04350ff3e3804f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
access-control-request-method
POST,GET,OPTIONS
content-encoding
br
strict-transport-security
max-age=31536000;includeSubDomains
upstream-caught
1699402300683674
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
server-timing
cdn-cache;desc=MISS, inner; dur=2, origin;dur=106, edge;dur=0
server
Tengine
x-tt-logid
202311080011394085E9906F67E54B1D02
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tiktok.com
cache-control
public, max-age=600
access-control-allow-credentials
true
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193485d6876e409bbde67da7604f463155701ed0be12d7693f4bb4ffb726a2ed7bae4a4a6f6869e09eb2ecef7a344d3ec9acbb1bb1716ad91cb415b22e63745cb6322fe6971ec70de2b3adf007c75179607
access-control-allow-headers
Content-Type
bd-request-id
3a55b847bf1f034e92669d34d7a3cf75
common-monitors.1.5.0.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame 17BE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d30d3
date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
lJMNanjiQY7KAJ1oFCsUBQ==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
7318
last-modified
Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id
iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id
native
etag
f69b14ef-715b-4897-9d2b-f2811c896f09
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/javascript
version-id
bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:40 GMT
truncated
/ Frame 17BE 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 4C2E 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e0-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D264 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5DpmBoggFNFo4seNx8lwoYoqW_mbfvd_p8md3r9yTjI7DOMY3LG0cz3nqO0RJmpRjkgBLNg7fXqpnNEXdk1yNJJnAKHnIRs1Rk9dzQ6iO1x2C3EZeXtylS2g__xX4dqGi8rTCwnV7NxqE&sai=AMfl-YTUhvu-25Arw7UQ4wd7miQibKsniCwXeXz3xjGZKtYXqBWwvUX4cwRpjymzJdZASlrdlABdPj1t7oQTntfCqENAHJCvTyrC9jhbhtptnX8x3kQYhsV3UKxpw2k&sig=Cg0ArKJSzCk4hBnmfGDkEAE&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&id=lidar2&mcvt=1000&p=561,436,651,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1396284258&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699402298568&rpt=846&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F737 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnx8XJBmRn8gmeXqWRkuokMYf1YqnhNvlfT9qYMejbe5ekU_9RpjXS0ySanzucrOcvvwevP6v5olHSI4sqMsiZyIHKdcVWhnF34ToYQTOB_dAjvLO2QRAOyqNmDuy3OzXB9k4A8su8BPfQ&sai=AMfl-YS01S24LsUSRRacrf0EHCrKbj99oCefCHKQZWxrHNwpz_OYKIKb0RoNUnxYXwUFu29uumVVPBdkOwhwWvEDQvQnFQcFSzbIltsYY94KxmBjZ5sPvJp9Fhwn_JU&sig=Cg0ArKJSzC2UOP_XeGFLEAE&cid=CAQSOwDICaaN31aK3LHG4is0n_GQRgS7QfA27dagxJW0jb8W78CiBQlhMd_PZc5yqrk2McIIAR8D5HYvtLbyGAE&id=lidar2&mcvt=1003&p=46,315,296,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2888458640&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699402298600&rpt=843&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.219.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-219-175.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8e552b0ed5e74c183aa3fca1a094b3fcd05889b51918d01eeb6fa7e4cc14dd5c

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache
x-server
10.45.8.172
access-control-allow-credentials
true
content-length
60
expires
0
lg.php
newrevive.detik.com/delivery/ Frame 10C6 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=394&loc=https%3A%2F%2Fnewcomment.detik.com%2Fstatic%2Findex.htm%3Fv%3D1.27%26version%3Dlatest%26uid%3D2b05b4c2d6%26logLevel%3Derror%26xcomponent%3D1&referer=https%3A%2F%2Fwolipop.detik.com%2F&cb=9a80381314
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 4C2E 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1df-32ec"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:40 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=wolipop.detik.com&url=https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8229999b3fd81c34-FRA
content-length
0
content-type
application/json
date
Wed, 08 Nov 2023 00:11:40 GMT
debug
OPTIONS block
expires
Thu, 07 Nov 2024 00:11:40 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		94 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=wolipop.detik.com&url=https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acab3e854cf29c1e86b5982f3e961ad27660684645dccc774fc2dbe0ccf0c4c

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8229999c08481c34-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame D264 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6565877293710&version=m202309260101&ct=76&x=1&cor=4109526509300251000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F737 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2427710899395&version=m202311060101&ct=76&x=1&cor=1210583404178589200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:1400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Tue, 07 Nov 2023 01:33:26 GMT
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
81496
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
9wme2P1TjvJn2MJL6dFckb9JwDbdMyFL-iZVtm1H8Xuk6cnvBY9CFg==
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473095fe5e7cbf41b3b155b3ca4c3d976a4a9a8452fa89d195c044f4b3735334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 00:10:22 GMT
server
cloudflare
age
79
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8229999d9f8a2c02-FRA
sharebox.js
newcomment.detik.com/frontend/static/src/assets/js/ Frame 10C6 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newcomment.detik.com/frontend/static/src/assets/js/sharebox.js?=v1.5
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/newcomment/build/comment-dev.app.js?v=2.28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.26 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-26-242.190.203.detik.com
Software
comment1 /
Resource Hash
195338ca4581727aa0f10469ecbf13a61357492eb7ae32a94c8a54a128a4006f
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/static/index.htm?v=1.27&version=latest&uid=2b05b4c2d6&logLevel=error&xcomponent=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.detikpublishing.com
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Nov 2021 06:19:55 GMT
server
comment1
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
W/"619f2b0b-3ce"
content-type
application/javascript
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
x-xss-protection
"1; mode=block"
o8Ee97QgQGgKDea8WQWeoi5QMn4QKIAfMEDjGF
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame 17BE 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o8Ee97QgQGgKDea8WQWeoi5QMn4QKIAfMEDjGF?x-expires=1699574400&x-signature=5CRjiPqaneYtRm8N87DM6RAM9Cg%3D
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-5.deploy.static.akamaitechnologies.com
Software
TLB / ImageX
Resource Hash
ff7df2deca5b6231f2b3ac8cacb7a7b1e6f75445c225d87d5b08a38d4c07afab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
1124c191.a44290c
date
Wed, 08 Nov 2023 00:11:41 GMT
x-check-cacheable
YES
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
nw-session-id
20231107190430F217A0D199C927ACEA86whnzq31df
x-powered-by
ImageX
x-cache
TCP_MISS from a23-54-207-5.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
5,23.54.207.5
cross-origin-resource-policy
cross-origin
akamai-mon-iucid-del
1498624
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=0, inner; dur=77
x-length
99575
x-real-cdn-host
p16-sign-useast2a.tiktokcdn.com
content-length
99575
last-modified
Tue, 07 Nov 2023 19:04:32 GMT
server
TLB
x-tt-logid
20231107190430F217A0D199C927ACEA86
x-response-date
Tue, 07 Nov 2023 19:04:32 GMT
x-cache-remote
TCP_HIT from a23-54-207-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2023-11-07T19:04:32.051260184Z 71
x-request-ip
fdbd:dccd:cdc2:1104:0:1c36::
x-origin-response-time
101,184.27.176.5
x-response-cinfo
fdbd:dccd:cdc2:1104:0:1c36::
imagex-fmt
jpeg2jpeg
x-response-cache
miss
timing-allow-origin
*
x-tt-trace-host
01896f1fc99ff09e577c7dd35c91f56ff6a5974a2b34c35c2d29ddef1074fc7d1f254f0fc78c39d06142644c4b29be88c5f5a3d73ecf7ab7e52b6aec256f0f75be4b62fbad717cc3e1aebcb917d1c1a424c7b1494f706f9bb318fd1591222ad15ea07a106499fd492080adf4e04ebdcc021e3e2d7f0f5d4f98a5ce4f0e8647a498
cache-control
max-age=31517494
img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame 17BE 		576 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-6.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tiktok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
c6d3558
date
Wed, 08 Nov 2023 00:11:41 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
rRXocezHr63yRiTR9WgdpQ==
x-cache
TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0
storage-tier
Standard
content-length
353
last-modified
Fri, 18 Aug 2023 09:06:04 GMT
opc-request-id
iad-1:hG93TwtaH4m4PWElS0GTMtVFWTA53ebm-oJRC450g3XMIeMKGjPQe3DMe9d_iz31
x-api-id
native
etag
b6f7cf67-6854-4be3-86b7-2da90c3e42ed
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
image/svg+xml
version-id
65ee749f-be13-4277-bc32-b277deece9ae
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:11:41 GMT
TikTokFont-Bold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame 17BE 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Bold.woff2?_default_font=1&v=2
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-12.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
23f5f04b
date
Wed, 08 Nov 2023 00:11:41 GMT
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
XlPtJQhqqg0zNxAbdBRmrg==
x-cache
TCP_MEM_HIT from a23-54-206-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
58172
x-tos-request-id
f77d9655ef4892626455ef48-af54d05
x-tos-response-time
Sat, 06 May 2023 06:10:16 GMT
last-modified
Fri, 05 May 2023 11:48:04 GMT
server
nginx
x-tt-logid
202305060610158FB20C99481ECB6ACC6E
etag
"CMGqjOWN3v4CEAE="
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=871944
access-control-allow-credentials
false
x-tt-trace-host
018d69c6fd68364d7aa8df878b86598f5ee0770a39dd07c2cc923ae9bd8d770aaa035d77c15638749b7465e43a50ea20a6633bd141fa6c3d6df951cb80c2b2bc5d6977839dbb56e95f3bef3dd4ab229792546878bf764889c8ab0c26c96ad73e4b00e6038ba9f8212cd92ace2629fda740b7552e02cc9bd3c926c3aa3c34f8d7b46f4c113f91d9d5323463819feb84e64a
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
/
v19-web-newkey.tiktokcdn.com/8dca9fab3de33cfb0d8c558151c7e3d8/654b26d0/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/osRBeiD6Q1AfcwNvUlLNATP0INIEEMEkBBIPiQ/ Frame 17BE 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v19-web-newkey.tiktokcdn.com/8dca9fab3de33cfb0d8c558151c7e3d8/654b26d0/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/osRBeiD6Q1AfcwNvUlLNATP0INIEEMEkBBIPiQ/?a=1988&ch=0&cr=3&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C3&cv=1&br=3852&bt=1926&bti=NDU3ZjAwOg%3D%3D&cs=0&ds=3&ft=ApKJEBeUq8ZmoWpxvQ_vjM3ELAhLrus&mime_type=video_mp4&qs=0&rc=OTtnOmc7M2lmaGgzNDZnOkBpamlqd2o5cjM0bjMzZjczM0BhMmMyMzYxNS8xXjIzM18zYSM2NWBrMmRjcm5gLS1kMWNzcw%3D%3D&l=20231108001139A55CDEDB509A5BB38848&btag=e00088000
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.tiktok.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 08 Nov 2023 00:11:41 GMT
via
n106-203-029, 1.1 varnish, 1.1 varnish
x-tt-trace-tag
id=19;cdn-cache=hit;type=static
Age
12283
X-Cache
MISS, HIT
X-Bdcdn-Cache-Status
TCP_MISS
Content-Range
bytes 0-12803536/12803537
Connection
keep-alive
server-timing
inner; dur=123, cdn-cache;desc=hit, edge;dur=1
Content-Length
12803537
X-Served-By
cache-iad-kiad7000048-IAD, cache-fra-eddf8230104-FRA
X-Storagegw-Request-Id
20231107204657D57FBB6C3D1F2F0C0C4E
Last-Modified
Sat, 21 Oct 2023 19:06:54 GMT
X-TT-LOGID
20231107204657D57FBB6C3D1F2F0C0C4E
X-Timer
S1699402301.379837,VS0,VE1
Etag
"887b92df39840158d9e7c380a65ab47f"
content-type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Tue, 07 Nov 2023 20:46:58 GMT
Cache-Control
max-age=2592000
x-request-ip
fdbd:dccd:cdc2:1175:0:3f5::
x-response-cinfo
fdbd:dccd:cdc2:1175:0:3f5::
x-tt-trace-host
01f3a13c438c984d0728fcb339bc606b54d8528bf7b0220fcb858f922147f976981e587a909caea6619474bd9626be43c70fee245d8462f7b6fc47ddfb8632d43693951a3d12fcaf274c2912673fe8c25d2193d1887b6d479a841ab47895f0f28b88a4df053db2d65d8e8783585d3364a6
Accept-Ranges
bytes
x-response-cache
edge_hit
X-Cache-Hits
0, 0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f470420074a5b423399d0f9e0eaf640ea79e7ff8daa2a4c1473cf8c201d69d3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
bd-request-id
c21d7589474a517726ad90c746d4a79a
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:41 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=106, edge;dur=1
strict-transport-security
max-age=31536000;includeSubDomains
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
20231108001140D1FA883F68C77551945A
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5ae7871d23477c0af6ebfce2619f907fe59558175d32bdbbe3f71d32772a8ca540749bdde2aa942348f210509302e75f825ad6fbe57cf712e4529cf72e5f47d1a1a
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 17BE 		0
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=108, edge;dur=55
server
Tengine
x-tt-logid
20231108001140EC17B5B03C7294525E20
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aeaf6360c9ac3b8fea15b261202a6904cdbbb40a4d8b67702706496f344e8eb40deeca3a91af4dcd3a00b019536613f8a46a82d09a4d622cc0593c7d7360433c20
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id
9c8fc27ae890f25b35d21974dab1668b
sdk.js
connect.facebook.net/en_US/ Frame 10C6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: newcomment.detik.com
URL: https://newcomment.detik.com/frontend/static/src/assets/js/sharebox.js?=v1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a3020c31277f67b631dfd856fb9fe71f8cc108efafd87030e6d6ef18b0b10c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newcomment.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Nov 2023 00:11:41 GMT
content-md5
Av7rEv2afnipyg/U8ckegQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
vvB5dOiVYhvUM+dIXwC6AYNSfwOU8hAqRnbBNfeeYEX4318XeaQ3NpZpd+3C0k6bN7tU3rW4/2KD1GTnDfICKg==
x-fb-content-md5
bcfd75e7cc146b90d349bca4f4aebe17
cross-origin-opener-policy
same-origin-allow-popups
etag
"a4cb4bdfcdfbbe04648c502925142a89"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:24:47 GMT
sdk.js
connect.facebook.net/en_US/ Frame 10C6 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a697d961cd950dbb37b04725e7edb8ad
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26d6aad7f9dbbf42e05e5a4adc27dfe665a3e89d7b7d2cd5c8a8706a40df6ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newcomment.detik.com/
Origin
https://newcomment.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Nov 2023 00:11:41 GMT
content-md5
rb8xELffsmMl3IsjDQWCyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88331
reporting-endpoints
x-fb-debug
so7n69JGqRF4ourYEDRixNhgpBUIjE6sKhBo+ic/+OrUv7hYyPSZKIa/bMv+gs63o0iMgdt/k3kK5r/V42yRiA==
x-fb-content-md5
57e0b98f43f84448ab853642d45310cd
cross-origin-opener-policy
same-origin-allow-popups
etag
"8144a830896bfd1643e5b9d0ff2de47b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Nov 2024 23:15:17 GMT
v2
id5-sync.com/gm/ 		251 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
69fb4538a638d612d205aea2ede0fafa430b2d03b3eaa3ff8889ea7f1365397d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
bd-request-id
0f5a4b44e7012eac97eea9af56b9080c
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:41 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=4, origin;dur=110, edge;dur=2
strict-transport-security
max-age=31536000;includeSubDomains
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
2023110800114000B6CB7BB96A93529F93
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aeb9c0db7ac4e39f73a555a4744bc91b64b0a9187c84660b02dc523d483da3b765560083fb387c766daae58703299647a5bad7811ee89cbea4bb46b1d2f27a5712
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 17BE 		0
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=109, edge;dur=0
server
Tengine
x-tt-logid
20231108001141EC17B5B03C7294525E85
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aeaf6360c9ac3b8fea15b261202a6904cdbbb40a4d8b67702706496f344e8eb40d38f9d2b8d9d7593788827d3be64bb8646de785dfdb1165ec1ca3ad646c5436c6
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id
59e8f8db8ef97e4f73b865780faf0d81
220416104
20.detik.com/embed/ Frame 805C 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.182 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
203d-cast-182-242-190-203.detik.com
Software
/
Resource Hash
4e05d3d30a2c31ee50a04b9eeaffefcbae14d8296e1f9e1c1365ca7862d96af5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

clientmobile
0
content-encoding
gzip
content-type
text/html
date
Wed, 08 Nov 2023 00:11:42 GMT
ip_int
1
s
04
strict-transport-security
max-age=31536000; includeSubDomains; always
x-content-type-options
nosniff
x-fastcgi-cache
MISS
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d29736adca3102c5b6f9c056a2d4ccdebed8bde3a59144efd675de946c1a0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12186
x-xss-protection
0
asyncspc.php
newrevive.detik.com/delivery/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newrevive.detik.com/delivery/asyncspc.php?zones=579%7C580%7C791%7C2426%7C2475%7C2851&prefix=revive-0-&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop
Requested by
Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
cc8786c6235bb210eb95e67fded05949f7b0dd661b846f6644666f1ff728df31
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
revive12
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
expires
0
pd
detik-d.openx.net/w/1.0/ Frame 9EBD 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://detik-d.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 08 Nov 2023 00:11:42 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5FC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156981
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39910
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 08 Nov 2023 00:11:42 GMT
expires
Wed, 08 Nov 2023 11:16:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CA99 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
list
mcs.tobsnssdk.com/ 		7 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82ecb7
date
Wed, 08 Nov 2023 00:11:42 GMT
upstream-caught
1699402302569180
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=160
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
2023110800114164C852EE9DA1FF0751FC
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
160,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad2c802b88328801ddf98bcefcfe45cb5d2d9ba4b7563ee147bbf1f7d7414c5e59e
expires
Wed, 08 Nov 2023 00:11:42 GMT
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://wolipop.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:42 GMT
expires
Wed, 08 Nov 2023 00:11:42 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=1, origin; dur=155
upstream-caught
1699402302378891
x-akamai-request-id
df82ebaf
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
156,104.126.37.181
x-tt-logid
2023110800114164C852EE9DA1FF0751D4
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad27f34086dc60633eedb4dcf5f52944482173b25422001186b040e33a8153c7780
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Nov 2023 00:11:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1351 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 21:04:38 GMT
expires
Wed, 06 Nov 2024 21:04:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E5B0 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8546e6cf37b40050d6cc38a67a03ea69e7236ba58e0cc257bfcf2271fa0e7421
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dym6LUY3hKsbkv66uoGzbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dym6LUY3hKsbkv66uoGzbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:42 GMT
expires
Wed, 08 Nov 2023 00:11:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all
csm.eu.criteo.net/ Frame 4C2E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SxXMrBgi6j7zX4UUDFGIJf-KScw8byx2y19TyQA_tszaw-IzJIq21gVAc2yK_ZDE3Z8omDRaxyFUameCRgevm1S8kihEjTRqD8Rekmj14vOmjv8NMo-e17MoPpS14m1iiG_qLJ7Qhpi3wg5tTkUc7uxxxNZm8554SqC7OaivmLyiPvi38uILSMdG-_SEmjtymhFsiu7k4GV0njlAoJkGYTpS0RW2It9EdOuUr2m4eUEXpElyWCXTUrgaYpjyMNYotG0gzg&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/11530.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.246.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-246-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:42 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.246.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-246-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 08 Nov 2023 00:11:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usync.js
eus.rubiconproject.com/ Frame CA99 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 11:31:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40775
Connection
keep-alive
Content-Length
13280
Expires
Wed, 08 Nov 2023 11:31:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D5FC 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49350490&p=156981&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156981
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:41 GMT
content-length
0
report
mssdk-va.tiktok.com/web/ Frame 17BE 		44 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswVOQDVsPqiWtFVI6-Veovge
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID
df82ed8c
Date
Wed, 08 Nov 2023 00:11:42 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
Server-Timing
inner; dur=66, cdn-cache; desc=MISS, edge; dur=0, origin; dur=153
Connection
keep-alive
Content-Length
44
X-Ms-Token
REjkmAujN6vZUsjlBPzblk0XulGFBqU2OiZZUd-pw3Hej8PPHNrtOT87JSvKhOoGU_3aIyO9arCeDi7hwf53vDAQ0kiPFtIucs07OGwz_WOjam9dwy13
Pragma
no-cache
Server
TLB
X-Tt-Logid
2023110800114182B84415A799248FFD58
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Expose-Headers
x-ms-token,x-ms-resp
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
153,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb45701784df9c5a229c2d75d92e712b96eed617de8d83de7a7cf861e034901b54eb274137dfac5a5a260077b05cb73a09e6ee9b5d76ea37848e8a7ad97e2d7f3a100720
Access-Control-Allow-Headers
x-mssdk-info,x-ms-req
Expires
Wed, 08 Nov 2023 00:11:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E5B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=3456649221265976&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6880533263535234
Requested by
Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57f76f718fac37f031fd95f8a54e4373c64d3f7994a57fedb8db8f7779ce9d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52354
x-xss-protection
0
server
cafe
etag
5931258138742025771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:42 GMT
82fce9d92074a3ff0920c68c29ce0d2b.jpg
newrevive.detik.com/images/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/images/82fce9d92074a3ff0920c68c29ce0d2b.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
81b007266c8de9f786ea330dbd26fd1e462ebbad9c946dc2287e084336f6bac8
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
cross-origin-resource-policy
cross-origin
content-length
88187
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 04 Nov 2023 09:09:48 GMT
server
revive12
etag
"65460a5c-1587b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
accept-ranges
bytes
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=215718&campaignid=96581&zoneid=579&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=797f8e19c8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
64334fe9cc0a07b73b01fbdb80a51279.jpg
newrevive.detik.com/images/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/images/64334fe9cc0a07b73b01fbdb80a51279.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
acd0ce7abc9950cd09c751bbb2eba30f4dc018e941ef26e800570dcb11111b3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
cross-origin-resource-policy
cross-origin
content-length
87931
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 04 Nov 2023 09:11:05 GMT
server
revive12
etag
"65460aa9-1577b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
accept-ranges
bytes
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=215719&campaignid=96581&zoneid=580&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=501d03485e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=791&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=7a0dae4339
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2426&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=54c431c51e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2475&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=5d1b42fc85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
lg.php
newrevive.detik.com/delivery/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newrevive.detik.com/delivery/lg.php?bannerid=208437&campaignid=1323&zoneid=2851&loc=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&cb=fdafc0c451
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.190.242.244 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-244-242.190.203.detik.com
Software
revive12 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security "max-age=31536000; includeSubdomains" preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
"max-age=31536000; includeSubdomains" preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies
master-only
p3p
CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy
cross-origin
x-cached
MISS
referrer-policy
strict-origin-when-cross-origin
server
revive12
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/gif
access-control-allow-credentials
true
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag
HttpOnly Secure SameSite=None
access-control-allow-headers
Origin,Content-Type,Accept,Authorization
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 1351 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
46027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 11:24:35 GMT
khaos.json
token.rubiconproject.com/ Frame CA99 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6880533263535234&plah=wolipop.detik.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6880533263535234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aec49acce60073ad6f03b5bfd880cb0513e184d323b8e31fee25452853b7154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138480
x-xss-protection
0
server
cafe
etag
13597882334380140006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:42 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 2A11 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6880533263535234
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18031
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:11:11 GMT
etag
16674218716276178799
expires
Tue, 21 Nov 2023 19:11:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 1351 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9b3F0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie.js
partner.googleadservices.com/gampad/ 		213 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wolipop.detik.com&callback=_gfp_s_&client=ca-pub-6880533263535234&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6880533263535234&plah=wolipop.detik.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea692ef0ac3eef0437032558dcfa742b7274f8435a2295f4709f39d141f1b548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C2C5 		12 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&adk=1812271804&adf=3025194257&lmt=1699402302&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302613&bpp=4&bdt=7523&idt=128&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&nras=1&correlator=3585676985899&frm=20&pv=2&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&fsb=1&dtd=148
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6880533263535234&plah=wolipop.detik.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f3379d92e8eae5605c0ca1a060df87c8a4f212d1bcd54dd935fa509e2e9ca4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
1073
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 02F7 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6880533263535234&plah=wolipop.detik.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3bf28dc13bc39498ba484850d179eb8ca4de72fcbfa0cdebc834149cf1e6dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16518
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:43 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skin.css
awscdn.detik.net.id/flowplayer/ Frame 805C 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/flowplayer/skin.css?ssc
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
4871a0b9c15975aadd71635853aa642aee7d193f32232838447cab31592eebcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2018 03:39:16 GMT
server
st8
content-encoding
gzip
etag
W/"5a8f8ce4-9bf7"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.11.2.min.js
awscdn.detik.net.id/flowplayer/ Frame 805C 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Fri, 24 Mar 2017 03:58:50 GMT
server
st8
content-encoding
gzip
etag
W/"58d4997a-176bb"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikVideo.core.js
awscdn.detik.net.id/detikVideo/ Frame 805C 		461 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/detikVideo/detikVideo.core.js?v=2023110807
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
2c4421942ce4cd0a9187b7356b30adf0bb8465e4ff7cbd660cbb3bf4f17f7cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-734d9"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=3456649221265976&bg=!cnGlcT7NAAb4oU7C2KE7ADQBe5WfOCVbcOOOGh5m7iJjljdJnAd3EDNhsK0pmWIPtRBeigyOOth7DjcHhio3UCbtJKqFAgAAAGlSAAAAFWgBB5kCwl1JWmw8j-5CMldnUIzmgGQbbykObg8MBfL4XVSAyDnYeYdZfykhUSWBCgsdjaiFPTGHPs-DUFKoMeve0utiTnoEA4m6kng5B8s0meM_ytNl6dcUhz-mUg1BszcHhADGuI3aYulih6W1LfdgdRa1_qdaRuqyzn6R66L4zU4OJqdVUNOsXNFqueT5umFcqQuE3k23GMz4dlCqfap7GksT75H-QTA3BcXMSVJOntb6pIiiji427zIJ0tMBRBPwTLsFlVD6XeZxQK8_nMy-hLgduLjMxQYvbMfqoKHafF1GGYpcn50g7lDULUlg1HV7oBlKHQrU9q3YB0QA3l6ILasZasBm95pQSakvXDzQd6BVAhQ-SbPXdsSPaFURXnbRnRTsygmQR7G7aXr-z-oTFj8ZB2_75x6GTp-3vWQVaSkmeLDEoTWlL3QAp00rBtPER8-ls8jOc7ncuheF3c8Ed47nBZK2VTVJvQzeyv5HOfcTo8oz3e82P4g6BZVUhEJb66X1cmJ3lm8zyRjM-o_1h-KQlThQKOtUF5PSD7D0tJl2eicXky1xcdDMU6uNrAmaqPnAFMfcQfl7CuHC7oHFwVcsz9WjfOYv5AUc43bWg6lXGgDH-ZN-YhrxZMdIdbm3wZEaVV0HfoI8GsGyIj8sU7JbCxNU7dNX0PM1AvPDqzbmQk-FRBI1zzBeC34yiH6Lo6b1sWXMNmR3sbeueGTJ23ET4IhsEVwI9cQHsww9qxbk14PuWs8ItddC4ARxVE0Pgpmq1o4RnteeOMBFYpxFiz9OO3K-POm-w2LVO1YUlCu30Oqqs50iHy8AojNMqYalk_iMl4YTKNpYxj-y11aUmgaKIR6usM8GKJe2fVrI7GPDZwSLRzWAc3cwgRpozL1FqfChYZ-v_2be65EfNmSOAjws6Pukw9WBNFrLD0h9jJ_srbkDeJU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ Frame 805C 		330 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8611730c5082eaab7506cee9df346602f4fd578e7976d2d8f623fc917ce239c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94107
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 00:11:43 GMT
videojs.v7.6.6.E.monocss.min.css
cdn.detik.net.id/detikVideo/css/ Frame 805C 		52 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/css/videojs.v7.6.6.E.monocss.min.css?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
9c85ef0f7e7c9b6b76a0ab1b1b362fe53fda1775718d769117b3e820a1cb5dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-d026"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1;mode=block
videojs-custom.css
cdn.detik.net.id/detikVideo/css/ Frame 805C 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/css/videojs-custom.css?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
8819eb4f77e1935b576b698e1bdc9c11569359f8a9b3abfb0e8cf7b561d48a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-1d16"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1;mode=block
related.20detik.css
cdn.detik.net.id/detikVideo/css/ Frame 805C 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/css/related.20detik.css?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
72f690ccd921d0ad47ae6329912cfb22b67c6aa2549b07e4f36852f614c10f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-1766"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-xss-protection
1;mode=block
videojs.v7.6.6.E.monolib.min.js
cdn.detik.net.id/detikVideo/lib/ Frame 805C 		1011 KB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/lib/videojs.v7.6.6.E.monolib.min.js?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
1fc8cd1dca1ef4504d16135445d79e6d94243c61d33b73fc4ea3df6a37f59bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:10 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dede-fcc07"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
detikVideo.portal.js
cdn.detik.net.id/detikVideo/ Frame 805C 		82 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/detikVideo.portal.js?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
7d34a47e164ee62fd8fee4fd775d37c36575b412369ade3dbe8afe1a5e20d3c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-1498a"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
detikVideo.related.20detik.js
cdn.detik.net.id/detikVideo/ Frame 805C 		29 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/detikVideo.related.20detik.js?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
ceaa77f8c2b938fc2c6fbba07283c93bb6b724453f8a08471baf9b4e9df763f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:09 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dedd-7487"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
reviveavoc.js
awscdn.detik.net.id/commerce/revive/ Frame 805C 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awscdn.detik.net.id/commerce/revive/reviveavoc.js?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
74d42335413dfbd956d8593d043ce8486ad388bd0f8693d10729ff14e12f4538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
MISS
x-content-type-options
nosniff
last-modified
Wed, 02 Nov 2022 10:03:16 GMT
server
st8
content-encoding
gzip
etag
W/"63624064-b3b0"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
video-hotspot.min.js
cdn.detik.net.id/detikVideo/ Frame 805C 		238 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/detikVideo/video-hotspot.min.js?v=2023110807
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
668d8dc313b0147da354412d4296b99d1f0356632946ecb5a511ba4c82a59be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 07:55:10 GMT
server
st8
content-encoding
gzip
etag
W/"64f6dede-3b69c"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1;mode=block
empty1x1.png
cdn.detik.net.id/detikVideo/img/ Frame 805C 		68 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.detik.net.id/detikVideo/img/empty1x1.png
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 12 Aug 2020 06:38:56 GMT
server
st8
etag
"5f338e80-44"
cache-status
HIT
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
68
x-xss-protection
1;mode=block
604a115c00bc4116a44ef6f7a989655a-20220416200208-0s.jpg
cdnv.detik.com/videoservice/AdminTV/2022/04/16/ Frame 805C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnv.detik.com/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a-20220416200208-0s.jpg?w=400&q=80
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-99-221-49-103.detik.com
Software
ngx_wz11 /
Resource Hash
6800c5e3e1b49d24b20b04862f60bfd58d5676a4e42ae455a391bf3d23a253f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:49 GMT
r-cache
MISS
server
ngx_wz11
etag
"a87a6ffb34041b8303136ed60540f12f5a956676"
x-cache-status
HIT
content-type
image/jpeg; charset="utf-8"
access-control-allow-origin
*
micro-cache
STALE
content-length
19630
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 02F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
12087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:50:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 02F7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 20:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 20:02:24 GMT
l
www.google.com/ads/measurement/ Frame 02F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1iYczltt7VB09515uyV305UwhpcftKK7FLU4uvBjtKUsw-ELobd1XsUF4r9ZFgccAK23gbrxBxhStrLa6AapFfTdqyw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02F7 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:43 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7AC9 		140 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7d4720c295f29a6da5d5554683e6e7ba1610ab9ae3bc9e6391e8e923fa44d114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NML51Rgi6j7zX4UU0U0_kHjP2HxnSwYicajBn7gJGYDI_rhQPjUjpkD7m-50J3ZsDsFEhQb9uq_JgFyYOz5bVsB8iCr5nuOBZ399L5VU14EeQzlgGUSrjHpGa2Mo-tXs5PAV9TZHTfsxucmqyvkVUYHpB82mEx1l2xDundHRxl-GpvrrekeZgMJGdgSO-DguyfvErJUYkeLycKhnhJuA8ExaWunlLSFrreY0QPIIQCAoJLBHzkPHGhrplAYWw31et9lSJQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
30118749
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 65E3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Wed, 08 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 02F7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea6168bc86409dcfdc6860247ac83ee82fbc7e1aff0a61ff59d2718c6ea0b868

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 65E3
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPmef1cOekqkjudYjC3aBvA&google_cver=1&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrW...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrWh6mKsazDPzj8VmGiDzio5YBz9eG6zwyXRBVQjYv_egr4idQAKVKmlxyBh0tsxyC47...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrWh6mKsazDPzj8VmGiDzio5YBz9eG6zwyXRBVQjYv_egr4idQAKVKmlxyBh0tsxyC47ZXH2OCtaIq9Hs5Si_CBAKGoJ1B3aJvxhHYg&google_hm=OllIMcYXQoJcI5BtQmX7jw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSMUVbA7Ba3ggpMeDeZ1YUZqKbvmlDMl86BefvpkJkQQxrJTG4LrWh6mKsazDPzj8VmGiDzio5YBz9eG6zwyXRBVQjYv_egr4idQAKVKmlxyBh0tsxyC47ZXH2OCtaIq9Hs5Si_CBAKGoJ1B3aJvxhHYg&google_hm=OllIMcYXQoJcI5BtQmX7jw
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 65E3 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIbPRK-qGApauvxvHsQ3fx4&google_cver=1&google_push=AXcoOmQOAgUPicbt4SeYT02IKw2JI0Or_MA7MflSVrmLEYj_mZ81zZ_AuXJ0GwmMPB8smDJ2k0ke5-gpZ5niX3GMYbNupMvGZFz1CnIUzW-HKvjE-30Pf146R_1HIp7G6caUc6HWpygS04AbyTbhNSFw7E-8MQk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 65E3 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEPJ8XK50OQfVuFCCFihePIQ&google_cver=1&google_push=AXcoOmTsn-Fp_f0-eLPQRgwOIJ2vAy581nowhc9Ph5MAtt1CNXyTa29rYawxekNg3Tv2Kbo1lz-YQ6q0ZMBkQSDkRtNkL0-wMKWdiqQSMpFRrX9jfXn8Qvwtm53Q44uJTIsV3u4j2AQv-kQdoucx4pss2Am7mw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTsn-Fp_f0-eLPQRgwOIJ2vAy581nowhc9Ph5MAtt1CNXyTa29rYawxekNg3Tv2Kbo1lz-YQ6q0ZMBkQSDkRtNkL0-wMKWdiqQSMpFRrX9jfXn8Qvwtm53Q44uJTIsV3u4j2AQv-kQdoucx4pss2Am7mw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
822999ac5c933a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 65E3 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP6fOQplLa6eNqNHs55AG0M&google_cver=1&google_push=AXcoOmSonO2GqoPD9nF8abdJGIWrHNAahdSiQ7G55r1ebXGyjW4G-jLBIcTZ6fA3-LS4SwzjJnzvnV_tWtzjx3qyXRYv_JN4Lo-zQL9hB1BkTImgOOyVVv73EglyX7tGCpr-PYWxY2X8oqoAo7ka2UMKewr4ag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 65E3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJDakmGqXy6Va22hfhsI9PU&google_cver=1&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFvuq2rC7Vi97S1BDEbABJ6SVVatZreSRE984ZwoZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFvuq2rC7Vi97S1BDEbABJ6SVVatZreSRE984ZwoZkCn7Qw7F3C9tY5J38woRluBlRU&google_hm=eS02MHB5NlRsRTJwRlp1M1VkbEltODc2WENCd20zd1hTNX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSpU11M7W-Zn77Go-rTuf5n3Va8dBD4Z0ZdU1gwsvERLZJ3DrcTK63pbVEIu3osRkXj0P9fUbxs0rHXwvPdMohUaFvuq2rC7Vi97S1BDEbABJ6SVVatZreSRE984ZwoZkCn7Qw7F3C9tY5J38woRluBlRU&google_hm=eS02MHB5NlRsRTJwRlp1M1VkbEltODc2WENCd20zd1hTNX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 65E3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmToAw...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YS8A4OawVXBq3ncMthFXffPdnTOyAciomlOlOw&google_push=AXcoOmToAwsvRimJdLmSqZfVLUhjur6qLOxetAyPvdWxorfgcQ7mDnll_3rODtCCYCMTjS4_aLdknnXa_vI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YS8A4OawVXBq3ncMthFXffPdnTOyAciomlOlOw&google_push=AXcoOmToAwsvRimJdLmSqZfVLUhjur6qLOxetAyPvdWxorfgcQ7mDnll_3rODtCCYCMTjS4_aLdknnXa_vI1V9OFUw1Nht7lBX9WXYxYHLMQsr4ARAh-dS9f80KqEwWN2GmI0yiJDAbmDumuVuQBe1ISIlpmeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:42 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YS8A4OawVXBq3ncMthFXffPdnTOyAciomlOlOw&google_push=AXcoOmToAwsvRimJdLmSqZfVLUhjur6qLOxetAyPvdWxorfgcQ7mDnll_3rODtCCYCMTjS4_aLdknnXa_vI1V9OFUw1Nht7lBX9WXYxYHLMQsr4ARAh-dS9f80KqEwWN2GmI0yiJDAbmDumuVuQBe1ISIlpmeA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
616925
content-length
0
expires
Wed, 08 Nov 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 65E3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KU75UQ4tdFNFawIS7zFfvozZxqzMpzeUb10dRSG3F9d4KuB5BIXfJ_Rs1ReXQQMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
js
www.googletagmanager.com/gtag/ Frame 805C 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97d063e46338a13bbfd11563a0fc63082e1188b491c0eee1132a8b55b30b816e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Nov 2023 00:11:43 GMT
analytics.js
www.google-analytics.com/ Frame 805C 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Nov 2023 23:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1321
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 08 Nov 2023 01:49:42 GMT
collect-rangers-v5.0.0.js
lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/ Frame 805C 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-23.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id
9739511
date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-check-cacheable
YES
content-md5
0NGYZsGPAC/sdgY7Low4DQ==
x-cache
TCP_MEM_HIT from a23-54-206-23.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
25516
x-tos-request-id
bd5f15f70136d18963f70136-af54d1e
x-tos-response-time
Thu, 23 Feb 2023 06:01:27 GMT
last-modified
Thu, 23 Feb 2023 05:54:55 GMT
server
nginx
x-tt-logid
2023022306012655381D6778CD7B694AF7
etag
CKWz4Lf6qv0CEAE=
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=1717729
access-control-allow-credentials
false
x-tt-trace-host
014a0769d6da188b26a57aac2f9d3da1d858e12f82c6ebb391307eb764b578ddf873e38f31227e2c92ef804899077d59ff986c3f7359dd4d6d5f02f8a0c5a7126b3ab03e5d482cd009ec7dd00064b0b015089948ab54c9dfef0de1c185eec5b1bab940fc077dea8dbb5b5ace5c088818e4a209f669330c7c07c991d0bac6fefaa1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
thetracker-detik-v4.min.js
cdn.detik.net.id/loganalysistracker/ Frame 805C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/loganalysistracker/thetracker-detik-v4.min.js?v=4.0
Requested by
Host: wolipop.detik.com
URL: https://wolipop.detik.com/makeup-and-skincare/d-7017040/viral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya?utm_campaign=detikcomsocmed&utm_medium=cpc&utm_source=twitter&utm_term=ctw&utm_content=wolipop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
c65ad3507aa9c487819ce5c6c2aac61866f0cd7bf0fc621fd78a3e365ca06bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 06:27:36 GMT
server
st8
content-encoding
gzip
etag
W/"606aadd8-1792"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
detikBigDataSdk.js
cdn.detik.net.id/loganalysistracker/ Frame 805C 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Thu, 08 Sep 2022 08:55:53 GMT
server
st8
content-encoding
gzip
etag
W/"6319ae19-1a7d3"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1;mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7AC9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7AC9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7AC9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 02 Nov 2024 00:11:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7AC9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 02 Nov 2024 00:11:43 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7AC9 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ur8clKrhjjNMh3YLmwbvT-DquMxBzXTZjZgJGtjLf8RY5FlBrkPWfGnZDCeKAr03XkPkXOIjuCjwcpafGYIwlu3ptbuDO-ubB42V5YrpUzWmQKgO-Vmg4PjOslsMvbjYBH7pVSCWfegkSNBiDMMAUIhqWpKi8dU_pq5tafCS9V04aqXZHQpSuWBEXYDg2fGWqTU6DqcQ_aDfRVlpL8qCodIw0Tb2xjvpea5NqjD7MoYBe0tWV8xVSETSZAfpt4PuxiZtJEXA4rZUfW7AEXEpQtyhv7RrbcCnYvwZHQZFH1Ilrje0B6kzgNu1klxIyfBtHy0d2C9JjIBCVQw7x0hNtxtxKh_K5Wrzb3qb6UakrlvyUlIOugOSunKEbaLo6SZfFAvC_gFk13rSXfAEjAra1SYMdeGpIlBGrVCM6k9y4_cTNNnS
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2715400
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7AC9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3459607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIEfBnamiysUAMWqJ5cKgFyjyvWpq%2FlmSrtHvJZI5M0XOtjehHoxVnNoFsnz7Hxz0X1yRJkQsGM9AeDpmIXvZxR03GoEdFbaZIpi%2BKBcv0r0zYBmJDmUtfYclYAaU2lN%2BCJCA4bEG6C7jNHQxXkkXDCJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
822999acccc49128-FRA
expires
Mon, 28 Oct 2024 00:11:43 GMT
animejs.js
static.criteo.net/animejs/ Frame 7AC9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7AC9 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=268&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F36918%2F210225%2F33d784040a48408e8c6dedc4aa03c63b_logo_leasingmarkt_de_endorsement.png&v=3&w=596&rid=4&s=RJ6vJ2Ugpd1eNJjfcOpTqfCK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f1dccfb5038c7ffe5764ae9900b6739346b659e6161a471922fb083a2822304f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17336
expires
Fri, 11 Oct 2024 00:11:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7AC9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F10283651%2Fmedia%2Ffeed%2F600x450&v=3&w=400&rid=4&s=JtljeBShj_RWZNXqLk60xfw_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
65fae2b0792a4918050e4f36ed548eaee879552cfd8277bad6e1e96300695347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2678400
timing-allow-origin
*
content-length
25588
expires
Thu, 07 Dec 2023 12:40:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7AC9 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F8912101%2Fmedia%2Ffeed%2F600x450&v=3&w=400&rid=4&s=0Cx0FSmvn0OVSmfeW6g_MLDx&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
db0225dc4a222c878e42fe26993ba825de2fa608e3236fa3c019cf2b50d78baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2678400
timing-allow-origin
*
content-length
8676
expires
Thu, 07 Dec 2023 08:10:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7AC9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=36918&q=80&r=0&u=https%3A%2F%2Fwww.leasingmarkt.de%2Fad%2F10136981%2Fmedia%2Ffeed%2F600x450&v=3&w=400&rid=4&s=qtcooxndt7FNrq9PR0b2CGJu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
109d800a97659f50b76c7f098693350fd137c916110278de3e49b26477230feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2678400
timing-allow-origin
*
content-length
10920
expires
Thu, 16 Nov 2023 17:08:57 GMT
all
csm.eu.criteo.net/ Frame 7AC9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NML51Rgi6j7zX4UU0U0_kHjP2HxnSwYicajBn7gJGYDI_rhQPjUjpkD7m-50J3ZsDsFEhQb9uq_JgFyYOz5bVsB8iCr5nuOBZ399L5VU14EeQzlgGUSrjHpGa2Mo-tXs5PAV9TZHTfsxucmqyvkVUYHpB82mEx1l2xDundHRxl-GpvrrekeZgMJGdgSO-DguyfvErJUYkeLycKhnhJuA8ExaWunlLSFrreY0QPIIQCAoJLBHzkPHGhrplAYWw31et9lSJQ&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7AC9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7AC9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
collect
www.google-analytics.com/j/ Frame 805C 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1947133643&t=pageview&_s=1&dl=https%3A%2F%2F20.detik.com%2Fembed%2F220416104%3Fsmartautoplay%3Dtrue%26smartautoplaylazy%3Dtrue%26unmute%3Dtrue&dr=https%3A%2F%2Fwolipop.detik.com%2F&ul=en-us&de=UTF-8&dt=Gaya%20Raline%20Shah-Dinda%20Hauw%20di%20Indonesia%20Fashion%20Week%202022&sd=24-bit&sr=1600x1200&vp=595x335&je=0&_u=QCCAiEABBAAAACAAI~&jid=&gjid=&cid=85861306.1699402297&tid=UA-891770-59&_gid=2001578400.1699402297&_slc=1&gtm=45He3b60n71NG6BTJv72264312&cm2=1.21&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=765379574
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://20.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 805C 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1947133643&t=pageview&_s=1&dl=https%3A%2F%2F20.detik.com%2Fembed%2F220416104%3Fsmartautoplay%3Dtrue%26smartautoplaylazy%3Dtrue%26unmute%3Dtrue&dr=https%3A%2F%2Fwolipop.detik.com%2F&ul=en-us&de=UTF-8&dt=Gaya%20Raline%20Shah-Dinda%20Hauw%20di%20Indonesia%20Fashion%20Week%202022&sd=24-bit&sr=1600x1200&vp=595x335&je=0&_u=QCCACEABBAAAACAAI~&jid=1311050872&gjid=503898941&cid=85861306.1699402297&tid=UA-891770-223&_gid=2001578400.1699402297&_r=1&_slc=1&gtm=45He3b60n71NG6BTJv72264312&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=701958619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://20.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
webid
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/webid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:43 GMT
expires
Wed, 08 Nov 2023 00:11:43 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=156
upstream-caught
1699402303711155
x-akamai-request-id
df82f325
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
157,104.126.37.181
x-tt-logid
20231108001142DBBBBC2F4E2D07630B5D
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf06c49e2f20c2ecbdc9e165da4c6f2e1a10890b74a59ba1786da10073c2c7fdc6f4aca1b4c7ae214dc5a2384af74370f7e
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
webid
mcs.tobsnssdk.com/ Frame 805C 		38 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/webid
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
dd51a11a434cc944701715ab37f9a7ad4d3079872e3d6c56457a95fd189d14e0

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82f457
date
Wed, 08 Nov 2023 00:11:44 GMT
upstream-caught
1699402303912295
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=0, origin; dur=169
content-length
38
pragma
no-cache
server
TLB
x-tt-logid
20231108001142A64675C62B3D3C032A6B
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
169,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d968af5b1c14e577a68a2f9faa5a33557cbde0d79348fe0366fe54fd7f7ef9552e42
expires
Wed, 08 Nov 2023 00:11:44 GMT
sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7AC9 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e2-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7AC9 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e0-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7AC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1df-32ec"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 7AC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e1-327c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Nov 2024 00:11:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 02F7 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4KrXPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgThAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUfd1zY9wDHQPN5btNZV6Jc7fkcYdZgI7exGO6wW-u4o1vCYJON6ggAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjg4MDUzMzI2MzUzNTIzNBgA&sigh=8kSjxlfZbpA&uach_m=[UACH]&cid=CAQSOwDICaaNsbvKwNINx-lYPDGLipsrSdL9kdjUbzBwjr1jffco9r-PkoQNQfUK7_2gjysbMKCmHvTQL3ZFGAE&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6880533263535234&output=html&h=600&slotname=8826049411&adk=1673821562&adf=3374647647&pi=t.ma~as.8826049411&w=300&fwrn=4&fwrnh=100&lmt=1699402302&rafmt=1&format=300x600&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699402302617&bpp=2&bdt=7527&idt=146&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4d3eaac71f58d931%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYLHod6RxX1VgSJGRBlYYuCZ-11HQ&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&prev_fmts=0x0&nras=1&correlator=3585676985899&frm=20&pv=1&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=4173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079306%2C31079438%2C44804684%2C44807454%2C44807463%2C31078297%2C31079382%2C44808148&oid=2&pvsid=3456649221265976&tmod=1449541925&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=zBdDPUchCu&p=https%3A//wolipop.detik.com&dtd=151
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Nov 2023 00:11:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 02F7 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k-HHEN-BMKwC2ASdg2ICAgAAAPWrA6c2e9NJgxV7Xvdh2SYQPtJKZcqUdvzBht8kXo4AABIAAAoKQVFVQkFRRUJBUQ&wp=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:43 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
153417
server
Kestrel
content-length
0
report
mssdk-va.tiktok.com/web/ Frame 17BE 		44 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswVOQDGtd1iWtFVI6BVeovZz
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID
df82ee72
Date
Wed, 08 Nov 2023 00:11:45 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
Server-Timing
inner; dur=1026, cdn-cache; desc=MISS, edge; dur=1, origin; dur=1110
Connection
keep-alive
Content-Length
44
X-Ms-Token
OYx2SNXbLqMGEIrf1QCWygTfjJDC7xLntF4n-x8MSWiP2lNCF2a6AxWKofISCv3TfWhKeHqsGIzdcm4pNmVOn5Nf4a-X3hO59gjYGK1rNXhNRWaZgpDh
Pragma
no-cache
Server
TLB
X-Tt-Logid
20231108001142DCC642C48CC038424913
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.tiktok.com
Access-Control-Expose-Headers
x-ms-token,x-ms-resp
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
X-Origin-Response-Time
1111,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017a7b64c71f7d5edd3c151c70db27d93f015936fb792bb5623b72e1e7c0deafc07047008bb0f21589b8c31ac34f50fca46464910d2553286fc9ca4a38aff3c7d8d
Access-Control-Allow-Headers
x-mssdk-info,x-ms-req
Expires
Wed, 08 Nov 2023 00:11:45 GMT
4886a7b8-2839-43b0-a090-bfaa95c78e5f
https://20.detik.com/ Frame 805C 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://20.detik.com/4886a7b8-2839-43b0-a090-bfaa95c78e5f
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
/
toblog.tobsnssdk.com/service/2/abtest_config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toblog.tobsnssdk.com/service/2/abtest_config/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:44 GMT
expires
Wed, 08 Nov 2023 00:11:44 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=155
x-akamai-request-id
df82f561
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
155,104.126.37.181
x-tt-logid
202311080011439A30DA68DE3B4B518BE9
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b4fd8b7644d571632a9def7345f60bb88c474559df8baa334d3033c8bb18ded277d611b2ee6eb7d11af0c5119997c17fd
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:44 GMT
expires
Wed, 08 Nov 2023 00:11:44 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=154
upstream-caught
1699402304130283
x-akamai-request-id
df82f562
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
154,104.126.37.181
x-tt-logid
20231108001143A64675C62B3D3C032A7B
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
toblog.tobsnssdk.com/service/2/abtest_config/ Frame 805C 		80 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toblog.tobsnssdk.com/service/2/abtest_config/
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
4e7e2b206e2763a8a7a52419f1bc0f3b595ab80c0808fbb940eea61207a4d592

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
x-akamai-request-id
df82f67e
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
TLB
x-tt-logid
202311080011439A30DA68DE3B4B518C01
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
163,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b4fd8b7644d571632a9def7345f60bb886340588fe6ced575cc1c41a2170377ecae1a7d52895ed80956bbc4d131e95ce3
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=163
content-length
80
expires
Wed, 08 Nov 2023 00:11:44 GMT
list
mcs.tobsnssdk.com/ Frame 805C 		7 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82f67d
date
Wed, 08 Nov 2023 00:11:44 GMT
upstream-caught
1699402304331350
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=171
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001143B936A0D31BECC5330CC5
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
171,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98bb8395f7d7ddbe17e6924509870b32c88d4a771ff4d9da49e3ac2eb9680e7e7821a58f9593b76eb21ed831e9db99eb86f
expires
Wed, 08 Nov 2023 00:11:44 GMT
list
mcs.tobsnssdk.com/ Frame 805C 		7 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey
566f58151b0ed37e
Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82f69a
date
Wed, 08 Nov 2023 00:11:44 GMT
upstream-caught
1699402304345196
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=11, cdn-cache; desc=MISS, edge; dur=1, origin; dur=165
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
2023110800114364C852EE9DA1FF07534A
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
165,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b8b8583888d13ce36e6306b05e3321ad27f34086dc60633eedb4dcf5f52944482173b25422001186b040e33a8153c7780
expires
Wed, 08 Nov 2023 00:11:44 GMT
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mcs-appkey
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-mcs-appkey
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:44 GMT
expires
Wed, 08 Nov 2023 00:11:44 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=157
upstream-caught
1699402304142872
x-akamai-request-id
df82f56e
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
157,104.126.37.181
x-tt-logid
20231108001143DBBBBC2F4E2D07630B99
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf06c49e2f20c2ecbdc9e165da4c6f2e1a10890b74a59ba1786da10073c2c7fdc6f4aca1b4c7ae214dc5a2384af74370f7e
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:44 GMT
expires
Wed, 08 Nov 2023 00:11:44 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=159
upstream-caught
1699402304157831
x-akamai-request-id
df82f588
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
159,104.126.37.181
x-tt-logid
20231108001143B936A0D31BECC5330C9D
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98bb8395f7d7ddbe17e6924509870b32c88d4a771ff4d9da49e3ac2eb9680e7e7821a58f9593b76eb21ed831e9db99eb86f
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
list
mcs.tobsnssdk.com/ Frame 805C 		7 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82f6ac
date
Wed, 08 Nov 2023 00:11:44 GMT
upstream-caught
1699402304359729
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=160
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001143E09ED3CFEE89BB0610F3
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
160,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017f6932b8401fb047f780e95e9df582cf0380a9e77c6fcf535f3d5ea405b758ec2657710181b517a447c8ee0fd0db149edeacb5042a05848d9eb5a70859ca95cf5
expires
Wed, 08 Nov 2023 00:11:44 GMT
__dtm.gif
analytic.detik.com/detikanalytic/ Frame 805C 		32 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytic.detik.com/detikanalytic/__dtm.gif?dtmwv=4.0&dtmn=1409576222&dtmdt=Gaya%20Raline%20Shah-Dinda%20Hauw%20di%20Indonesia%20Fashion%20Week%202022&dtmhn=20.detik.com&dtmp=/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true&dtmf=-&dtma=146380193.1520062792.1699402297.1699402297.1699402297.1&dtmb=146380193.2.10.1699402304&dtmr=https://wolipop.detik.com/&createddate=1650115800000&articleid=220416104&kanalid=160301456&dtmac=acc-tv&dtmacsub=desktop&custom_pagetype=video&articledewasa=dewasatidak&articlehoax=default&publishdate=1650115800000&contenttype=videonews&videopresent=No&idfokus=&author=Tim%2020Detik&keywords=indonesia%20fashion%20week%2Cindonesia%20fashion%20week%202022%2Craline%20shah%2Cdinda%20hauw%2Cdhini%20aminarti%2Cyura%20yunita&thumbnailUrl=https%3A%2F%2Fcdnv.detik.com%2Fvideoservice%2FAdminTV%2F2022%2F04%2F16%2F604a115c00bc4116a44ef6f7a989655a-20220416200208-0s.jpg%3Fw%3D650%26q%3D80&createddate_str=2022-04-16%2020%3A03%3A35&publishdate_str=2022-04-16%2020%3A30%3A00&createddate_ori=1650114215000
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.10.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.10.241.35.bc.googleusercontent.com
Software
/
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
content-type
image/gif
e418323a-1ddf-4a40-89d3-31147003feb9
https://20.detik.com/ Frame 805C 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://20.detik.com/e418323a-1ddf-4a40-89d3-31147003feb9
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
2d2f8758-ea44-4d3d-aea6-f20ed2c4b554
https://20.detik.com/ Frame 805C 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://20.detik.com/2d2f8758-ea44-4d3d-aea6-f20ed2c4b554
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
604a115c00bc4116a44ef6f7a989655a-preview.json
cdnv.detik.com/videoservice/AdminTV/2022/04/16/ Frame 805C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnv.detik.com/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a-preview.json?crtm=20220416200208&_=1699402303305
Requested by
Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/flowplayer/jquery-1.11.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-99-221-49-103.detik.com
Software
ngx_wz11 /
Resource Hash
9fb86f3577df957993300d096f4a7e0ba2d4f31ac35c879757d12b9d682d09da

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
last-modified
Sat, 16 Apr 2022 13:02:13 GMT
server
ngx_wz11
etag
"625abe55-5b9"
x-cache-status
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
1465
truncated
/ Frame 805C 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://20.detik.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
604a115c00bc4116a44ef6f7a989655a-hotspot.json
cdnv.detik.com/videoservice/hotspot/ Frame 805C 		0
0
clickToUnmute.png
cdn.detik.net.id/detikVideo/img/ Frame 805C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.detik.net.id/detikVideo/img/clickToUnmute.png
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
14ee4ac69f555e342e9f0d0b90b54a3cf27fd8d097cda7b60e73993780be54ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 12 Aug 2020 06:38:56 GMT
server
st8
content-encoding
gzip
etag
W/"5f338e80-b00"
cache-status
HIT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-xss-protection
1;mode=block
empty1x1.webp
cdn.detik.net.id/detikVideo/img/ Frame 805C 		74 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.detik.net.id/detikVideo/img/empty1x1.webp
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.190.242.172 Sidoarjo, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s2-172-242.190.203.detik.com
Software
st8 /
Resource Hash
b5d621c696f2763e126b1668888961fe95f3cab2410d49da6096b2066edd59ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
middle-cache
HIT
x-content-type-options
nosniff
last-modified
Wed, 12 Aug 2020 06:38:56 GMT
server
st8
etag
"5f338e80-4a"
cache-status
HIT
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
content-length
74
x-xss-protection
1;mode=block
playlist.m3u8
vod.detik.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a.smil/ Frame 805C 		292 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vod.detik.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a.smil/playlist.m3u8
Requested by
Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/detikVideo/lib/videojs.v7.6.6.E.monolib.min.js?v=2023110807
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-99-221-49-103.detik.com
Software
ngx_wz11 /
Resource Hash
b606ece49cd0aa28af9420457086523b52b9c8461c3aae0cc2a27be8ba924e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
server
ngx_wz11
access-control-allow-methods
GET, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Date, Server, Content-Type, Content-Length
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Range
content-length
166
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&pid=pgdzVLRKRIrNG&cb=0&ws=1600x1200&v=23.1027.1921&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond72810%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C4905536%2F517914-728-90-10%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11186%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
2W4XA6705CH7SYZR2PZV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1ZUs_haUgn4aOOKd1AT_1UpRGfpi_M92JETnHD4-apgC7SRXTAAYwQ==
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
121385
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMNCjid5Ja%2FNY7ZKJcVKVTh%2Ft2s59pMoKopozUPQA6luJf10RzjbathQ86OpOQ0EOzsGmhoNtYwWp%2FTPLecvjrha8ho%2Fcgl5KwycoeOcAURNpnYf14s4FTw%2B1xTVScCaREB3OpvY4lAWfS7R"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
822999b33a7a9a41-FRA
hbjson
grid.bidswitch.net/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.41.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-41-155.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
64f5f978aca34032a078c903966a46eb02bfbbd36bec4c6f016e387ff37b1c53

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Nov 2023 00:11:44 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
ib.adnxs.com/ut/v3/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b1e87171ce3bd85242384f41d39fe415270f7ae13cc61563870f3deefb7070bd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
an-x-request-uuid
6654fb96-e721-4b0c-ba95-369911417ae7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 08 Nov 2023 00:11:44 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 08 Nov 2023 00:11:44 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
45a77b87672592488346c65e68b1fa84ba41e4158dd2fdf8bd9e6f3f6ebc8899

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Nov 2023 00:11:44 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://wolipop.detik.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
749
prebid
mp.4dex.io/ 		60 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 08 Nov 2023 00:11:44 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72810
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
822999b36d37bbd1-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		26 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
49cd9a372cb9cb8696f95e90a13ae7fba40f31b20a1b06a53b030c7e6fdcd475
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
an-x-request-uuid
56d34cb6-3d9b-44ca-842d-6716d2939568
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7801aa8868afc3a8bb76b47c2fa6c8af7bc03ec38508ca87b508337c2b13742f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
an-x-request-uuid
affdda74-e3d8-4a3a-a803-7d89d4ca4826
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=50237322648
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
header
hb.aralego.com/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DA4D88866D29A1EAE98D9968B9378&tdid=&schain=&eids=&host=wolipop.detik.com&u=https%3A%2F%2Fwolipop.detik.com&xr=0&ucfUid=b4b9b393-09e5-4b1e-94bb-34b46499fbb6&w=728&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:44 GMT
access-control-allow-credentials
true
connection
close
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
822c9ee592746876bef88cb477d7e8c553265533709ae25f91c0032b9982df0d

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:44 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://wolipop.detik.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
612de15716d3169ba9cc191c5f6d07c3c8a066a443e6f02dd1360cd0406fcb19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
an-x-request-uuid
00672daa-77f9-4679-9b99-2fddcb39392a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
list
mcs.tobsnssdk.com/ Frame 805C 		7 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df82f8b4
date
Wed, 08 Nov 2023 00:11:44 GMT
upstream-caught
1699402304773018
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=158
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
202311080011430E328C4D50612F3C5BA8
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
158,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b6ea6988213330f0c01807437a059ea4b9f347e48abfa55091a527933245b28537416d260644b3ff034eee560b96e8331
expires
Wed, 08 Nov 2023 00:11:44 GMT
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:44 GMT
expires
Wed, 08 Nov 2023 00:11:44 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=0 cdn-cache; desc=MISS, edge; dur=0, origin; dur=153
upstream-caught
1699402304567533
x-akamai-request-id
df82f7b7
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
153,104.126.37.181
x-tt-logid
202311080011430E328C4D50612F3C5B8C
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98b6ea6988213330f0c01807437a059ea4b6d3488834e29ece87e5076aaedf48e81c89731111392400176a238e8655732b9
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24a9c0ed329dcf0ce01516ced3b93220ec03f206b31f7910fa16bbc6ae60008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 20:26:53 GMT
server
cloudflare
age
0
etag
W/"99b985ca6c130eea29a9d4b1241a929646c6d7a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
822999b3fa3718d9-FRA
adagio.js
script.4dex.io/ 		77 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
116891
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpPN%2BkeOomgRZwCpeOprc2DctjVtVB8eAkeWFMX56x8bB%2FWuE%2BG4Z0DBbtCiog5XkQomhW%2FBMFuhEGPl33IU3RZfubuh4p3RP3vEheBk8qhkOn8n78SHH3nE%2Fr1bjNcjFvbRHYioxnQzNZsS"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
822999b3efc26aea-FRA
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wolipop.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 08 Nov 2023 00:11:44 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:44 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
604a115c00bc4116a44ef6f7a989655a-prev-0000.jpg
cdnv.detik.com/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a-preview/ Frame 805C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnv.detik.com/videoservice/AdminTV/2022/04/16/604a115c00bc4116a44ef6f7a989655a-preview/604a115c00bc4116a44ef6f7a989655a-prev-0000.jpg?crtm=20220416200208
Requested by
Host: 20.detik.com
URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS
s221-cast-99-221-49-103.detik.com
Software
ngx_wz11 /
Resource Hash
2841f0b58e56e2712eed2d6291df511435a7f6b4564f067c7be6eb7ec25a0cc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:49 GMT
last-modified
Sat, 16 Apr 2022 13:02:11 GMT
server
ngx_wz11
etag
"625abe53-1242"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
4674
q
p.adlooxtracking.com/ 		158 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbillboard%09div-gpt-ad-1585807997108-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fleaderboard%09div-gpt-ad-1534858075709-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle1%09div-gpt-ad-1534858187231-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle2%09div-gpt-ad-1574419318056-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fmedium_rectangle3%09div-gpt-ad-1688468263221-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fbottomframe%09div-gpt-ad-1605673651674-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fnewstag%09div-gpt-ad-1621408240073-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fpartner_box%09div-gpt-ad-1654263875597-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fskyscrapper%09div-gpt-ad-1540879857495-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fnewsfeed2%09div-gpt-ad-1620755880924-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fhiddenquiz%09div-gpt-ad-1605671916208-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fnewsfeed1%09div-gpt-ad-1659344793459-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fparallax_detail%09div-gpt-ad-1572511028787-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Fparallax%09div-gpt-ad-1572940568187-0&s=%2F4905536%2Fdetik_desktop%2Fwolipop%2Finbetween%09div-gpt-ad-1658820968411-0&s=%2F21751243814%2C4905536%2F235978-728-90-10%09andbeyond72810
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8543625e3f7ac0df8c6a3a3e5b76674f2d4f3ff087d97681e05c5a084191d737
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adloox-pubint-version
20231107072851
date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
217.114.218.24
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
71843a1ba-dirty
server-timing
conn;dur=0.061, ua;dur=0.025, segment_pipeline;dur=0.681, segment_ip;dur=0.006, segment_iab-valid;dur=0.016, segment_iab-spider;dur=0.893, segment_bs;dur=0.005, segment;dur=1.957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3456649221265976&correlator=1149817434313637&eid=44807935&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=21751243814%3A4905536%2C235978-728-90-10&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=14&didk=1483248444&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4d3eaac71f58d931-22aa45f7a8e300df%3AT%3D1699402297%3ART%3D1699402302%3AS%3DALNI_MYMzE5J-r6rw_NmPSXMAhn__v6Ucg&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&abxe=1&dt=1699402305238&lmt=1699402305&adxs=436&adys=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yl9qU4roxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi33JTiujFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBiX2pTiujFIAFICCGQSGQoKcHViY2lkLm9yZxie3JTiujFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Yl9qU4roxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNVbEVlVkZFUmpGU1RtRlZkMXBsZVZwc00yOU5RVDA5SW4wPRje3pTiujFIAA..&dlt=1699402295090&idt=1474&prev_scp=prebidtrue%3D0%26refresh1%3D0%26amznbid%3D2%26amznp%3D2%26adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D728x90%26hb_pb_abmxandr%3D0.12%26hb_adid_abmxandr%3D30e2bdb7579e1f6%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_projectago%3Damp%26hb_size_projectagora%3D728x90%26hb_pb_projectagora%3D0.07%26hb_adid_projectagora%3D294144a816baaac%26hb_bidder_projectago%3Dprojectagora%26hb_format_getapp%3Damp%26hb_size_getapp%3D728x90%26hb_pb_getapp%3D0.03%26hb_adid_getapp%3D28f221684c45d62%26hb_bidder_getapp%3Dgetapp%26hb_format_abmoftmedi%3Damp%26hb_size_abmoftmedia%3D728x90%26hb_pb_abmoftmedia%3D0.04%26hb_adid_abmoftmedia%3D2785078b23d6b6%26hb_bidder_abmoftmedi%3Dabmoftmedia%26hb_size%3D728x90%26hb_format%3Damp%26hb_pb%3D0.12%26rtb_pb%3D0.12%26hb_adid%3D30e2bdb7579e1f6%26hb_bidder%3Dabmxandr&cust_params=site%3Ddetikcom%26section%3Dwolipop%26medium%3Ddesktop%26keyvalue%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26Keyword_tag%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26militaryconflict%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26ilegal_drugs%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26adult%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26death_injury%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26hate_speech%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26spam_harmfulsite%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26tobacco%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26disaster%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26politic%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26obscenity%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26terorism%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26arms%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26crime%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26online_piracy%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26adl_ok%3D1&adks=3259775621&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfe2933d963e903bf591ed7a07b4d376dfc685c69a46769cd4b93f80731816fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12937
x-xss-protection
0
google-lineitem-id
5017487889
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265691417
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 17BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_tiktok-platform-lb-i18n.byteoversea.net
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=103, edge;dur=42
server
Tengine
x-tt-logid
20231108001144D19658D7FC5C73D3DF39
x-outhost
mon-i18n.tiktokv.com
x-outdomain
mon-i18n.tiktokv.com
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193c7927e7b08e6414ad9ba6a782ea4dd589ef8418d8aad78beeacd711284adc47a6b85984772a2d0deaec22f55f10e053b0e7aac7e5e6186a4886add3e94178620da00af241867f628a979c94665a0ffcc
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id
bb58579b8245ad39d85a457d1c8dc31c
/
mon-i18n.tiktokv.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.160.191.131 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
bd-request-id
e96fe6d4ea832941f853325791b288ae
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:45 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=2, origin;dur=99, edge;dur=0
strict-transport-security
max-age=31536000;includeSubDomains
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-i18n.tiktokv.com
x-outhost
mon-i18n.tiktokv.com
x-tt-logid
202311080011444AAFC5840C1322EB6BFB
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193c7927e7b08e6414ad9ba6a782ea4dd589ac0101e343b56742074a75a555ccb8243dac9547a30f15d8c2fc8d7343af9f17063e4387e7625110a5ddbc851c7818c11b31fb7925ef7951eaebe8219b4fd70
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_tiktok-platform-lb-i18n.byteoversea.net
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&pid=pgdzVLRKRIrNG&cb=1&ws=1600x1200&v=23.1027.1921&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond3001%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C4905536%2F517914-300-250-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11186%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
J1F3M4QEF26GJ51ZTD3W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ix02r7W4MRIeWSn18XyYJuWFe5f_ApgeEpsTFNM53UF0Y1PZwKLInA==
hbjson
grid.bidswitch.net/ 		24 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.41.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-41-155.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d1057260352e39d8da124d24c8a6be3c757393789f6ed334c70d9658f9abe7fb

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Nov 2023 00:11:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
ib.adnxs.com/ut/v3/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
bc27670a09c7d09daefee3f05391082c905b45aba4156995f6f37b8ad0ec839f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
an-x-request-uuid
c0e3570f-ea24-4328-9e10-3a072f3e084d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 08 Nov 2023 00:11:45 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid-request
a.teads.tv/hb/ 		16 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 08 Nov 2023 00:11:45 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
7429c2ef890072055ce22b4c434e40342841a7a7d8aa762b846f30ab5d304603

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Nov 2023 00:11:45 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://wolipop.detik.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
785
prebid
mp.4dex.io/ 		60 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 08 Nov 2023 00:11:45 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3001
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
822999b9b9e3bbd1-FRA
expires
0
adjson
ads.betweendigital.com/ 		2 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=10194965785
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
17eca68fa7a38baa853318ffaaef9de79148cf2d654cbd5ccadc25a348071558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
header
hb.aralego.com/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2B4A64DD887B3A8FE4AD8BAE4222BE&tdid=&schain=&eids=&host=wolipop.detik.com&u=https%3A%2F%2Fwolipop.detik.com&xr=0&ucfUid=b4b9b393-09e5-4b1e-94bb-34b46499fbb6&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:45 GMT
access-control-allow-credentials
true
connection
close
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
58fb538eb3721cc6e2f41ef0e1a39492d938e38400b964e5a68f3da8386187c9

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:45 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://wolipop.detik.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1984
Expires
0
bid-request
rtb.adpone.com/ 		796 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122723121232826
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30054bc85b39d92a163aa8492efdc70e42fa08555c0ebbd840ba7b6d13d1545

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gJCN1A18OnNfJjnXk5cAuIlXTHo19ZM18EPTlR%2F3dO1RbVihzcYYxvvBu8A0fU%2FUyJDMo9b%2FOz2Nnnw1yJo8egi7NYjB6DM6vVQRWyXJtAixA5%2B1VdaeNa5edmCar1guw%2FzD3y%2F%2BgIzVlAG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-allow-credentials
true
cf-ray
822999ba3898bbbc-FRA
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0d188a4373c8d22c08634b257b272d59b146cfc6d84e1acd8b42e59c230521d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
an-x-request-uuid
8416c823-dec8-46c1-96d3-a3687a87fa60
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:38 GMT
expires
Thu, 07 Nov 2024 00:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C5DB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
140266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Nov 2024 09:13:59 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame C5DB 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10567
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y6egtU25HoHrIgCBA7%2FhIDvkxL4aKS%2BRfYXFw5hLIKVXAvE2xN%2FQzcZsGbvHnK9dNTixebt%2FcXsFkdbVRsvZ11vFOXINIusxv%2Bh7Vh3V8p6le6c9IeXxjQcm40FB6XwbfzqLCxKDTaeg8oaWz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
822999ba8d86bb80-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C5DB 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:11:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJsxanKQiwcKL-w-XKMu_QjsziiLsbu8meOiYveRXJl5lbMlZJmFmzyhVCDPvqrJUQ_WcmXgqQj2KWHWxgQlIgaWrmQljlQhPQmXaXyB6jOgmHsUfz9iMSwIkrQL5FzCXzTbHtH6PBV_Ij-ABZR_em8QYl5Zb0nQSC-mmNivOm3zZHvr8tI0vhU0e_IW_sPghWUaAxytCXrzoWoJdybzmmWv1mbY72wqzbUNJUlZzJsJZ4HpefQl3RODruZ1x5SXjiP7vvd1nUp--wnP0EOgfHoOpDEJ2J-en0R77dKIyYyO8HnnoSklEKKtNEooq_wuzgNgxVp65cBsHQMGQ8I5YFk97QpTEimP0oYbwyIfVumsgEv4tTjA&sai=AMfl-YRICyUUVG71QpNYxiiI5WRXAyoHP22yEulywGFOUnXuRRvsGPhSlYF3krXe2ccRZ1TegJV6vARmesLNv1AcOml8HnAY2oeJ6y1xxT0L7zdLLSigXdjtHMclGyvuwg&sig=Cg0ArKJSzEeHH64OP6bSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
third-party-pixel.js
static.adbutter.net/libjs/ Frame EB6D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adbutter.net/libjs/third-party-pixel.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
22b708f3ebd27eed5651b3b2bbe8e7df0135344ee6830ff1d63f741d47a67cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:28:26 GMT
content-encoding
br
last-modified
Mon, 23 Oct 2023 13:08:09 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"65367039-f7c"
vary
Accept-Encoding
content-type
application/javascript
x-cdn-pop
sbg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1275
x-request-id
36929784
tfav_adl_314.js
j.adlooxtracking.com/ads/js/ Frame EB6D 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8305506badaf2c2d5b23f4682538db4b9e238d3587eeb4a761c0e5a9de062e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3417
x-guploader-uploadid
ABPtcPqHUWVZ-b12nAp1gXjxpfJgqKqmzNaCoC5EttOEiL5-pgx_IQNNGvHg-B7roEJ9JfSyAf1tejmgp5Xeln0TA6_IuDELxrl9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Oct 2023 08:16:49 GMT
server
cloudflare
etag
W/"87d41a55e28ca448fbd4441a37fb56fd"
vary
Accept-Encoding
x-goog-generation
1698135409852744
content-type
application/javascript
x-goog-hash
crc32c=ukY5xg==, md5=h9QaVeKMpEj71EQaN/tW/Q==
cache-control
public, max-age=14400
x-goog-stored-content-length
76695
cf-ray
822999bb5ab2924f-FRA
expires
Wed, 08 Nov 2023 00:14:48 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame EB6D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Thu, 07 Nov 2024 00:11:45 GMT
it
fra1-ib.adnxs.com/ Frame EB6D 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwolipop.detik.com%252Fmakeup-and-skincare%252Fd-7017040%252Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%253Futm_campaign%253Ddetikcomsocmed%2526utm_medium%253Dcpc%2526utm_source%253Dtwitter%2526utm_term%253Dctw%2526utm_content%253Dwolipop&e=wqT_3QLSDPBMUgYAAAMA1gAFAQjApKuqBhDK1bOdqLGbmR4YhPyZhe6HnYsSKjYJM2jon-BixT8R-7hw_xWiwD8ZAAAAIK5H0T8h-7hw_xWiwD8pNGgJJNgxAAAAoJmZqT8wrNfeDTjPbECaCUgCUJXH1eIBWK33nwFgAGjw2sEBeJeIBoABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTE5OTkzMywgMCk7ARQsaScsIDc3NjU0ODksERQsZycsIDE5NTAxNDc0FRUwcycsIDI3OTc0NDExMBUWMHInLCA0NzUzNTgxMDEFFvCwkgLVBCFJSFVGc2dpQzJmd1pFSlhIMWVJQkdBQWdyZmVmQVRBQU9BQkFBRWlhQ1ZDczE5NE5XQUJnakFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjaTNnY2d6TThNX3dRRW93RVR3dDJMRlA4a0JBQUFBQUFBQThEX1pBVjhweXhESHV1d180QUh4LTlrRDlRRm1abVlfbUFJQW9BSUJ0UUlBATMIdlFJAQfwlUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0tTcHB5WVFBUmdDTFdabVpqLWlBdzRJcEttbkpoQUxHQUl0Wm1abVA3b0RDVVpTUVRFNk5qWXhOLUFEOVVTQUJPMjR2Z3lJQlBHNHZneVFCQUdZQkFHeUJBb0k1NDJNQnhDcjNNQU53UVFBQQWaFEFBQU1rRQEHCQEYRFlCQUR4QgkNBQFEaUFYWk01Z0Y3cHl5aFFHcEJRBRccQUFQQV9zUVUNDQFIBEVGAQccd016TTdEX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjU0NBZkFGb3FPbUNmZ0Z2WjVKZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwEBLFVRS2dHQkxJR0pBawEQCQEAQh3HBEJrCRQBAQBDHRhwTGdHQ29FSXFxcXFLak16d3o4LpoCmQEhQ0JXSjQ-WQIsSzMzbndFZ0FDZ0FNEfWIQlJBT2dsR1VrRXhPalkyTVRkQTlVUkpYeW5MRU1lNjdEOVIBdAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJazV89NMBOEQ4LtgCAOAC3Zhd6gLdAWh0dHBzOi8vd29saXBvcC5kZXRpay5jb20vbWFrZXVwLWFuZC1za2luY2FyZS9kLTcwMTcwNDAvdmlyYWwtd2FqYWgtZGluZGEtaGF1dy10ZXJrZW5hLWthbWVyYS13YXJ0YXdhbi10ZXJueWF0YS1iZWdpbmktYXNsaW55YT91dG1fY2FtcGFpZ249ZGV0aWtjb21zb2NtZWQmdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT10d2l0dGVyJnV0bV90ZXJtPWN0dyZ1dG1fY29udGVudD13b2xpcG9wgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD6ZUe4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI0qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNGUkExOjY2MTfaBAIIAeAEAfAElcfV4gGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWNkQj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4APaBhYKEAAAETgJAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5eIBtIHDQkJJAQAAAEmDNoHBggFCbjgBwDqBwIIAPAHz7oBiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=00e5a6d3addded49b21c07e67689a1361630e7ce
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:45 GMT
an-x-request-uuid
c52bc7d2-37ed-4c81-ba77-1c2779468fea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
e7a94ee6-5c61-41ff-824a-d30ef6869518.gif
crcdn01.adnxs-simple.com/creative20/p/1178/2023/11/3/51723233/ Frame EB6D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative20/p/1178/2023/11/3/51723233/e7a94ee6-5c61-41ff-824a-d30ef6869518.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
a1e5fe93731f424ac72830589ba7693675c67fafe7faebf55c69aea5bc6583d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 08 Nov 2023 00:11:45 GMT
Last-Modified
Fri, 03 Nov 2023 09:44:04 GMT
Server
nginx/1.21.3
Content-MD5
pqZbuv00Nbwj29NU3v2Wjw==
ETag
0x8DBDC516A9E6C7E
Content-Type
image/gif
Access-Control-Allow-Origin
*
x-ms-request-id
7a4ddf3c-b01e-00fa-4fcf-11f7bc000000
Cache-Control
max-age=3888000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
31607
Expires
Sat, 23 Dec 2023 00:11:45 GMT
truncated
/ Frame C5DB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a618007c3d4b2d7a20e87ceb76deafe50141c8e1058c4590ef7f27760c52df52

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
ad-choices.css
static.adbutter.net/dco/ Frame EB6D 		1 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adbutter.net/dco/ad-choices.css
Requested by
Host: static.adbutter.net
URL: https://static.adbutter.net/libjs/third-party-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:29:40 GMT
content-encoding
br
last-modified
Mon, 23 Oct 2023 13:08:09 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"65367039-5eb"
vary
Accept-Encoding
content-type
text/css
x-cdn-pop
sbg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-request-id
944374796
adchoices.png
static.adbutter.net/dco/img/ Frame EB6D 		554 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adbutter.net/dco/img/adchoices.png
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 23:28:30 GMT
last-modified
Mon, 23 Oct 2023 13:08:09 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"65367039-22a"
content-type
image/png
x-cdn-pop
sbg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-request-id
48267750
async_usersync.html
acdn.adnxs.com/dmp/ Frame CFE7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13903&pub_id=2165182
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 08 Nov 2023 00:11:46 GMT
ETag
"623de86a-cf34"
Expires
Thu, 09 Nov 2023 00:11:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
rd_log
fra1-ib.adnxs.com/ Frame EB6D 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&e=wqT_3QLhDvBMYQcAAAMA1gAFAQjApKuqBhDK1bOdqLGbmR4YhPyZhe6HnYsSKjYJM2jon-BixT8R-7hw_xWiwD8ZAAAAIK5H0T8h-7hw_xWiwD8pNGgJJNgxAAAAoJmZqT8wrNfeDTjPbECaCUgCUJXH1eIBWK33nwFgAGjw2sEBeJeIBoABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTE5OTkzMywgMCk7ARQsaScsIDc3NjU0ODksERQsZycsIDE5NTAxNDc0FRUwcycsIDI3OTc0NDExMBUWMHInLCA0NzUzNTgxMDEFFvCwkgLVBCFJSFVGc2dpQzJmd1pFSlhIMWVJQkdBQWdyZmVmQVRBQU9BQkFBRWlhQ1ZDczE5NE5XQUJnakFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjaTNnY2d6TThNX3dRRW93RVR3dDJMRlA4a0JBQUFBQUFBQThEX1pBVjhweXhESHV1d180QUh4LTlrRDlRRm1abVlfbUFJQW9BSUJ0UUlBATMIdlFJAQfwlUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0tTcHB5WVFBUmdDTFdabVpqLWlBdzRJcEttbkpoQUxHQUl0Wm1abVA3b0RDVVpTUVRFNk5qWXhOLUFEOVVTQUJPMjR2Z3lJQlBHNHZneVFCQUdZQkFHeUJBb0k1NDJNQnhDcjNNQU53UVFBQQWaFEFBQU1rRQEHCQEYRFlCQUR4QgkNBQFEaUFYWk01Z0Y3cHl5aFFHcEJRBRccQUFQQV9zUVUNDQFIBEVGAQccd016TTdEX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjU0NBZkFGb3FPbUNmZ0Z2WjVKZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwEBLFVRS2dHQkxJR0pBawEQCQEAQh3HBEJrCRQBAQBDHRhwTGdHQ29FSXFxcXFLak16d3o4LpoCmQEhQ0JXSjQ-WQIsSzMzbndFZ0FDZ0FNEfWIQlJBT2dsR1VrRXhPalkyTVRkQTlVUkpYeW5MRU1lNjdEOVIBdAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJazV89A4BOEQ4LtgCAOAC3Zhd6gLdAWh0dHBzOi8vd29saXBvcC5kZXRpay5jb20vbWFrZXVwLWFuZC1za2luY2FyZS9kLTcwMTcwNDAvdmlyYWwtd2FqYWgtZGluZGEtaGF1dy10ZXJrZW5hLWthbWVyYS13YXJ0YXdhbi10ZXJueWF0YS1iZWdpbmktYXNsaW55YT91dG1fY2FtcGFpZ249ZGV0aWtjb21zb2NtZWQmdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT10d2l0dGVyJnV0bV90ZXJtPWN0dyZ1dG1fY29udGVudD13b2xpcG9w8gIRCgZBRFZfSUQSBzExOTk5MzPyAhIKBkNQR19JRBIIMY05LPICEgoFQ1BfSUQSCZU4OPICDQoIQURWX0ZSRVESAQkQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFZEQ8QCwoHQ1AVDhAQCgVJTwFhBAc3icIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8LCAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APplR7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA4xMTc4I0ZSQTE6NjYxN9oEAggB4AQB8ASVx9XiAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAABDHgAANgFAeAFAfAFjZEI-gUECAAQAJAGAJgGALgGAMEGCSMo8D_QBuAD2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHl4gG0gcNCREoASYI2gcGAV2gGADgBwDqBwIIAPAHz7oBiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=3363fa5024f4fe6d744f2cb2d8fb6324cbb5e6ad&bdref=https%3A%2F%2Fwolipop.detik.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwolipop.detik.com%2F,https%3A%2F%2F060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: 060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:45 GMT
an-x-request-uuid
53c145c7-4b0a-4d8a-ab8a-7ac9f409ffd5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame EB6D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=498&client=gamned&d1=pg-220~1_vpw-220~728_vph-220~90_scw-220~1600_sch-220~1200_sco-220~1_sca-220~0_srx-220~0_sry-220~0_ev-165~sb.222~rp.222~rvp.222~rap.230~ss&att=0.0.728~90&visite_id=57240878169&seq=0&timezone=-60&js=tfav_adl_314.js&date_regen=e0208d5&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=2165182&id2=279744110&id3=475358101&id4=728x90&id5=28814252&id6=1199933&id7=13903&id8=19501474&id9=1303356955576139268&id10=7765489&id11=display&id12=ch&id13=%24ADLOOX_WEBSITE&id14=iab_80_5&id15=2175922011655432906&id16=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&p_d=0.066&fai=%40https%3A%2F%2F060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&iframe=1&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2F060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2F060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com&activetab=1&cf=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/ PHP/7.4.33
Resource Hash
eb454443ec24beb8c23b7f8ad35c2906b6603c5393e2f0eb01e4e0fa033f31c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:46 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-75d5674dd6-srwjr
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
vevent
fra1-ib.adnxs.com/ Frame EB6D 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&e=wqT_3QLSDPBMUgYAAAMA1gAFAQjApKuqBhDK1bOdqLGbmR4YhPyZhe6HnYsSKjYJM2jon-BixT8R-7hw_xWiwD8ZAAAAIK5H0T8h-7hw_xWiwD8pNGgJJNgxAAAAoJmZqT8wrNfeDTjPbECaCUgCUJXH1eIBWK33nwFgAGjw2sEBeJeIBoABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTE5OTkzMywgMCk7ARQsaScsIDc3NjU0ODksERQsZycsIDE5NTAxNDc0FRUwcycsIDI3OTc0NDExMBUWMHInLCA0NzUzNTgxMDEFFvCwkgLVBCFJSFVGc2dpQzJmd1pFSlhIMWVJQkdBQWdyZmVmQVRBQU9BQkFBRWlhQ1ZDczE5NE5XQUJnakFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjaTNnY2d6TThNX3dRRW93RVR3dDJMRlA4a0JBQUFBQUFBQThEX1pBVjhweXhESHV1d180QUh4LTlrRDlRRm1abVlfbUFJQW9BSUJ0UUlBATMIdlFJAQfwlUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0tTcHB5WVFBUmdDTFdabVpqLWlBdzRJcEttbkpoQUxHQUl0Wm1abVA3b0RDVVpTUVRFNk5qWXhOLUFEOVVTQUJPMjR2Z3lJQlBHNHZneVFCQUdZQkFHeUJBb0k1NDJNQnhDcjNNQU53UVFBQQWaFEFBQU1rRQEHCQEYRFlCQUR4QgkNBQFEaUFYWk01Z0Y3cHl5aFFHcEJRBRccQUFQQV9zUVUNDQFIBEVGAQccd016TTdEX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjU0NBZkFGb3FPbUNmZ0Z2WjVKZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwEBLFVRS2dHQkxJR0pBawEQCQEAQh3HBEJrCRQBAQBDHRhwTGdHQ29FSXFxcXFLak16d3o4LpoCmQEhQ0JXSjQ-WQIsSzMzbndFZ0FDZ0FNEfWIQlJBT2dsR1VrRXhPalkyTVRkQTlVUkpYeW5MRU1lNjdEOVIBdAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJazV89NMBOEQ4LtgCAOAC3Zhd6gLdAWh0dHBzOi8vd29saXBvcC5kZXRpay5jb20vbWFrZXVwLWFuZC1za2luY2FyZS9kLTcwMTcwNDAvdmlyYWwtd2FqYWgtZGluZGEtaGF1dy10ZXJrZW5hLWthbWVyYS13YXJ0YXdhbi10ZXJueWF0YS1iZWdpbmktYXNsaW55YT91dG1fY2FtcGFpZ249ZGV0aWtjb21zb2NtZWQmdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT10d2l0dGVyJnV0bV90ZXJtPWN0dyZ1dG1fY29udGVudD13b2xpcG9wgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD6ZUe4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI0qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNGUkExOjY2MTfaBAIIAeAEAfAElcfV4gGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWNkQj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4APaBhYKEAAAETgJAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5eIBtIHDQkJJAQAAAEmDNoHBggFCbjgBwDqBwIIAPAHz7oBiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=00e5a6d3addded49b21c07e67689a1361630e7ce&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=9199541071405159526&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28814252&cid=3&cr=nv&sw=1600&sh=1200&pw=728&ph=94&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:46 GMT
an-x-request-uuid
c609ce11-d6e6-4b11-9a5b-fea63f4ca779
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
q
p.adlooxtracking.com/ 		23 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya&s=%2F21751243814%2C4905536%2F517914-300-250-1%09andbeyond3001
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f2d9125a3b8dcadb464ef7dd6960c4a36fd62a469b4ffd9a5d21ff853d4022ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-adloox-pubint-version
20231107072851
date
Wed, 08 Nov 2023 00:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
217.114.218.24
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
71843a1ba-dirty
server-timing
conn;dur=0.004, ua;dur=0.021, segment_pipeline;dur=0.168, segment_ip;dur=0.004, segment_iab-valid;dur=0.010, segment_iab-spider;dur=0.826, segment_bs;dur=0.003, segment;dur=1.149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
batch
services.insurads.com/dfp/mapping/ Frame 0513 		1 KB
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/21751243814,4905536/235978-728-90-10%22,%22eoId%22:2517372628,%22eolId%22:5017487889,%22advId%22:4666413989,%22ecId%22:138265691417,%22w%22:728,%22h%22:90,%22eId%22:%22main_235978-728-90-10_0%22}]&h=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&ts=1699402306010
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.230.103.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-103-202.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4262a45fdf2be233b8fd8e33520b2d0c1720b1c7d55b112a534e6d568a2a1de0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3456649221265976&correlator=1082857474791537&eid=44807935&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=21751243814%3A4905536%2C517914-300-250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200&fluid=height&ifi=15&didk=4118059834&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D4d3eaac71f58d931-22aa45f7a8e300df%3AT%3D1699402297%3ART%3D1699402302%3AS%3DALNI_MYMzE5J-r6rw_NmPSXMAhn__v6Ucg&gpic=UID%3D00000cbc1e220ed5%3AT%3D1699402297%3ART%3D1699402297%3AS%3DALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw&abxe=1&dt=1699402306054&adxs=1045&adys=3244&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psts=AOrYGsnJjuVTpUAkSk3SlzGFMtoSZlGQkIvvNwja_iye5gVHe-t_mlIdPFBaYycee6sO8ncVwsS93X1BUNB9qzsp2sMleD3SIvo&ga_vid=85861306.1699402297&ga_sid=1699402297&ga_hid=778190883&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yl9qU4roxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi33JTiujFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBiX2pTiujFIAFICCGQSGQoKcHViY2lkLm9yZxie3JTiujFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Yl9qU4roxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNVbEVlVkZFUmpGU1RtRlZkMXBsZVZwc00yOU5RVDA5SW4wPRje3pTiujFIAA..&dlt=1699402295090&idt=1474&prev_scp=adunit%3Ddiv-gpt-ad-1688468263221-0%26prebidtrue%3D0%26hb_width%3D300%26hb_height%3D250%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26active%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_native_linkurl_ab%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67997334%253Bgdpr%253D0%253Bgdpr_consent%253D%26hb_native_image_abmo%3Dhttps%253A%252F%252Fcrcdn01.adnxs-simple.com%252Fcreative20%252Fp%252F7337%252F2023%252F10%252F25%252F51453107%252Fd5b6ca3e-40f2-4cae-8bda-117d76a02860.jpg%26hb_native_title_abmo%3D15%2520JAHRE%2520BREUNINGER.COM%26hb_format_criteointl%3Dbanner%26hb_size_criteointl%3D300x250%26hb_pb_criteointl%3D0.09%26hb_adid_criteointl%3D56ed0c822113db4%26hb_bidder_criteointl%3Dcriteointl%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D300x250%26hb_pb_projectagora%3D0.18%26hb_adid_projectagora%3D59eb34e4857ec4b%26hb_bidder_projectago%3Dprojectagora%26hb_format_abmoftmedi%3Dnative%26hb_size_abmoftmedia%3D0x0%26hb_pb_abmoftmedia%3D0.07%26hb_adid_abmoftmedia%3D58983b0468f4d4f%26hb_bidder_abmoftmedi%3Dabmoftmedia%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_pb%3D0.18%26rtb_pb%3D0.18%26hb_adid%3D59eb34e4857ec4b%26hb_bidder%3Dprojectagora&cust_params=site%3Ddetikcom%26section%3Dwolipop%26medium%3Ddesktop%26keyvalue%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26Keyword_tag%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26militaryconflict%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26ilegal_drugs%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26adult%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26death_injury%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26hate_speech%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26spam_harmfulsite%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26tobacco%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26disaster%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26politic%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26obscenity%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26terorism%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26arms%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26crime%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26online_piracy%3Ddinda%2520hauw%252Ckamera%2520wartawan%252Crey%2520mbayang%26adl_ok%3D1%26url%3Dhttps%253A%252F%252Fwolipop.detik.com%252Fmakeup-and-skincare%252Fd-7017040%252Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%253Futm_campaign%253Ddetikcomsocmed%2526utm_medium%253Dcpc%2526utm_source%253Dtwitter%2526utm_term%253Dctw%2526utm_content%253Dwolipop%26page_url%3Dhttps%253A%252F%252Fwolipop.detik.com%252Fmakeup-and-skincare%252Fd-7017040%252Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%253Futm_campaign%253Ddetikcomsocmed%2526utm_medium%253Dcpc%2526utm_source%253Dtwitter%2526utm_term%253Dctw%2526utm_content%253Dwolipop&adks=3441608500&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6d8fb031df138fcf1cb58f2862364cdbb4b202cdb033d3eb5aad71d24937491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12298
x-xss-protection
0
google-lineitem-id
5018799245
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138255098875
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wolipop.detik.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CFE7 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13903&pub_id=2165182&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13903&pub_id=2165182
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:46 GMT
an-x-request-uuid
87c0d7b9-76a1-42f7-b461-6a0bc7db0100
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjwLgKGlT5ep02yX41fJpMb8jH9EDS6pEEXWM0enlKoid-dHKsI3640qr1K8ar7i11eHuHLDMoEdRXn-vkKMXjgfv0jkqjz1LAjDO6L4TeqV_njgPNztrTS2D7skOHFDyqlQFykyMoSKz4lkFnApnhz_i1PutJS9H7dDY5V7uJXl2ugluUaArkLtDJHL7cheGJumQB0IEMC0Dnp133GnlCpskL9AKWOGxkmkKxTqdgHbo-DqhHB_YZahGw88bpUaCeewZ1pN9RIECOL-UwUyKMWHVXIklZX4eQxLJXQCLWR0Xhz5nFHINGhdNM2ZQmDsQY99RZdCvKH2XARd91DYmnqxnGMb5Y0UNxM0DwGXbC7gEptpptSc8_&sai=AMfl-YQclAujwtT4zHDLXy8rVXY6B5IU8AWm-Y3zG_7FJuZXlI2FZBfCi7by4zUGjYvJk7f22i-rLbc2dyFBEGclwsTCv2w4cCV5iTZFME_q9mEun6yU5AmAFfD_NsMUaQ&sig=Cg0ArKJSzKGLZO0mL0C7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Nov 2023 00:11:46 GMT
vevent
fra1-ib.adnxs.com/ Frame EB6D 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwolipop.detik.com%2Fmakeup-and-skincare%2Fd-7017040%2Fviral-wajah-dinda-hauw-terkena-kamera-wartawan-ternyata-begini-aslinya%3Futm_campaign%3Ddetikcomsocmed%26utm_medium%3Dcpc%26utm_source%3Dtwitter%26utm_term%3Dctw%26utm_content%3Dwolipop&e=wqT_3QLSDPBMUgYAAAMA1gAFAQjApKuqBhDK1bOdqLGbmR4YhPyZhe6HnYsSKjYJM2jon-BixT8R-7hw_xWiwD8ZAAAAIK5H0T8h-7hw_xWiwD8pNGgJJNgxAAAAoJmZqT8wrNfeDTjPbECaCUgCUJXH1eIBWK33nwFgAGjw2sEBeJeIBoABAYoBA1VTRJIBAQbgmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgMTE5OTkzMywgMCk7ARQsaScsIDc3NjU0ODksERQsZycsIDE5NTAxNDc0FRUwcycsIDI3OTc0NDExMBUWMHInLCA0NzUzNTgxMDEFFvCwkgLVBCFJSFVGc2dpQzJmd1pFSlhIMWVJQkdBQWdyZmVmQVRBQU9BQkFBRWlhQ1ZDczE5NE5XQUJnakFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjaTNnY2d6TThNX3dRRW93RVR3dDJMRlA4a0JBQUFBQUFBQThEX1pBVjhweXhESHV1d180QUh4LTlrRDlRRm1abVlfbUFJQW9BSUJ0UUlBATMIdlFJAQfwlUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0tTcHB5WVFBUmdDTFdabVpqLWlBdzRJcEttbkpoQUxHQUl0Wm1abVA3b0RDVVpTUVRFNk5qWXhOLUFEOVVTQUJPMjR2Z3lJQlBHNHZneVFCQUdZQkFHeUJBb0k1NDJNQnhDcjNNQU53UVFBQQWaFEFBQU1rRQEHCQEYRFlCQUR4QgkNBQFEaUFYWk01Z0Y3cHl5aFFHcEJRBRccQUFQQV9zUVUNDQFIBEVGAQccd016TTdEX0ouKAAAMC4oAAROawUoAQG4OERfZ0JjU0NBZkFGb3FPbUNmZ0Z2WjVKZ2dZRFEwaEdpQVlFa0FZQm1BWUFvUVkBMwEBLFVRS2dHQkxJR0pBawEQCQEAQh3HBEJrCRQBAQBDHRhwTGdHQ29FSXFxcXFLak16d3o4LpoCmQEhQ0JXSjQ-WQIsSzMzbndFZ0FDZ0FNEfWIQlJBT2dsR1VrRXhPalkyTVRkQTlVUkpYeW5MRU1lNjdEOVIBdAkBBEJaCQgBAQRCaAEGCQEEQnAJCAEBBEJ4AQYJARBCNEFJazV89NMBOEQ4LtgCAOAC3Zhd6gLdAWh0dHBzOi8vd29saXBvcC5kZXRpay5jb20vbWFrZXVwLWFuZC1za2luY2FyZS9kLTcwMTcwNDAvdmlyYWwtd2FqYWgtZGluZGEtaGF1dy10ZXJrZW5hLWthbWVyYS13YXJ0YXdhbi10ZXJueWF0YS1iZWdpbmktYXNsaW55YT91dG1fY2FtcGFpZ249ZGV0aWtjb21zb2NtZWQmdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT10d2l0dGVyJnV0bV90ZXJtPWN0dyZ1dG1fY29udGVudD13b2xpcG9wgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD6ZUe4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI0qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNGUkExOjY2MTfaBAIIAeAEAfAElcfV4gGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWNkQj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4APaBhYKEAAAETgJAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5eIBtIHDQkJJAQAAAEmDNoHBggFCbjgBwDqBwIIAPAHz7oBiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=00e5a6d3addded49b21c07e67689a1361630e7ce&type=pv&jm=1003&px=0&py=0&bw=728&bh=90&sf=1&sid=9199541071405159526&vd=ct~0|rr~6&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28814252&cid=3&cr=pv&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:47 GMT
an-x-request-uuid
27ee80d1-b6c7-4e48-a236-de2b60eb2387
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CFE7 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=13903&pub_id=2165182&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=13903&pub_id=2165182
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:47 GMT
an-x-request-uuid
2d568a3b-41cd-4eb8-99de-8b2727302dfe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C5DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaCkAs2y3-hUtFrsqCZP3u2ReujVl9DVT9MDKrUmBA8hvlByPCe9WUTz4Sky494c7o5SwXcA4BMvgO-rP5dMw4t_ZxNsdC5BICZRKgd9ngqPcuDfL4gTQlClRfra1oIuKGRabT5jBUxw&sig=Cg0ArKJSzKOVhtoBnDtlEAE&id=lidar2&mcvt=1002&p=1107,436,1197,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3259775621&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699402305636&rpt=489&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4C2E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SxXMrBgi6j7zX4UUDFGIJf-KScw8byx2y19TyQA_tszaw-IzJIq21gVAc2yK_ZDE3Z8omDRaxyFUameCRgevm1S8kihEjTRqD8Rekmj14vOmjv8NMo-e17MoPpS14m1iiG_qLJ7Qhpi3wg5tTkUc7uxxxNZm8554SqC7OaivmLyiPvi38uILSMdG-_SEmjtymhFsiu7k4GV0njlAoJkGYTpS0RW2It9EdOuUr2m4eUEXpElyWCXTUrgaYpjyMNYotG0gzg&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSOQAFq2wHg46QAAMvSp1LzSrEqEDHBVzHCA&u=%7CNKkNFXoSQXDfMDYFyyIFj3pE%2FXgps0gGBgS44sbVRfk%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-keAYFcWYMDjKnx2ehuNW-WTjIvmbW6eIrwCV-Gc-ZXO6euYuBcsogaGntTC7aypISPmq5nuoTPjvEUdbX403LTM-fqRaH93NtBdU1R3juVRrTJSvMfuJOZ799B6ObPj8JIEzQrUqhh15hiDZWp0iB70H152vCItsogSZYMMG2CkFGnhZ7lDSUOdjK3EMGJm_Kid0LSleUJFV2oWL0HglFzM_v5uI7S2xCayiHAdilxHFf4KD_x5VCZuhQNxNnqPBFsMVDhxvCpIHjyLVCUlqIEfKUZw4lNIHmvZTesOLlywehZjB2NDxgQSfX6PkC_9rpwKSclxget-eltbJo_1c3fXnKq-4RIpMwnfkFo_FRd2qdWGQXV-w7ekoPZ5bj74z5CqZneBo3PdVe81IuN7yvVr0D4qjfCC3ThdcsjS1AOVTNilPUrKsdCWmwcFbnQPkj_L45olkd6RGr7bmwMMeCJ46cPis3z0k3E27v3Nxz-Tqu_vz92sH6tjjSJbp2f4kb0tExG0LaDkTP5mYZAc5MWp_vtq74KUkmnHWJ75yeX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR9MVOdJKZezWFpCdjuwPyt6M6AbJntKxXMWMi-CaAcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0wNDI4NTE2MTY0MjI1MTcyyAEJqQLrU9efRPOxPuACAKgDAcgDAqoEnQNP0Kvmks96xmoZiQ5-XE_Q-S9jED2I14Y0uBGuML1GiYVGp0QQBVmltPDeLO9ZM_zCDj-lmsenjHfmfIZ7H-oYYLn69qmr3Vyk3v1xHuvHJvI-Abn5XofYbhpWo-9zKsm-D4eILdGRHT4bCjcgJMZxL7738h0Sj_CnTUNuhA4D5TUr7RCRYHFh7binjV9GssjVT8mBxml62Axt25tqFqXObVbHRtNR71xbmaeQIyUZQwRIXfhNiXczaF9cOVwi-F39Y77AKf2q_VWRhHfr0bsRxtwYOAzCQK9N__MOEzymMwkV1N2HxXtmljuCfPAcCbWDktgYB7Wl-YiBmWakFbZV39k-jiLAq5r17DdOW3pZg5f_8kWKLdsslDMgVrN0EeIgsFP-0dgbLAEyhjJVVzAgxS6RUmN5mLqEl5LC_QaNAOyUUW_J0RK4T3rnjKUy0Ip06B9rhr4pa9aFCwNVFcckEv6N_eq-FCh1NTJpqt5kKJavCg4gTrXdZJ7-a_UEfSfAE3j_hthWg-E7UB5t_jipTxVr8RqoimFwACZ7auAEAYAG7_W8tvqyvtOAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2jxiMytJMTiytF-p-M64_uNm6Trw%26client%3Dca-pub-0428516164225172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 09 Nov 2023 00:11:48 GMT
collect
region1.analytics.google.com/g/ Frame 805C 		0
69 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CY42M5S751&gtm=45je3b60v873223606z872264312&_p=1699402303308&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=85861306.1699402297&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699402296&sct=1&seg=1&dl=https%3A%2F%2F20.detik.com%2Fembed%2F220416104%3Fsmartautoplay%3Dtrue%26smartautoplaylazy%3Dtrue%26unmute%3Dtrue&dr=https%3A%2F%2Fwolipop.detik.com%2F&dt=Gaya%20Raline%20Shah-Dinda%20Hauw%20di%20Indonesia%20Fashion%20Week%202022&en=page_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.namaKanal=20DETIK&tfd=6327
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://20.detik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
list
mcs.tobsnssdk.com/ Frame 805C 		7 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Requested by
Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer
https://20.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-akamai-request-id
df83169a
date
Wed, 08 Nov 2023 00:11:50 GMT
upstream-caught
1699402309984383
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=159
content-length
7
pragma
no-cache
server
TLB
x-tt-logid
20231108001148A64675C62B3D3C032D07
access-control-max-age
1800
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://20.detik.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-origin-response-time
159,104.126.37.181
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
expires
Wed, 08 Nov 2023 00:11:50 GMT
dc_oe=ChMIzJL58o6zggMVh_MRCB17Bw3fEAAYACDs6tFgQhMIp9eP8o6zggMVkI6DBx1KLwNt;met=1;&timestamp=1699402309897;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D264 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzJL58o6zggMVh_MRCB17Bw3fEAAYACDs6tFgQhMIp9eP8o6zggMVkI6DBx1KLwNt;met=1;&timestamp=1699402309897;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgoT68o6zggMVpfARCB0kog6aEAAYACCny8ZgQhMIqteP8o6zggMVkI6DBx1KLwNt;met=1;&timestamp=1699402309905;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F737 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgoT68o6zggMVpfARCB0kog6aEAAYACCny8ZgQhMIqteP8o6zggMVkI6DBx1KLwNt;met=1;&timestamp=1699402309905;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 17BE 		0
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=MISS, inner; dur=2, origin;dur=106, edge;dur=0
server
Tengine
x-tt-logid
202311080011499975E0A47BD6EE4D9DDA
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5ae1fb8843b507a0b63bc74701578cdd3d18170bd7e94cdb2c87c46b315eec217ae000a3b184d414a9aff55f4a0e84bf689eb00239bf4b1334a6bb711c2f38303d3
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id
d4ff0b6dccfd1c5e9d500715c9ce6662
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 17BE 		0
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Referer
https://www.tiktok.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=107, edge;dur=0
server
Tengine
x-tt-logid
2023110800114974E46F2F87A27F486013
x-outhost
mon-va.byteoversea.com
x-outdomain
mon-va.byteoversea.com
access-control-max-age
600
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5ae2376a753cc28e7707eb32013f80f75f49914967c6ea663e563746fdd413b5efb7bacb875c1278fa9ac04decd5ff666c802b1b66bd636142d950d444abc419d2d
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id
1ca32c6d60a229d768c81c88f624bbc3
list
mcs.tobsnssdk.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcs.tobsnssdk.com/list
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-185.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://20.detik.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
https://20.detik.com
access-control-max-age
1800
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Wed, 08 Nov 2023 00:11:49 GMT
expires
Wed, 08 Nov 2023 00:11:49 GMT
pragma
no-cache
server
TLB
server-timing
inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=154
upstream-caught
1699402309786633
x-akamai-request-id
df831598
x-cache
TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51931778) (-)
x-origin-response-time
154,104.126.37.181
x-tt-logid
20231108001148A64675C62B3D3C032CEE
x-tt-trace-host
01bd308f099a64fbde4400b9f941e63193dd5e97a6109e95a1329a84e8cb457017c49c829145bf17d5ea0a06e4912ee98be63e968a11b8fd288efc91fd9a99d96833b05459ff1f2db5fd5fc62873e423528eb4181f92e4bcbc2d991d32dbc6c40b
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
bd-request-id
279c626448bb6853b4a766b1ff734850
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:50 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=110, edge;dur=1
strict-transport-security
max-age=31536000;includeSubDomains
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
2023110800114928044B476533FB51A90E
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aebe7a8808dc7e981de1279eaeaba0c305047367cead5c54dba08d8d473892da00fd81a9984706ee390785d9dae8b7510403186494567c5e54d73a38695709c096
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
71.18.5.241 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
a71-18-5-241.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tiktok.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods
POST, OPTIONS, GET
access-control-allow-origin
*
access-control-max-age
600
bd-request-id
3bb922886b6a4967bc72dbccccb3f007
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:50 GMT
server
Tengine
server-timing
cdn-cache;desc=MISS, inner; dur=3, origin;dur=106, edge;dur=1
strict-transport-security
max-age=31536000;includeSubDomains
x-bdssl-info
https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain
mon-va.byteoversea.com
x-outhost
mon-va.byteoversea.com
x-tt-logid
2023110800114900B6CB7BB96A9352A8DE
x-tt-trace-host
01bd308f099a64fbde4400b9f941e631931b84eaf130f17355bc7b142a2dc6a5aeb9c0db7ac4e39f73a555a4744bc91b64b0a9187c84660b02dc523d483da3b765e9e3abbc2260e56126592ca6a0906db40fe240b83460d6fb35a623473538df67
x-tt-trace-tag
id=31;cdn-cache=miss
x-upstreamname
origin_maliva-normal-lb.byteoversea.net
984.json
id5-sync.com/g/v2/ 		251 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
efec9c21599f9a56ff5408e48028c153522381a3dc5bbc605f08939cd77aaaec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wolipop.detik.com
date
Wed, 08 Nov 2023 00:11:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d37e61bbca4fca7ec96816edb5303baffea9e046d625924e0841b10517117c89

Request headers

Referer
https://wolipop.detik.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wolipop.detik.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 08 Dec 2023 00:11:50 GMT
/
ssc-cms.33across.com/ps/ Frame 2B35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 -, , ASN (),
Reverse DNS
Software
33XP012 /
Resource Hash

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
server
33XP012
x-33x-status
2000208
sync.html
s.adtelligent.com/ Frame 99B1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5234::2 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://wolipop.detik.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
820
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:49 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 0850 		2 KB
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3404
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
822999d66be21e4f-FRA
content-encoding
br
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJVh52pEZdwVmJhX%2BisTnWdBYYGa4kt70u%2F%2FRzlFb%2FwPviX4icxpTtzqtE%2BB%2Fn2VK0X2bhxhYwylPgtRHzfqMo6kO6ocueR0GX0VKcLTj2QcxtlQLkz8UE9FtQvcikWJYMnGRJpIFytM7PIN7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame C018 		749 B
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
780ca9522494e7cd9f5457755af837ea0f95b2c17386eae7717f844ea9e86c5b

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
749
content-type
text/html
sspmatch-iframe
ads.betweendigital.com/ Frame 91D5 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
sync-all.html
adxbid.info/ Frame BC0D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6327 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
822999d66eb091ed-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 08 Nov 2023 00:11:50 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WygsXWq0aT4B6bhDU%2BhUwzz2A%2BxTbjHWEjeizuTAW5kVSCXLxqIqOk66HmPDsMGUgGm2%2Byzi5K4xPDGKvOkj6saT%2B66Dy6xF7H3ZTJjg3IDymTLD98twBMcnCevyIkIqIwVwplSnGgJSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
cdn.aralego.net/ucfad/cookie/ Frame A17B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
3404
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
822999d66be11e4f-FRA
content-encoding
br
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDByaoOIIDUcvUDreBhk58azkOAXSGSVI9CZ7PrDOqEiDQRvjkMoIexcFOOqnZIZ%2BVJOMVAquk9Z4Xwutvc3C5MIKqB4EDP9%2BRJrxQvaBBx2iFbrB%2Bt%2FKOjQLyTI5YgO8v17Mq4XIwchaUzjOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8E2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 6A16
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
76b8e0c89c29c07ce7b2f79f60afce9de201b93dccf1819cfb97fc27ee461320

Request headers

Referer
https://wolipop.detik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
Wed, 08 Nov 2023 00:11:50 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 08 Nov 2023 00:11:50 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
sync
x.bidswitch.net/ Frame C018 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
match
ads.betweendigital.com/ Frame C018
Redirect Chain
  • https://ads.adlook.me/csync?pid=btw&uid=a23cf4d0-4ec9-5238-8f2f-9ebdea654cfd&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f90d8d261d644bc4baa07ca058d80f08
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f90d8d261d644bc4baa07ca058d80f08
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=f90d8d261d644bc4baa07ca058d80f08
date
Wed, 08 Nov 2023 00:11:49 GMT
server
Microsoft-IIS/10.0
btw
sync.dmp.otm-r.com/match/ Frame C018 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=a23cf4d0-4ec9-5238-8f2f-9ebdea654cfd
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.177 -, , ASN (),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:50 GMT
server
nginx/1.23.2
match
ads.betweendigital.com/ Frame C018
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LlO9J8rlhOg.AikABlGLrEVi6A
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LlO9J8rlhOg.AikABlGLrEVi6A
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
nginx
x-backend-id
f27-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LlO9J8rlhOg.AikABlGLrEVi6A
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
vid.vidoomy.com/ Frame 9B10 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
57689
x-77-cache
HIT
x-77-nzt
AZySIYs3Nzf/WeEAAA
x-77-nzt-ray
cf878727cb5228e246d24a6549955b12
x-77-pop
frankfurtDE
x-accel-date
1699344621
x-accel-expires
@1700381349
x-age-lb
57689
x-cache-lb
HIT
idsync
sync.aralego.com/ Frame A17B 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
idsync
sync.aralego.com/ Frame 0850 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
getuid
eb2.3lift.com/ Frame BC0D 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2CF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39902
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
Wed, 08 Nov 2023 11:16:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D69D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 99B1 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:49 GMT
Server
Adtelligent
Etag
73b28d8d92814b30
Content-Length
43
Content-Type
image/gif
setuid
user-sync.adxpremium.services/ Frame BC0D
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c7fc5f533ea3cf7c4fb098355e4033389f2cbbac5c7ba6b12868154c4cd78e1
0
0
pbs.gif
sync.admanmedia.com/ Frame 6A16 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D51134e9d68cfb030%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 6A16 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 06 Nov 2028 00:11:50 GMT
um
u-ams03.e-planning.net/ Frame 6A16
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D51134e9d68cfb030%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=51134e9d68cfb030&uid=1303356955576139268
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=51134e9d68cfb030&uid=1303356955576139268
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Wed, 08 Nov 2023 00:11:50 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
an-x-request-uuid
728f40be-6d58-479a-92cb-47589a05c060
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=51134e9d68cfb030&uid=1303356955576139268
x-proxy-origin
217.114.218.24; 217.114.218.24; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 6A16
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D51134e9d68cfb030%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=51134e9d68cfb030&uid=ua-5ca1413a-a694-3a3b-ab97-3c350cc9cbce
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=51134e9d68cfb030&uid=ua-5ca1413a-a694-3a3b-ab97-3c350cc9cbce
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Wed, 08 Nov 2023 00:11:50 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=51134e9d68cfb030&uid=ua-5ca1413a-a694-3a3b-ab97-3c350cc9cbce
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 6A16 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.255.178 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
us
sync.go.sonobi.com/ Frame 6A16 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D51134e9d68cfb030%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-41
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 6A16 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D51134e9d68cfb030%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 6A16
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=51134e9d68cfb030
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=51134e9d68cfb030
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=51134e9d68cfb030
date
Wed, 08 Nov 2023 00:11:50 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame AD02
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:50 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 08 Nov 2023 00:11:50 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CDC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D51134e9d68cfb030%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39902
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
Wed, 08 Nov 2023 11:16:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 31CA 		2 KB
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e7ef98abc38d5473d0908d4e402d9ff5e41d174e36aebd2c4ccd2aaca3ffdd

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
822999d7bfcb994b-FRA
content-encoding
br
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GopRjPbj86mzvbLRxcVmVMclaqTUqvG%2BFN9giKAYL2krabEUGrqEpqnETktRjOPEcV7CPYgR%2BzZAjaDtFBkCtSgDenlYJUvZm25613X0e7D5hc%2FWX4on%2FzsBKVRCcxuVYU8v567w"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 1D1B 		1 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 -, , ASN (),
Reverse DNS
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
35110
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 29 Oct 2028 20:46:09 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
75e42db759a2014fe8abf648241857ad
x-cf-tsc
1698820281
x-cf1
29080:fL.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame A021 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame E4F7 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6891bd0b15d6d46aa940bb049678c7156f56a1192d8b734763b829ab48dd1f01
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
822999d81ccb904f-FRA
content-encoding
br
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
PugMaster
image6.pubmatic.com/AdServer/ Frame D2CF 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98234779&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:49 GMT
content-length
0
31327
i.liadm.com/s/ Frame 31CA
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ef67b6c8b9846738b70a2bb899ce032
0
0
dcm
s.amazon-adsystem.com/ Frame 31CA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C696R19SF6RYPP9910SK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1KZZ0H0JCZRT3R7NKCDM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 31CA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 31CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6ExsvzIqycwBlJpAWWoAQ&google_cver=1
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6ExsvzIqycwBlJpAWWoAQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAU5IdeAN4XrsVWCC4%2FyJVNSFonPfNK0R8G3h8gblSlcFJXxfGxPC7%2B%2FViIRM1YkUtpXCJVLJcrra%2BRrVpd7MIlKvXbqHREOQO4c6qjF5efY1meOfgs1Omlv3rgWKxb4Gp%2BwWV4ueyyoNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822999d8c887994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEP6ExsvzIqycwBlJpAWWoAQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 31CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
0
0
ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 31CA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUrSO_DHgMKaZjBnVxnF7QAACHwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:abeb:a582:6f70:20cf Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 31CA
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715127110&external_user_id=6acb329b-0c07-4d5d-8a87-ee8f4ba6d29e
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715127110&external_user_id=6acb329b-0c07-4d5d-8a87-ee8f4ba6d29e
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ3seru0OwWVkuaRCqQY4AOSj2YgiU7WLK%2B3NJAnBlSW4fmF7J7SBJR6VahC3OTb4qj5pXOBPOjWiKbudLMTPZFNWjiTrDPBcr3BEC3aGhbgpmWcwVoiNiR1evACoaJFhNan%2BW3zw5GshA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822999d9dc919183-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715127110&external_user_id=6acb329b-0c07-4d5d-8a87-ee8f4ba6d29e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 31CA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2385168303269879304
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2385168303269879304
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7nKclTuuCBUXDP4msrRSt055Wi023%2FKmVq9%2F%2BPYxmliE%2BbLRis%2Br1uvvpN0ITYCHHlsCk1HBxkOPzXMhZRHniEsyCRkfiMmveI9yv0gzj%2FwBeeRBB08rm7b%2FAdVvLvXT%2FJgp3GXG%2BbQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
822999d96c559183-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2385168303269879304
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams03.e-planning.net/ Frame 31CA 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=51134e9d68cfb030&uid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Wed, 08 Nov 2023 00:11:50 GMT
content-type
image/gif
cookiesync
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/cookiesync
  • https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Protocol
H2
Server
2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wolipop.detik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8235
alt-svc
h3=":443"; ma=86400
content-length
4739
last-modified
Mon, 28 Aug 2023 06:02:46 GMT
server
cloudflare
etag
"64ec3886-1283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P5YqhWhRQO2J6ZeoCIbULdHwSJx7nMPOIU%2BLevHpb6NiesMxU%2FydUutMY8x%2FHidxVcduRXabJ8V2feOBE9hA9zdUHfKS5nwfqKK55ZEKysSROb3F%2FEwEyFY%2BCXh7HmqS5Gf7np505GNkJy2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
822999dbb9b11e4f-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Connection
close
Content-length
0
usync.js
eus.rubiconproject.com/ Frame AD02 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 11:31:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40767
Connection
keep-alive
Content-Length
13280
Expires
Wed, 08 Nov 2023 11:31:17 GMT
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 9B10 		1 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 08 Nov 2023 00:11:50 GMT
content-encoding
gzip
x-age-lb
58000
x-77-cache
HIT
x-accel-date
1699344310
x-77-nzt
AcO1ryc3Nzf/kOIAAA
x-accel-expires
@1700381110
x-77-age
58000
x-cache-lb
HIT
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
25b02131942badd146d24a65bb022f21
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
getuid
ib.adnxs.com/ Frame E4F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame E4F7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=0d4c4850-f29c-43f3-8379-db1657110bae&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0d4c4850-f29c-43f3-8379-db1657110bae&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d9de3f904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=0d4c4850-f29c-43f3-8379-db1657110bae&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame E4F7 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E4F7 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame E4F7 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 varnish
x-served-by
cache-fra-etou8220035-FRA
server
nginx
x-timer
S1699402311.558005,VS0,VE9
x-fastly-to-nlb-rtt
7456
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame E4F7 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:7475:e79:22d:1b43 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:50 GMT
X-Fw-Request-Id
ume35d7_1699402310553411891
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E4F7 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 08 Nov 2023 00:11:50 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame E4F7 		0
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=38991821625407099461919974533134750856&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=38991821625407099461919974533134750856&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999daaec8904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v053-0bbb8674b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
NpLuwZndSnE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=38991821625407099461919974533134750856&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame E4F7 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame E4F7 		0
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7298877344205895836&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7298877344205895836&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d97dcd904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7298877344205895836&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Date
Wed, 08 Nov 2023 00:11:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame E4F7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=8chtfRzbJF7aAXr60ODUde&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-47...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=8chtfRzbJF7aAXr60ODUde&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d9de3a904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:49 GMT
via
1.1 google
last-modified
Wed, 08 Nov 2023 00:11:50 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=8chtfRzbJF7aAXr60ODUde&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame E4F7 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d8fd68904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
cache-control
no-cache
x-server
10.45.4.146
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-eOya02xE2oozo5aSCKJedXcxLDQ6GQjMJQ--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-eOya02xE2oozo5aSCKJedXcxLDQ6GQjMJQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999da9ebc904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-eOya02xE2oozo5aSCKJedXcxLDQ6GQjMJQ--~A&zpartnerid=570&env=mWeb
date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=d0v2XHHOvEQcZeQ8CyfSqjqbwr7W7OSf%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=d0v2XHHOvEQcZeQ8CyfSqjqbwr7W7OSf%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999dafeec904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=d0v2XHHOvEQcZeQ8CyfSqjqbwr7W7OSf%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame E4F7 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame E4F7 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.15.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by
beacon-n014-dub-prod.krxd.net
date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1699402310
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame E4F7 		95 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/png
date
Wed, 08 Nov 2023 00:11:38 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame E4F7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
0
0
v2
usermatch.krxd.net/um/ Frame E4F7 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E4F7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0...
0
0
87734
tags.bluekai.com/site/ Frame E4F7 		0
0
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame E4F7 		0
0
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3...
  • https://mwzeom.zeotap.com/mw?cid=LOP090DS-21-LF8&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LOP090DS-21-LF8&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999db4f0f904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LOP090DS-21-LF8&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame E4F7 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame E4F7 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999db1efa904f-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame E4F7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=peISpvflFaW-them8uAL_qPlFvW-shHypLGNrgSm&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447...
95 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=peISpvflFaW-them8uAL_qPlFvW-shHypLGNrgSm&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d8cd36904f-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=peISpvflFaW-them8uAL_qPlFvW-shHypLGNrgSm&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame E4F7 		557 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
187f8ae25e758b20380ae18e2d97b88e6cbe1720a5c99b5ce10a243d36163944
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
822999d88d11904f-FRA
access-control-allow-headers
*
khaos.json
token.rubiconproject.com/ Frame AD02 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 6A16 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:02:40 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
69745
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
RJyTgZVjOLOlX5BQyllVKeYrQtcV26Hu1NPkof9MnQ4z2BKF4M2o6g==
15581
rtb.gumgum.com/usync/ Frame 4AA4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.165.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
01227749283a015a86ca0300394be056764b1dec7127f4eb1b1c1b8a6b48dee9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 08 Nov 2023 00:11:50 GMT
etag
W/"0830a7cb4ab04b8c49b7fdc6292d21090"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 1F11 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 08 Nov 2023 00:11:50 GMT
csync
sync.adtelligent.com/ Frame 28DA 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AM5n5Ldr3vIly3qW
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Wed, 08 Nov 2023 00:11:49 GMT
Etag
cda89f21808a23b6
Server
Adtelligent
sync.php
pixel.rubiconproject.com/exchange/ Frame 9B10 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9B10 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3DCEN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 9B10
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4219359789409642649&vid=3ced02bbfa54884d803382ed9c503c87&dspid=adf
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4219359789409642649&vid=3ced02bbfa54884d803382ed9c503c87&dspid=adf
Protocol
HTTP/1.1
Server
212.36.83.246 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4219359789409642649&vid=3ced02bbfa54884d803382ed9c503c87&dspid=adf
date
Wed, 08 Nov 2023 00:11:50 GMT
server
nginx
content-length
0
content-type
text/plain
all
csm.eu.criteo.net/ Frame 7AC9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=NML51Rgi6j7zX4UU0U0_kHjP2HxnSwYicajBn7gJGYDI_rhQPjUjpkD7m-50J3ZsDsFEhQb9uq_JgFyYOz5bVsB8iCr5nuOBZ399L5VU14EeQzlgGUSrjHpGa2Mo-tXs5PAV9TZHTfsxucmqyvkVUYHpB82mEx1l2xDundHRxl-GpvrrekeZgMJGdgSO-DguyfvErJUYkeLycKhnhJuA8ExaWunlLSFrreY0QPIIQCAoJLBHzkPHGhrplAYWw31et9lSJQ&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUrSPgANEvUA-RYGAAv4vpoNRjnru-d1u19SzQ&u=%7CQiQz7cATCXpwcTWzdOlksozqPoAQwa7QHUJlAyxC7AU%3D%7C&c1=TEbw32HdmhlTb08vzaRE0-J3aJQULXRb6S19EAZ80X2gBTzv4Dq5xMxb2AiDpyinZYbjjDWoUakErtlhTd2JmaSklCOOZo0W-piq26NrEBxUb8xVN_cp5I8x-wUEt7pw6cwuTRtdA8EltcQ1Xt2vfwBMgRH_HZo9p-9jusXlhm9InHDOWE78Jvv-qSR5LQOBm1aE6O8RUqaRfgcAB3qvb3GnDEHzwh9u7JQkNlY6C42HFnj8oOmWaE4zsJOxDo2yLz5e7ORSUte9Gay4xIBm1RIWIrAIdAytOjuqfL1Bbo4YgCNojCPsBfr84DFaGXomeVs6n2yo32u_XkvBjJ-mnAlbpsK1OWeRCEvreiD1MG7-WOpB7ZW_xsJ0SQfJIKOWX-tZaV4bHfzwVcE8cPJiLetzAm_uJtd3Xn2aeXRgJC486VNsi0OukLBb_KMT-Um665AVAeMp5RxPN4zWUPnhLhAbl-e-cAWfxRsbkaJ3uHMGZZsSso4pSyaEiTce4uHGXAJWpA4sP_2Rklw307x0hXDsoU7ZjTufrdg_6NX3UWkCm2C1GyQXKEwkhg4YIucfnN1MPeq2_WcpK1crREvwVuQiKZICvJWiQZUD8zjl2yGn4PEdXslCZQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkezaPtJKZfWlNIas5LcPvvGviAfJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTY4ODA1MzMyNjM1MzUyMzTIAQmpAvxC_Kni7LE-qAMByAMCqgTkAk_QNSOFzLSGAuAuiUyTgaUIjwEyE2zHJyvK3pVEpHAHhz7mbEpzHL9RT2bNOH81ycA6Uy3LVo7TVg54Yw6yNU8khsuQgmjaU9l612LOyiQIGkOPTXnZ_oTqNJamO1WTBIr2NvXeHaiXJy3t1oa6Ld6lAoCyHQvjBZAaUHIyCr_XSg2PvBUrkkfcYMlzJH5Z9Y7FlH1Fc6Qr_zi550wb65X94QWPyBLQPclBBa8Df1_1aFnLzoR_Np8a7gRbbAnQjcZNroO9GQ_zssOhUKsuE-H2tfX_1SsFWQOlGN2hH2kjRwE9sChLj309GoxSGpBQPrYe0HU59907CbHILwJVVcDEaHg5isHzzDE8DiwBygFsZ2bEhZkffrT6dchjWWRtHwEP_-64xDe5OF1PppfflmZGzxz2OjHmdenwUbV37B3wn6QykUbK7xlazGrRtsyrbCwj-aVG1qNMBJQZpL7DrP5J-Il_gAbq9p653YHq7TigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26p2T-AbToZZGkD5xOoIkGzsj-fg%26client%3Dca-pub-6880533263535234%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 08 Nov 2023 00:11:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usersync
usersync.gumgum.com/ Frame 4AA4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1303356955576139268
0
0
sync
pool.admedo.com/ Frame 4AA4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_52fca002-00c0-470b-9219-651e59a76220&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_52fca002-00c0-470b-9219-651e59a76220&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8d1e8f88-28dd-4da9-a9dc-0b4625809aaf
0
0
cm
us-u.openx.net/w/1.0/ Frame 4AA4 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Nov 2023 00:11:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame 4AA4 		0
0
usersync
usersync.gumgum.com/ Frame 4AA4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-.3jDJHpE2pd.0aMpi8PYx1Y8HtrHNz_blHrR~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-.3jDJHpE2pd.0aMpi8PYx1Y8HtrHNz_blHrR~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 08 Nov 2023 00:11:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 08 Nov 2023 00:11:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-.3jDJHpE2pd.0aMpi8PYx1Y8HtrHNz_blHrR~A
content-length
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 4AA4 		0
0
142
match.deepintent.com/usersync/ Frame 4AA4 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 4AA4 		0
0
usersync
usersync.gumgum.com/ Frame 4AA4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=9r3ug85Mx5ep&ev=1&pid=558355
0
0
sync
ssbsync.smartadserver.com/api/ Frame 4AA4 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.69 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 00:11:50 GMT
content-length
0
um
sync.e-planning.net/ Frame 4AA4 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=51134e9d68cfb030&uid=e_52fca002-00c0-470b-9219-651e59a76220
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Wed, 08 Nov 2023 00:11:50 GMT
content-type
image/gif
usersync
rtb.gumgum.com/ Frame C04A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=4219359789409642649&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4219359789409642649&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.165.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4219359789409642649&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 5591 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81MmZjYTAwMi0wMGMwLTQ3MGItOTIxOS02NTFlNTlhNzYyMjA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B9E5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=39902
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 08 Nov 2023 00:11:50 GMT
expires
Wed, 08 Nov 2023 11:16:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9587 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Wed, 08 Nov 2023 00:11:50 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 6669 		0
0
usersync
usersync.gumgum.com/ Frame 54CC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Z6otTrJSo3b0QJsWMMuK&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Z6otTrJSo3b0QJsWMMuK&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 08 Nov 2023 00:11:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 08 Nov 2023 00:11:50 GMT Wed, 08 Nov 2023 00:11:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Z6otTrJSo3b0QJsWMMuK&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame E92F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D51134e9d68cfb030%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Nov 2023 00:11:50 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 08 Nov 2023 00:11:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame E92F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Wed, 08 Nov 2023 00:11:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 11:31:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40767
Connection
keep-alive
Content-Length
13280
Expires
Wed, 08 Nov 2023 11:31:17 GMT
khaos.json
token.rubiconproject.com/ Frame E92F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
idRequest
sync.aralego.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.unblockia.com
URL
https://cdn.unblockia.com/h.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgcugGtOmskxgkK3PxZ-yZczUsDxgHw0zrHq8gZm7Fx-3Ta3Arzv2-lbJ7MdQ3I9By4-WDmfxatMBffPywayvNHFytD8OoSI2lmFe5p-_jsfzOu-rrUIr_L1Q750UuWt7QNyaxSR3xlA&sig=Cg0ArKJSzO1phgJ0j2yyEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=318520305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1699402297933&rpt=1637&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbO1BT2wYqJggQD0vZ84_NE1Q4e3ZCpzYn_DeqOutnE6ga4bYsx5-LnAJ2vGCpeBfYlYmGtfDxsIqw90yGekqY7RSxytuisZwtmITdhsgZ1J2jxx3OvMililDQMONuheBTp6shzH5EPQ&sig=Cg0ArKJSzBIxmiYdPahjEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3008943920&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1699402299221&rpt=346&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
cdnv.detik.com
URL
https://cdnv.detik.com/videoservice/hotspot/604a115c00bc4116a44ef6f7a989655a-hotspot.json?crtm=202311080111
Domain
user-sync.adxpremium.services
URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c7fc5f533ea3cf7c4fb098355e4033389f2cbbac5c7ba6b12868154c4cd78e1
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUrSO-DHgMKaZjBnVxnF7QAA%262172&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ef67b6c8b9846738b70a2bb899ce032
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361&_test=ZUrSRgACGp_VFABH
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361&dcc=t
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/87734?id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Domain
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4dab0761-f8eb-447b-5f0c-2f3248f3a8ee%26reqId%3D883adff0-c4f4-4715-4fbc-bfd8929fd440%26zdid%3D1361
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=1303356955576139268
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=8d1e8f88-28dd-4da9-a9dc-0b4625809aaf
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_52fca002-00c0-470b-9219-651e59a76220&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=9r3ug85Mx5ep&ev=1&pid=558355
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
sync.aralego.com
URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20/%2017.5px%20Montserratff,%20sans-serif&

Verdicts & Comments Add Verdict or Comment

892 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture string| wid_method function| $ function| jQuery object| dtkGTMDL function| _pt object| e string| contenttype object| val object| dataLayer string| id_revive function| extCheck function| extTagging function| create_ins function| getKeywords function| dtkRefreshBanner object| gptadslots object| pbjs function| callAdserver function| removeElement object| googletag object| dfp_keywords object| gpt_slot_objects string| baseurl function| getScript object| __tgconf function| __tginitcb object| dc_params string| asset_common object| framebar_url string| mpc_qc_url object| click object| ggeac object| google_tag_data object| google_js_reporting_queue string| brandId string| shortenUrl string| site object| shareBox object| article object| google_tag_manager string| GoogleAnalyticsObject function| ga function| readCookie string| LogAnalyticsObject function| collectEvent object| _sf_async_config boolean| google_measure_js_timing object| gpt_billboardtop object| gpt_leaderboard object| gpt_medium_rectangle1 object| gpt_mr2 object| gpt_mr3 string| gpt_medium_rectangle2 object| gpt_bottomframe object| gpt_newstag object| gpt_skyscrapper object| gpt_newsfeed2 string| gpt_balloon string| gpt_balloonkiri object| gpt_hiddenquiz object| gpt_newsfeed1 string| gpt_topframe object| gpt_parallaxdetailfixesize object| gpt_parallax1fixesize string| gpt_parallax2fixesize object| gpt_inbetween object| pbjsChunk object| _pbjsGlobals function| onYouTubeIframeAPIReady object| gaGlobal object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| gaplugins object| gaData object| __zalgopromise__ object| __postRobot__ object| __xcomponent__ object| xcomponent object| __uid2SecureSignalProvider object| __uid2 function| onLogin function| onResize function| onScroll function| onAlert function| data_oa string| LOG_LEVEL object| DtkXComponent object| regeneratorRuntime object| ox_esp object| embeded object| ifembed string| itbody object| oemhelper object| oembed object| adjustCV function| copyArticle function| enableBtnKirim object| jQuery18103983141426866277 number| site_id function| gCallbackFunctionAutoUserShow object| gTokenMe number| clientId number| attempt function| detikConnectAutoUserShow function| detikConnectAutoLogin function| onMessageConnectTokenMeHtml function| iframe_resizer function| iFrameResize object| dFramebar object| helper object| detikWidget object| callSticky object| appendPT object| smartbanner function| liquid function| adjustWidth function| closeTB function| closeTBot function| rescale function| recalc function| nullLB function| nullTB function| nullBB function| VRScript function| detectHeightMR2 function| nativeCheck function| parallax function| ads_close function| loadScriptAsync object| scriptLoaded function| checkBannerAvailable string| axel number| a object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 undefined| warnJQueryUndefinedStr function| MD5 function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| detikLiveUserCounterResponse function| purl function| Cookies string| result function| pushEvent function| getArticleId object| selector boolean| set object| media string| target string| connectDomain object| testOtherConnectDomain string| connectTokenUrl object| detikConnectIframe object| _cb_shared object| TEAVisualEditor object| LogPluginObject object| bytdc function| sendTheShowRec object| core object| __core-js_shared__ function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| tiktokEmbed object| __iat_api object| _cbm string| title string| url undefined| jQuery18103983141426866277_1699402296261 object| _mappingResponses object| __tgunits number| _ddomainhash number| _dvisitorid number| _dinittime string| _dcreateddate string| _darticleid string| _dkanalid string| _ddetikid string| _dcustomparams string| _dextraparams string| _dSUBTYPE_WEB string| _dSUBTYPE_MOBILE string| _dacct string| _dacct_sub string| _dwv string| _dgifpath string| _dhash string| _ddn string| _dtimeout string| _dtcp number| _dtitle number| _dsendtimeout object| _ddoc object| _dloc string| _dcookie function| detikTracker function| renameKeys function| execution function| collectData function| processData function| sendData function| _dGetCustomParams function| _dGetExtraParams function| _dConstructMP function| _dFixA function| _dFixB function| _dDomainHash function| _dDomainPath function| _dHash function| _dGC function| _dES function| getCookieData function| setCookie function| setIDs string| ids object| newKeys object| aID object| data object| detikBigDataSdk string| efiddr string| ariddr object| colldr object| colltm string| CONTENTTYPE string| SITE_NAME string| PLATFORM function| triggerTheEvent function| collectTheData function| collectionReady string| connectRefreshTokenUrl number| google_unique_id object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| dsrec object| dcInfo object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp object| adunit1 object| colombiaactive number| randomvaldatatest object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb undefined| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| passbacktest1 number| netacuitycpde object| block_url number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size4681status number| size4682status number| size4683status number| size4684status number| size4685status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size3201001status number| size3201002status number| size3201003status number| size3201004status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size3204801status number| size3204802status number| size3204803status number| size3204804status number| size3204805status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs function| getQueryString_val object| preebidwork object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| and_geo_block object| a9slots function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| anddetectMob function| isInteger function| myTimer function| isVisible function| bidadjust1 function| refreshbidpageview function| andbeyonddisps function| addListenerMulti function| refreshBid1rtb function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| _aps boolean| apstagLOADED object| apscustom string| timezonename number| current_time object| adloox_pubint object| ignore object| lotame_sync_16576 function| ha function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| au object| verticalPercentages undefined| elementHeight number| pageHeight number| page string| thresholds number| push1 number| push2 number| push3 object| threshold undefined| timer object| GoogleGcLKhOms object| adsbygoogle number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests number| refreshval number| number5 object| demoad number| success number| timeflag string| idnew2 number| knew number| j object| andbeyond72810 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val object| id1 number| tempnetwork object| temp_net string| temp number| videoa9flag string| mediaType object| sas object| apntag object| _ADAGIO string| idnew12 string| context object| videocode number| videounit string| contextvideounit number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passiveandbeyond72810 number| activeandbeyond72810 number| time_refreshunitandbeyond72810 number| nextnumberandbeyond72810 number| newflag number| diff number| flagnewone number| iframe1 string| iframeid number| flag number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp22 number| sizehp21 number| sizehp1200 number| sizehp20 number| sizehp7 number| flag2 string| adunit3 string| adunit2 number| countdivgptad16884682632210 number| tempval number| strategy2 number| flag4 number| status300new number| statusdivgptad16884682632210new number| stat string| id2 string| andbeyonddivdivgptad16884682632210 number| andbeyondwidthdivgptad16884682632210 number| andbeyondheightdivgptad16884682632210 number| countandbeyond3001 number| activeandbeyond3001 number| passiveandbeyond3001 number| time_refreshunitandbeyond3001 number| nextnumberandbeyond3001 number| counterefreshandbeyond3001 number| startdate number| mseconds number| crontime object| timerefreshand number| status_bad string| aff number| len string| pos1 string| text number| width1 number| height1 number| width2 object| andbeyond3001 number| strategy2andbeyond3001 number| strategy2widthandbeyond3001 number| strategy2heightandbeyond3001 number| strategy2typeandbeyond3001 number| strategy2counterandbeyond3001 string| adunit2andbeyond3001 number| widthidandbeyond3001 number| heightidandbeyond3001 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond3001 string| size object| ONFOCUS number| videoflag

78 Cookies

Domain/Path Name / Value
.detik.com/ Name: _gcl_au
Value: 1.1.1886375018.1699402297
.detik.com/ Name: _gid
Value: GA1.2.2001578400.1699402297
.detik.com/ Name: _dc_gtm_UA-891770-59
Value: 1
.wolipop.detik.com/ Name: _ga
Value: GA1.3.85861306.1699402297
.wolipop.detik.com/ Name: _gid
Value: GA1.3.2001578400.1699402297
.wolipop.detik.com/ Name: _gat_UA-891770-223
Value: 1
.detik.com/ Name: _cb
Value: DCtnp9BKQGx32D6O_
.detik.com/ Name: _chartbeat2
Value: .1699402296845.1699402296845.1.oLWZCsaE5CDdfw41DpUMp-RMDgz.1
.detik.com/ Name: _cb_svref
Value: null
.wolipop.detik.com/ Name: _tea_utm_cache_226201
Value: {%22utm_source%22:%22twitter%22%2C%22utm_medium%22:%22cpc%22%2C%22utm_campaign%22:%22detikcomsocmed%22%2C%22utm_term%22:%22ctw%22%2C%22utm_content%22:%22wolipop%22}
.ads.adnuntius.delivery/ Name: usi
Value: yyq8!adnfp7932fada72681a9f
.ads.adnuntius.delivery/ Name: sessionId
Value: 590ad5208c56cc1acecbd458a6ef1085
.ads.adnuntius.delivery/ Name: i
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: r
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: s
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: v
Value: 0AAAAAQAA
.ads.adnuntius.delivery/ Name: c
Value: 0AAAAAQAA
.detik.com/ Name: lotame_domain_check
Value: detik.com
.insurads.com/ Name: ___iat_gid
Value: 0DFB0B19CD42A0AB
.detik.com/ Name: ___iat_ses
Value: 0DFB0B19CD42A0AB
.detik.com/ Name: ___iat_vis
Value: 0DFB0B19CD42A0AB.75740ad30ede67d312e8bb4d7fdcd431.1699402296839.dbf5b14e7550f873e4d41ecc85e876f6.RRUURIEUEZ.11111111.1.0
.criteo.com/ Name: uid
Value: bcc51b13-7674-4d95-9d44-382a2d5fdd84
.yandex.ru/ Name: yandexuid
Value: 7431839061699402296
.openx.net/ Name: i
Value: 2080f240-3175-44d6-94c1-97b2665de830|1699402296
.detik.com/ Name: __dtma
Value: 146380193.1520062792.1699402297.1699402297.1699402297.1
.detik.com/ Name: __dtmc
Value: 146380193
.detik.com/ Name: cto_bundle
Value: TESkIl9uTkdQbUtDJTJGenBZOWo2UjVIM2clMkJFMlM3NmF2dDR0TWVYeWhiaGFRWnVRaGh3V3NDVHpobHdVRGtBTVdoJTJGNkduQnlsRnh6MUhqaSUyQjg2ODY2Y1NpSWVEM1JRWm5sekZ1MWpjJTJCSW1KTkc3ZnpoQ3NYWVpmOUhWMWx2VzFINklKa1EwTEZjaVd6RGVGUHBWYXFUNnh5a3hnJTNEJTNE
connect.detik.com/ Name: acw_tc
Value: a3b55c9916994022969516184e9487f0bc2f034bf76c6641353fabde23
connect.detik.com/ Name: cdn_sec_tc
Value: a3b55c9916994022969516184e9487f0bc2f034bf76c6641353fabde23
.rubiconproject.com/ Name: khaos
Value: LOP090DS-21-LF8
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoVpnvaz/66hLU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDmBoBS3avc4bCeaobkh/5VNrtgbyWheu4zBL9RgbQbtMlys8dswlmEchkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.tiktok.com/ Name: ttwid
Value: 1%7CDgM81jvoyKBRI7l0fjn5KQ8eEGLX8r7i7k1xrsZMGJQ%7C1699402297%7C61ad2e4272145e1a2626e6936011f9c488d8ce9d09b6226edcd8b84fa1ae7f62
newrevive.detik.com/ Name: OAGEO
Value: DE%7C07%7COberhausen%7C46117%7C51.5005%7C6.8859%7C%7C%7C%7C%7C
.detik.com/ Name: dtklucx
Value: gen_2d8ce65a-fe31-1d93-d477-a2ebc133bef5
.doubleclick.net/ Name: IDE
Value: AHWqTUktACvCYIgb--LTEKKQVJvRqA_kQiDsHQMcQgZr-d9Exuqm9DCGc-leW11fmSI
.detik.com/ Name: __gpi
Value: UID=00000cbc1e220ed5:T=1699402297:RT=1699402297:S=ALNI_MYHmF7WJmEofRg0ucXMsWHjHsfEQw
.casalemedia.com/ Name: CMPS
Value: 2175
.casalemedia.com/ Name: CMID
Value: ZUrSO-DHgMKaZjBnVxnF7QAA
.casalemedia.com/ Name: CMPRO
Value: 2172
.doubleclick.net/ Name: APC
Value: AfxxVi4UTNJlXlBYdHEE7FKiNF-XzN6hR8naWHtvd7oCcy3W5kEssw
.adnxs.com/ Name: uuid2
Value: 1303356955576139268
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In?e6m-]!]tbPl1M>e)ZlrFUfJ+tGXxp$IHm:#@n)EUSe0HeXoxu0QJlwgaaVZ_](qTy3If)y3KL9D3I?-)d(':u
.quantserve.com/ Name: d
Value: EAIBCQGwKoEA
.quantserve.com/ Name: mc
Value: 654ad23b-a1aa7-90202-e757f
.ctnsnet.com/ Name: gid_CAESEABNQ3tCpp3eini06hSCZjo
Value: 1
.blismedia.com/ Name: b
Value: 654AD23B26CC5A506C9A1663BLIS
.w55c.net/ Name: wfivefivec
Value: xwOGpwmJ1R0wav5
.lijit.com/ Name: ljt_reader
Value: HnnrtGZHCkXwMt58TgqqPv27
.w55c.net/ Name: matchgoogle
Value: 5
.ctnsnet.com/ Name: cid
Value: acc155392dff4deea25c62c9ee8a07d8
.byteoversea.com/ Name: msToken
Value: FGWRBJ6e1T491sPLrzIw3BpuEe7mn4NNSsvpzYB-bu0o0sc8P5FMTrFUT72c-5XA8Nz0pNYobaI15XJXZQiMzvTyovk6X5Pbx-pWHXJkZSU=
apicomment.detik.com/ Name: comment_token
Value: Vx7RpLUF9AAZt0QJiFm0XX6Pu8snhExevVmVf2M469vfTE4Y9qc8RG8KSDv4zPtq
.3lift.com/ Name: tluid
Value: 4226332137213635066202
.simpli.fi/ Name: suid
Value: 7755536A1CD74E54B478517B392FB406
.adform.net/ Name: C
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: b9cc4920-d303-48fd-b033-d9f19aeae91c
.adform.net/ Name: uid
Value: 4219359789409642649
newrevive.detik.com/ Name: OAID
Value: b5383d81e91dfdfd0031e93fb42763d0
wolipop.detik.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.detik.com/ Name: __gads
Value: ID=4d3eaac71f58d931-22aa45f7a8e300df:T=1699402297:RT=1699402302:S=ALNI_MYMzE5J-r6rw_NmPSXMAhn__v6Ucg
.20.detik.com/ Name: _ga
Value: GA1.3.85861306.1699402297
.20.detik.com/ Name: _gid
Value: GA1.3.2001578400.1699402297
.20.detik.com/ Name: _gat_UA-891770-223
Value: 1
.detik.com/ Name: _ga_CY42M5S751
Value: GS1.1.1699402296.1.1.1699402303.53.0.0
.detik.com/ Name: _ga
Value: GA1.1.85861306.1699402297
.yahoo.com/ Name: A3
Value: d=AQABBD_SSmUCEKhQnH8OxQP4Jpc9SLFpGQYFEgEBAQEjTGVUZQAAAAAA_eMAAA&S=AQAAApS5kKPJ-kRH8aYEG14fQao
.tribalfusion.com/ Name: ANON_ID
Value: amnteZby4ZawFBA9MAIEno9S9jW5ZdjMFxt7eaivISmiE1DfNZbtECUbQH5TEfGhsUeYPxPJhXdT7NB9Fx5HngeOBZbqaJZchbMU8b
.detik.com/ Name: __dtmids
Value: 7017040,220416104
.detik.com/ Name: __dtmb
Value: 146380193.2.10.1699402304
wolipop.detik.com/ Name: ucf_uid
Value: b4b9b393-09e5-4b1e-94bb-34b46499fbb6
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: a23cf4d0-4ec9-5238-8f2f-9ebdea654cfd
.betweendigital.com/ Name: ut
Value: ZUrSQAAIvkgJNrxh9wJi1hRF0qHJgljyI9m0dA==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.script.ac/ Name: __cf_bm
Value: xvXX9F8EG59W8xaoFLbOrhlZiTUGTrxRKJHmVbz4MiQ-1699402304-0-AR8QAsVOkCpgkPNM9rToGWItmHQ34aK4BU/uLYtden7beH4PoRhCRIYPJY3yzhRL8bPiEmXAwwFqjESjM2oehnA=
.tiktok.com/ Name: msToken
Value: OYx2SNXbLqMGEIrf1QCWygTfjJDC7xLntF4n-x8MSWiP2lNCF2a6AxWKofISCv3TfWhKeHqsGIzdcm4pNmVOn5Nf4a-X3hO59gjYGK1rNXhNRWaZgpDh
.adnxs.com/ Name: icu
Value: ChkIvpOEARAKGAEgASgBMMCkq6oGOAFAAUgBChkIiOiFARAKGAEgASgBMMGkq6oGOAFAAUgBEMGkq6oGGAE.

18 Console Messages

Source Level URL
Text
network error URL: https://cdn.unblockia.com/h.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation warning URL: https://awscdn.detik.net.id/libs/newcomment/js/xcomponent.frame.min.js?2023110807
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://awscdn.detik.net.id/assets/images/socmed/icon-whatsapp.png?v=2023110807179
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://cdn.detik.net.id/libs/newcomment/js/xcomponent.frame.min.js?v=1
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.587/index.js(Line 3)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other warning URL: https://awscdn.detik.net.id/detik/libraries/jquery/1.8.1/jquery.min.js(Line 1)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript error URL: https://20.detik.com/embed/220416104?smartautoplay=true&smartautoplaylazy=true&unmute=true
Message:
Access to XMLHttpRequest at 'https://cdnv.detik.com/videoservice/hotspot/604a115c00bc4116a44ef6f7a989655a-hotspot.json?crtm=202311080111' from origin 'https://20.detik.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdnv.detik.com/videoservice/hotspot/604a115c00bc4116a44ef6f7a989655a-hotspot.json?crtm=202311080111
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D51134e9d68cfb030%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=51134e9d68cfb030
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4dab0761-f8eb-447b-5f0c-2f3248f3a8ee&reqId=883adff0-c4f4-4715-4fbc-bfd8929fd440&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; always
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

060458609ae72177eade0fb5250c91c5.safeframe.googlesyndication.com
20.detik.com
5da7e412513b6e5ad73f69eece9db640.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.adlook.me
ads.adnuntius.delivery
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.us.e-planning.net
adxbid.info
ajax.googleapis.com
akcdn.detik.net.id
analytic.detik.com
ap.lijit.com
apicomment.detik.com
applets.ebxcdn.com
awscdn.detik.net.id
awscdnstatic.detik.net.id
awsimages.detik.net.id
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.ampproject.org
cdn.aralego.net
cdn.detik.net.id
cdn.hadronid.net
cdn.id5-sync.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.unblockia.com
cdnjs.cloudflare.com
cdnv.detik.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
collent.detik.com
config.aps.amazon-adsystem.com
connect.detik.com
connect.facebook.net
cookies.nextmillmedia.com
crcdn01.adnxs-simple.com
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
data00.adlooxtracking.com
dclk-match.dotomi.com
detik-d.openx.net
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dtk.id
eb2.3lift.com
editorial.femaledaily.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fra1-ib.adnxs.com
gcm.ctnsnet.com
ghb.adtelligent.com
ghb1.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.aralego.com
hbopenbid.pubmatic.com
i.clean.gg
i.e-planning.net
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imageproxy.eu.criteo.net
images.detik.com
invstatic101.creativecdn.com
j.adlooxtracking.com
lb.eu-1-id5-sync.com
lf16-data.bytepluscdn.com
lf16-tiktok-common.ibytedtos.com
lf16-tiktok-web.ttwstatic.com
loadeu.exelator.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mcs-va-useast2a.tiktokv.com
mcs.tobsnssdk.com
micro.rubiconproject.com
mon-i18n.tiktokv.com
mon-va.byteoversea.com
mp.4dex.io
mssdk-va.byteoversea.com
mssdk-va.tiktok.com
mug.criteo.com
mwzeom.zeotap.com
newcomment.detik.com
newrevive.detik.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.adlooxtracking.com
p16-sign-sg.tiktokcdn.com
p16-sign-useast2a.tiktokcdn.com
p77-sign-sg.tiktokcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prg-apac.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
rech.detik.com
region1.analytics.google.com
rtb.adpone.com
rtb.adxpremium.services
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rtbdemand.apiip.net
rtbpass.andbeyond.media
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
services.insurads.com
sf16-secsdk.ttwstatic.com
sf16-short-va.bytedapm.com
sf16-website-login.neutral.ttwstatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adbutter.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.admanmedia.com
sync.adtelligent.com
sync.aralego.com
sync.dmp.otm-r.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
toblog.tobsnssdk.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u-ams03.e-planning.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usersync.gumgum.com
v19-web-newkey.tiktokcdn.com
vid.vidoomy.com
vmweb-va.byteoversea.com
vod.detik.com
vpaid.vidoomy.com
wolipop.detik.com
wrappers.geoedge.be
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tiktok.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
b1sync.zemanta.com
bn01.er.bemail.it
cdn.unblockia.com
cdnv.detik.com
dsum-sec.casalemedia.com
i.liadm.com
match.deepintent.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
pagead2.googlesyndication.com
pool.admedo.com
sync-tm.everesttech.net
sync.aralego.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
tg.socdm.com
user-sync.adxpremium.services
usermatch.krxd.net
usersync.gumgum.com
103.49.221.109
103.49.221.112
103.49.221.99
104.126.37.176
104.126.37.185
104.21.79.241
108.138.9.235
13.224.192.181
138.199.37.212
138.201.8.249
141.95.33.111
142.250.185.226
142.250.186.66
145.40.97.66
146.75.118.113
147.160.191.131
15.197.193.217
151.101.195.52
162.19.138.119
162.210.196.208
163.181.92.233
172.64.151.101
178.250.1.6
178.250.1.9
18.195.255.178
18.207.95.25
184.24.77.12
184.24.77.5
184.24.77.6
184.30.16.183
184.30.16.195
184.30.21.51
184.30.211.26
184.30.22.30
185.106.140.18
185.15.245.82
185.184.8.90
185.64.189.112
185.83.71.234
185.86.139.116
188.42.191.196
192.96.203.13
193.108.153.12
193.108.153.16
193.108.153.23
193.232.148.134
193.3.178.1
193.3.178.3
193.3.178.4
194.55.244.177
198.47.127.19
2.16.1.131
2.16.97.41
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
203.190.242.102
203.190.242.172
203.190.242.182
203.190.242.244
203.190.242.26
205.234.175.175
209.54.182.161
212.36.83.246
216.52.2.48
23.36.163.15
23.56.202.187
2400:52e0:1e00::1080:1
2600:1f18:6593:f600:7475:e79:22d:1b43
2600:9000:211e:ec00:1b:5138:8a40:93a1
2600:9000:223c:8600:3:74e5:6700:93a1
2600:9000:2250:d400:a:e047:753:a221
2600:9000:236e:1400:2:d490:4d80:93a1
2600:9000:2646:200:18:1fcd:353:c61
2602:803:c003:200::44
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:10::6816:4092
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:567
2606:4700:20::681a:b19
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:994e
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700:e0::ac40:6327
2606:4700:e0::ac40:6606
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c03::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::c
2a02:6b8::90
2a02:6ea0:c700::11
2a02:6ea0:c700::18
2a02:fa8:8806:20::2040
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42:600::714
2a04:4e42::300
2a05:d018:d29:3602:abeb:a582:6f70:20cf
2a06:98c1:3120::3
2a0c:5c87:5234::2
2a0c:5c87:5239::2
3.124.41.155
3.127.126.167
3.230.103.202
3.75.62.37
34.102.146.192
34.107.231.31
34.110.136.63
34.111.113.62
34.111.131.239
34.120.107.143
34.120.133.188
34.160.236.64
34.225.59.34
34.247.233.198
34.91.62.186
34.95.69.49
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
35.158.246.49
35.186.193.173
35.186.253.211
35.214.239.135
35.241.10.124
35.241.31.249
37.157.6.232
37.157.6.237
37.252.171.52
46.105.201.233
5.196.111.69
5.200.43.131
51.89.9.252
52.215.231.9
52.29.206.161
52.51.219.175
52.76.29.240
54.220.165.75
54.72.15.103
54.73.143.135
54.78.254.47
54.83.231.26
65.9.66.104
67.202.105.21
69.166.1.66
69.173.144.139
69.173.144.165
71.18.5.241
76.223.111.18
8.2.110.17
85.114.159.118
98.98.134.243
99.86.4.30
00b0534e0ea12ee3bc1fc850484e4ec5cb41e59f3bab1a25001035e59295f1b5
01227749283a015a86ca0300394be056764b1dec7127f4eb1b1c1b8a6b48dee9
02777ce60722eb62690a2825a7c7c2032e6b0fa471710f94a21d69194fecd929
031a4c257d233ca5d5303c10cdb7850dd2c328babb4417c63bc3d8cabded520b
03a420fcae383dfabf110e491fc02256622dc5be6d163e91d5e8c93c7afaf61d
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
061e0e68ebdee88eed1359390a054a4ed6a25f3f63df043001e1acdf90e95253
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bf1392bd317316bc232d0114a050ff434ee599d3761216d4246628598a6359
071562070ca649aa3d83b4e21127430df5202465e65382c9d388575b3ed229a2
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0acab3e854cf29c1e86b5982f3e961ad27660684645dccc774fc2dbe0ccf0c4c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5fbfbc32e4154e3e932bcf9dcdae0e256da51214c009f0410c298600de438
0c41a4b4dddcadaa945a7a8832c525d90e34c05e7861e50f5d4afb62ce9d3ed2
0d188a4373c8d22c08634b257b272d59b146cfc6d84e1acd8b42e59c230521d8
0dfa7af0422273cb13ab6d8b09468e1f92745178b531711abd4bfa7ab5f65a35
0e7c1a149f38de011e3c6069baf6d207ae9f3b669d5b9b54c709a3866f44d780
1012b174f58fbfd8b967796fc77a59dbc3dda4c22b34314b8c0217804ffbdad8
109d800a97659f50b76c7f098693350fd137c916110278de3e49b26477230feb
114c5302ceb26a46f85a9005ddf67fb528675bd68f2a68e6c8d6c17e984500ed
11748731b5e99fcaed9308e003a78cd5ae9f3c7fc0c2266c44f9aa05fac34c1d
138cac3491347502f338b570051be911feb1d1d2fc0ec2ab49d0445e3031cb7b
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1487bfed1f532d8cff7ec61ac6bb53dc91e8745905444ba4fdb237eb19071cf0
14ee4ac69f555e342e9f0d0b90b54a3cf27fd8d097cda7b60e73993780be54ad
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17eca68fa7a38baa853318ffaaef9de79148cf2d654cbd5ccadc25a348071558
180320ea65fbc810fb62f60134ef2329ab4dbce625bce730959440951fed9f48
187f8ae25e758b20380ae18e2d97b88e6cbe1720a5c99b5ce10a243d36163944
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
195338ca4581727aa0f10469ecbf13a61357492eb7ae32a94c8a54a128a4006f
19f202bdb9f02e395b495206fa5e88206be8bca4d9dc317c234c5138cee5542e
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1af8741f9495b5f06d43d556bbb983cfeb723f569cab1019777de546045b3a64
1b266296e43440ff6ec4e7db57aa17e3cf7066d333fdce919cccc85bad19a731
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1d836b9895cd89f5ff460c62f935de64df516af5e40d5e27468599139bb05ef4
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fbeacbf071e282ceb1d4ceb330faf64a13e2ef8f3a989f550561c7bad455c33
1fc8cd1dca1ef4504d16135445d79e6d94243c61d33b73fc4ea3df6a37f59bf4
211f00fbc65c192cd3474af35275ddcbfcdad7d91817ff8d27eb2c4b838d1e10
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22b708f3ebd27eed5651b3b2bbe8e7df0135344ee6830ff1d63f741d47a67cc5
230043bdbf2bbed494610aea51695dea805462ef390722ff19e2e7ff44fc6c67
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63
236efd1b5d4b4758ab0fa79cc1988ca94ac929542a7889d2353bccaf11e76032
238f8c3d8d339295368d0c2a45b3e47e0361e60751a3a54b0949bdf7f42c6300
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
25e7ef98abc38d5473d0908d4e402d9ff5e41d174e36aebd2c4ccd2aaca3ffdd
26d6aad7f9dbbf42e05e5a4adc27dfe665a3e89d7b7d2cd5c8a8706a40df6ac9
2841f0b58e56e2712eed2d6291df511435a7f6b4564f067c7be6eb7ec25a0cc4
2895b2f2583ba79c9e3c9406d70bd0c854361d356d786e39ebddd1215c94130b
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
28e0989daad4fc10a03b96b803681e9797fb4392bfca98de53ab81bd4b80c6a8
291a3f86829da62bc7e6fe45b735cf8b741b36d5b021a154912c19100500d326
29928d7a8a3ffc3d7d75e86717612ee4726569aff1f81f12653c53bcb36d3ac0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7f69d6075fa6c61b69bcf82574e228f826f735b49826463cb0e50d74bc92fc
2c4421942ce4cd0a9187b7356b30adf0bb8465e4ff7cbd660cbb3bf4f17f7cad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f7145a03e0ef52e245eed721111dbc86659db80e8d808f53bc084af19755527
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9
30af116009a7494762c82d2d221731118255a98099f65306bd0a39b256af0997
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5
3225c9376cd8f731c5d65175d9ca584616403f157a9e14c3e3439c7362d9486f
32734708de2b60d67049b01b8c202ea910f44ca2d199c95f1b0b2c4ba626cbd8
327876e6dc85bc451f302f0034dfb6ec90b4e2af215b313c1a855ab5bd14e94b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33c0dd264702a04daa49e6f537aad39f9ade3433b418eb48c0862250ce4fae51
344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e
34dfd15f2be49ca29d9b326555f11b0c5366cc7ca80e9b8c5b65033a2e461543
34ed7cea7ff1fe63ef916d02457828e148200432aa7ea437961105d191d87b7f
35d5137258365a4a68ed46ad9427e900c91000d30213feac8ad8573fce7c5079
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
38650ff4648fce73f11879db7e8123f11ea879173f6e7c32122dbb66b8bf6bd7
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39a268fda0b2f2099a2df8d8c03602c3b7f2b0810c3c5dae9592240066a3f439
39a8cfa1da6c1286553a854de855fb2c679894a2cb9458bc2e80f5c4551887ae
39a9b8bc45e9cb89ea53d89372bbfd9780b0bf6d75a2f60324ca7295c1bb26e6
3b3def1e7433ee0eb222fb3a7bf99154554e5897e325eb7a660b5bbd3ba6f1cb
3b64444ca542f3bd5be8aba927bbf319f8924845d2cf99c053a9a0bc93771302
3cbae38cb278c74757d7a7ae8b0ed4c93f89dc38eb96d6956cd12645557e0fb7
3d29736adca3102c5b6f9c056a2d4ccdebed8bde3a59144efd675de946c1a0a7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8a5c588babb9ec5c0008a9da6090ef1cccbef4a92752f8aa3b728ef04f24f5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3379d92e8eae5605c0ca1a060df87c8a4f212d1bcd54dd935fa509e2e9ca4e
3f3d3a67ed69be257ff2a18d7a4ec97d9c353fba838e43455be2e036b9f14c51
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421d8abf49ef001726fab1455d93087f10547176b0eb90c32efeedfc7bff4f80
4262a45fdf2be233b8fd8e33520b2d0c1720b1c7d55b112a534e6d568a2a1de0
42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c
433d65c08ed611bf6048438f0a053a9dcd44c71735ca7f7c8bbaaa624d37bd6f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
443226297c50ec60437cec4a034055a6f50b01a968979113c14cc0e459265ce2
45a77b87672592488346c65e68b1fa84ba41e4158dd2fdf8bd9e6f3f6ebc8899
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473095fe5e7cbf41b3b155b3ca4c3d976a4a9a8452fa89d195c044f4b3735334
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4871a0b9c15975aadd71635853aa642aee7d193f32232838447cab31592eebcf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49cd9a372cb9cb8696f95e90a13ae7fba40f31b20a1b06a53b030c7e6fdcd475
4a0944089334883b9ef77c59347c440a4580de9a2cad00a368988f7260f38716
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4e05d3d30a2c31ee50a04b9eeaffefcbae14d8296e1f9e1c1365ca7862d96af5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3df751a7777c377172932e5e47d26a4e79521d9842ef579a9269c9d2d39199
4e660117322b78cf89440b7d5f15d74f12fac132787797bba05406f39aba417b
4e7e2b206e2763a8a7a52419f1bc0f3b595ab80c0808fbb940eea61207a4d592
4e81ea33256277be61e086d13820e31000f8c2fad4d866bbcee58d80d9c6b8ae
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fdca1b61d7224a5df2a8b9c05a3def128c8c5f8384b0aa6fc1092adf6611728
50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
52b4bbdad8f69942d3539b461925f9a52a989c01c8df185957d9269171a37120
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c7c4307285eb8ca071d5fb28d0b4ab43e23a33e7c55e285dc4afc08763d39d
5620f97c518ebd7a5dcb2f5d1142a1c6486646636dd0c0a0b66c779493dcc05b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
570d16a0342eaebc6477fbe4ce84bf4140cf612fcfc771deba461dbdfdd49ff9
57f76f718fac37f031fd95f8a54e4373c64d3f7994a57fedb8db8f7779ce9d7b
58fb538eb3721cc6e2f41ef0e1a39492d938e38400b964e5a68f3da8386187c9
599594aa8e813d120c043b6fe02f5bf18b6efa8c6aa762d2a063d7452acff4f7
5a1bba9f89afbf2021b85ed3706da8fcf61ecc880214b6427608c8172a7a7215
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c
5b62c92a026a59a6300033c381478b8a8d8f27aa048edfbf99831cfe483c97f7
5ced7a6147739505555d1a9d8a4ad76af4e31c3cde1a734822f7719487f49c54
5d2e773e8d4e178149eaf884ce7d2bf680daf4341375c2d31b9df91c72936cd4
5f16cbd61c5063eee06064df8697819fbb972df80a1f022fdf59954c6b1f533e
5f35112e0f2c03c88df5a42a186901b4f68edaabaefa1f192378bcb055b025cb
5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64
5fe91a665f766809bbcdd7d59c1ebe99b60ace8fa2eee2c51572ea12f134b9ec
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61268b14700ddb3aef72f067203f53125398eeefed477c13070f2d9087b45482
612de15716d3169ba9cc191c5f6d07c3c8a066a443e6f02dd1360cd0406fcb19
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
63ed7567316546bda8364d243d604fb723d1e5e0b7f8385e468d3f2b33a844ad
64eafcb995dfd84bf17ef82846df5fb78bfc6871e6f808e8ddbaf4823369ded0
64f5f978aca34032a078c903966a46eb02bfbbd36bec4c6f016e387ff37b1c53
65fae2b0792a4918050e4f36ed548eaee879552cfd8277bad6e1e96300695347
662c395d5c88739dcc6ed8beb450c046a0c8c3b47b7a4cddb35476956c8976a2
668d8dc313b0147da354412d4296b99d1f0356632946ecb5a511ba4c82a59be2
6751f89415665b475b916c3087aa6f86de225b234ad32e1bb5e072ea3e60273a
6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e
67c6ec0e1abab4a803f6894a955dc2fe7074c551786225e386483cae0bf26fc9
6800c5e3e1b49d24b20b04862f60bfd58d5676a4e42ae455a391bf3d23a253f4
6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c
6891bd0b15d6d46aa940bb049678c7156f56a1192d8b734763b829ab48dd1f01
69b1bf566a21c366a6a3a16ebb4ac9d11901c3cf6c145ef90ecc3d91248edc87
69eb8794163c82e04d2e3d9f97dabff40bf59fc52644c42dbb323a82291be55c
69f3a028811691af318463d3ee24db6106a24f5935dc47263f0c389a53bf39cf
69fb4538a638d612d205aea2ede0fafa430b2d03b3eaa3ff8889ea7f1365397d
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6a6be88bdc5a0a4192e31be5dcb0335086374e7deec413a2a6a847f5ae29ea4b
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aec49acce60073ad6f03b5bfd880cb0513e184d323b8e31fee25452853b7154
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c1e6f843e3f5a0d5245cf4bc7a903ed73425697a8e64a28bb1051ec4959964a
6e6ca6bc94e55cd105cca2cc6a49527c726d6b74f95ca7106eec8a2f10c78165
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f35974f1b57066f8fa45fdd826c4ed52c30fa21c5085eb92356954018761509
71a3ace46042d2c3fc3b5ffba3c6dd6b2b71652251a957638828b11f51459cec
725997506cdc0e9d51e9af233fef8a68f63b1d600c655ef950ffe0114180718c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72f690ccd921d0ad47ae6329912cfb22b67c6aa2549b07e4f36852f614c10f62
73602afa2d94bb8f75431c3ff7a674a95a5599fd23fa3782cfddc283f6611d99
7416333b05fae12d5574877f464bf7d004117c684c6fb9ce7430432a05a20735
7429c2ef890072055ce22b4c434e40342841a7a7d8aa762b846f30ab5d304603
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74d42335413dfbd956d8593d043ce8486ad388bd0f8693d10729ff14e12f4538
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
752389d002379b9fe54cdca5bfa019d01b7427927cd4b04990bcaf7a3595575d
76b8e0c89c29c07ce7b2f79f60afce9de201b93dccf1819cfb97fc27ee461320
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7801aa8868afc3a8bb76b47c2fa6c8af7bc03ec38508ca87b508337c2b13742f
780ca9522494e7cd9f5457755af837ea0f95b2c17386eae7717f844ea9e86c5b
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf
78b3aad5097f420d109fb4ba315b58076e4718118cb6bb5583aba03a2628cdf7
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
792a99e282ccc16b813a512d025afdf0ef3f2634999dba7ec7118bb450c940cc
7941202bc792f9125d713040a0c460c06fc48eda478112850490c19048978237
7a02e87ecf7338a96b773fe46caec0737044e6cbcc6f87539d248a89f80ca90a
7a5efefb96185ed4c2025b21422c6602ba54889de5942803b2dc5f47ae294812
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7d34a47e164ee62fd8fee4fd775d37c36575b412369ade3dbe8afe1a5e20d3c4
7d4720c295f29a6da5d5554683e6e7ba1610ab9ae3bc9e6391e8e923fa44d114
7dadda6cdf94892734b9cdaae1cf3e8bc16b1c41dad54650afe3c02ee0d37f8c
7dd108a4878efcec951ddac3110e53f26a1b7b248f8ab5345f5ad5e667a08fa1
7e7d5842e4d1ca823c3e8a63f7f6fa50eb1a0f7479979d940144cc3fc2139284
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fd367045a99ab837da7993139ed22179ee8dd6a9e1915e83ac9d37c33d77a99
80f1fbeb1e95f186e1ef324d132860cc499bec297a2ef4b673c73478f21692b7
81b007266c8de9f786ea330dbd26fd1e462ebbad9c946dc2287e084336f6bac8
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82140abb49d323ef675484f9ab07527f7ec42f1abba9710fdeed2cf036891956
822c9ee592746876bef88cb477d7e8c553265533709ae25f91c0032b9982df0d
825d9735b1f46d77ddd08900fb38eedb3d9eddcda1b24899b28d5467cdc77725
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8339a47a5089b099276443f0f4ec4bc9c6025711e456ea6e798c60905e341ff8
83ffcaaedcce5daa842ae95dd1ccba7bad10f4d9cbe9dba80eb1eaef3cec7e50
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8543625e3f7ac0df8c6a3a3e5b76674f2d4f3ff087d97681e05c5a084191d737
8546e6cf37b40050d6cc38a67a03ea69e7236ba58e0cc257bfcf2271fa0e7421
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf
874377faac53727d7e7b9b75c09807faeab4bec3016a30fec4f28b36faaa7d71
8819eb4f77e1935b576b698e1bdc9c11569359f8a9b3abfb0e8cf7b561d48a64
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
892cbed999e182e677a982593b4a2b1054156fb5730cad5f14e26467119e062d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a0338c31a2dda363fc288386f7e6ef00426dcc1f18376434061ee4a0394e364
8b146b3737f4bebc3869c3bac0c1b7ad6f561490d9551106505a122fae7011f5
8b5bcaaebe76ce1862259aae892cbaee45427b546d71fc8663fb949517166274
8c9fe0a40d829e6ff37886c0161369e7c4dcb959deb185368a889e99d05f5e1d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e552b0ed5e74c183aa3fca1a094b3fcd05889b51918d01eeb6fa7e4cc14dd5c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8f99c3f91c0d3070b622a2f4052be4e1e0d94d356fb3b2cd2658ba52642f99b2
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94779c136ceadbf6d18802b64103c3a7c445dbef82bee58ad3549f77ea715483
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97d063e46338a13bbfd11563a0fc63082e1188b491c0eee1132a8b55b30b816e
986d807bfd4900dd5a73c05631fe8b070f30ffa01c05497b3719abeb28dd1f9d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1e25003d88cfd0e0e83755460fb2bc9f5f78fca73392af43dad456afc12265
9c85ef0f7e7c9b6b76a0ab1b1b362fe53fda1775718d769117b3e820a1cb5dfd
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9e667df016a220b512cf41bf1d3cf07e1f5cf5f7e0a7718deebff9a43d2103fc
9f021b5b9503d01f2543fde36a2c9359948424f0c607cd5ab6eeebfe6ba6c154
9fb86f3577df957993300d096f4a7e0ba2d4f31ac35c879757d12b9d682d09da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a07ca75e85cde4d1afb84980d870cc0d9ca8e93e4a26d65a58c31821ecc01a34
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1a4b49d2999a7cd635800ec5c8e75ddf00c46763a3b4810bfa143bba18f0947
a1e5fe93731f424ac72830589ba7693675c67fafe7faebf55c69aea5bc6583d8
a24a9c0ed329dcf0ce01516ced3b93220ec03f206b31f7910fa16bbc6ae60008
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f435d01803e94ed206716ea5626d49b3341d0b764fda579800f3140faa7b66
a3020c31277f67b631dfd856fb9fe71f8cc108efafd87030e6d6ef18b0b10c9c
a3bf28dc13bc39498ba484850d179eb8ca4de72fcbfa0cdebc834149cf1e6dc1
a3e5f97fbfdf1df08db28405bc5c78d43eedde5ba37732c2eb5fad308e5eba14
a459c0a4824036bf3c485566d2f792f1c74b28d1042e41b4c69a68cd4670a77b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a618007c3d4b2d7a20e87ceb76deafe50141c8e1058c4590ef7f27760c52df52
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a65634ad828e4cc58a93b42d6b27e9f8c45782545e72640a85bd6d41574a86ca
a6d8fb031df138fcf1cb58f2862364cdbb4b202cdb033d3eb5aad71d24937491
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a94c882c03a76c460c93f094345766aea2e5dcab4716dbb1dc4df877bc627b32
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59
ab0ad32556e156ba545d591d0ad7f8a9ffea8022ec79d14e04350ff3e3804f21
aba5455dbc06e1f78c4b52ebbd242cf438a110bfee1840b795b9e75bc3d29313
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ac4e614ef4779d0f208be8f709052483d57550c0c8843da6a0481c854e402b3c
accd7e50512ec80b0537a4c68ce99657062c2988bfb6354afde93ecc707101c7
acd0ce7abc9950cd09c751bbb2eba30f4dc018e941ef26e800570dcb11111b3c
acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371
ae157816dff3ab17a63ef630d7878a68bff565e5cc88c8ab5e26a6b42ee65e38
aec93c4e1cb844adf72661ca06216f68d970d0b681c6eec35fa88c8823b8dcc5
aee535b43efbcc3aef48efd57453d077eec0b71536524d9d048d3f55db8124ca
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af0280c8646154adb38a8e059fd0c5cfb21b954eb38031fcba65240da35061ff
af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09
af8855f5480e333ee6339370cd20bd5b61c3336900fd45b1541c88b2f1185459
afec7ebede0ec4992fc5688ca81289d44e747e70ff0b5fba89212b093d96f04d
b00f7ab2fd37226c3121607d1b6717fdc03460141277653d2936c87b61abba59
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b05ef5f969b546feba90d058063c50c94d169ea64c16df5c4d6a397199f0a057
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1801c83b4bed79a6ac656fc214888be8db7d61339144265a28dd65c2310b327
b187ca53ddd2e1900e33c4b896558a6466e5473dd47c8d4d28f5d173ce55894b
b1e87171ce3bd85242384f41d39fe415270f7ae13cc61563870f3deefb7070bd
b1fdcb2188f69d943d85ce64e745a54432eb29dbdefe1be27be329aae9a844d7
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b338281a00b6748ccfd9391e5e67d90da3aaf3d8ed01d099e390d6d6fc1e1df7
b437e1f6c945e13ca3bab1bd6a179ad8c72a9c6e8a52193de0561edd8422bddf
b4538a7ea9e4ba96e01f49608ce101196f39e1b12d17b140436a75ef3d830644
b503a641d6782bc600d7c224cce579fd52ea716b931f26871236a1fa4b39ffb9
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b59c12d2dd20b7609703e387cd50e78d55f18c014204d36e2453bcbbfeae3454
b5d621c696f2763e126b1668888961fe95f3cab2410d49da6096b2066edd59ca
b606ece49cd0aa28af9420457086523b52b9c8461c3aae0cc2a27be8ba924e30
b787c8d34a1d004b5c533867b7160ae74f85e105b3028d2edd43500cc2107e5c
b7e5b9782716544084bbc417c495802bfc509e47c30e75d0b03e9043471a15c1
b9bdf240b0895c5266ac1145532a4e5347756fd123e76a6749c203c2684c42c4
ba0ce59cd9944729ad8cc287309c2e340c76124c3f006e1afe581d57be367d4a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb36a06b82d9d7d2ade97d47a9c55eb04ad3fe68b0f66a045c823b95d977450
bbd58a1c832602875a0b34aba97d954d24dfa30ff69f95559ef675047b48a190
bc06d7117c39728e1a21fc31f98bd4d40bc01bbd1ef7c7f645baa9231ce0ff19
bc27670a09c7d09daefee3f05391082c905b45aba4156995f6f37b8ad0ec839f
bccc18796cb0cffa1e8c4fccbc34fecc60147c087aebcdb58f8daefbb6d6f69f
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bedfa3d15259d08a70052140123bf5aea4596d71b918c6abbbde3545fb48460e
bf73802673530741d970bb6ab9096cf4b2fb227dcd8cc6b26f47046d44b6fa9a
bfee8ae071d345a9f9c45f775ee9b8881308b80ff6856b52f58af41d1876fe5e
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
c0fad728793d21b5b344f31239c556682a13d08ffdd5d3f0b5b812d02454eb75
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c2bcc7946328604b98d6ac3a841680dc2826efb646ca41f39e6b3bdf751c12e5
c3cd347fe99e5933a2fe93e59e456a3bab2f17e08aa45376a0fb87061054e7ad
c410de06ebf826b9167f8bd247f8867a253b46f141e0735a4dd29dcd7d8e2e27
c5602a33bc3762d88eda6891e0740fa068f86de1de5c373c65f0320658befe47
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c65ad3507aa9c487819ce5c6c2aac61866f0cd7bf0fc621fd78a3e365ca06bfd
c7f9088bb919d242906a5334558c0d6426cb816c5d6e03890e18b5455ac2db67
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c9646d73acc6c6c757dd1645d1a597114c3f1634982f54a7521dd9352bf5b79f
caaebdf9674bb63031880c354edbc7f4187e2e718ed7ec0f2aeec31861e4b6d1
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc8786c6235bb210eb95e67fded05949f7b0dd661b846f6644666f1ff728df31
cc950bb26fcf93ad40f3c9b7e9bbb0a8ddbb9ba6036aefbeead7c7fe9efd850a
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cceb9765e8846a6f10103fc565d5c3743bbd47d0ed49ceab2466e0b78c6c3e82
cceea0fb02b94dc0343642dde73532e4d5876a66d8e4170a8be5b472e755fdbf
ceaa77f8c2b938fc2c6fbba07283c93bb6b724453f8a08471baf9b4e9df763f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8164dd822c958cfc6277bad29a807da965da857e20aa2a2bba59208322a931
cfa24c8b0ec882d555dde9ad2f3f8e5bb66d63bec09f5589b2bde2833f8f8a01
d063b325db2ef14ca33eedbbe8ab5cbd2b88cb1f3d9e9065dcf5ed4a797ce082
d1057260352e39d8da124d24c8a6be3c757393789f6ed334c70d9658f9abe7fb
d2338531fe975287b3799b97ebb0fdde831cf2706af648efcf6edff1461a3e64
d2bb0eb5cfc8b621ba1e520e1b538e8e7754190f65816141464fdb57f94ce4b9
d36dc45ca451b3ef3309e4094558c60c8dbca67dc7db5800642f16dc08e69e41
d37e61bbca4fca7ec96816edb5303baffea9e046d625924e0841b10517117c89
d4c82d9e4d57b7de1576f87e32fe01108b6c10629f88b4f11c575a3c80db7cb8
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d579b7fdfb325c978d89c67ce8ce3d16db03b4a62188813328aaa469bd730d16
d6437db2abaeb5d96be2c3e70f2950ba354444d745ff0e0bdf2299cf7af2704c
d77e9927ff040b52679dde8ab5837f0b859da7f82094d314977b509752963d24
d8470c3f84ed7a0659d6aace85d3252ded95ee0a010d1afc3e8af6e56dfc6510
d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f
da8868c1538bedd78cb1e41ef00b3447f19fe229a8efcd4abf024311ea160449
db0225dc4a222c878e42fe26993ba825de2fa608e3236fa3c019cf2b50d78baa
db84e19cd68938449edf6116b8e0ab34402121148fce66bedb76d20449004592
dcc78eb47dacc86b8dab1818b654c0190c66130ffbc266d58aa99329462f9dec
dd51a11a434cc944701715ab37f9a7ad4d3079872e3d6c56457a95fd189d14e0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5f9796f69ffbe3f54ae0e2dce2e218d2e5d5aea896dc43b75a4bfeeba1e5b7
de884b5c344004ff4f6332583e6685af92ae92f792f097bf1014af6ffd4e41a3
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
dfe2933d963e903bf591ed7a07b4d376dfc685c69a46769cd4b93f80731816fa
e0a5b32220e12740f329f34d1a351c9f76735208026f18d3e6ed8d6b35a16c0e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e25fce41907af3e09bbbd455b405fa9e8b0880650f539502b3e7ea6e03563390
e30054bc85b39d92a163aa8492efdc70e42fa08555c0ebbd840ba7b6d13d1545
e3420da2b260abe345161cc29857cbbc84426d366c896a1738302e7aa56e9496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf328ff3e0ec98a0e52d8d148a51b92dd5ee39b8cac661f2dffdcf56f780ee
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61f1ad265195ede649df53cb089704bccfc17ada7c2e0a4528974f05e61df48
e8305506badaf2c2d5b23f4682538db4b9e238d3587eeb4a761c0e5a9de062e8
e8611730c5082eaab7506cee9df346602f4fd578e7976d2d8f623fc917ce239c
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea6168bc86409dcfdc6860247ac83ee82fbc7e1aff0a61ff59d2718c6ea0b868
ea692ef0ac3eef0437032558dcfa742b7274f8435a2295f4709f39d141f1b548
eb454443ec24beb8c23b7f8ad35c2906b6603c5393e2f0eb01e4e0fa033f31c1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec52e48072cbf4e7d05e638c62b069b09a040800614be2a2fdcb8a1ed11a8156
ec9173696b93869aa96958183b74cce3405e903b3f176cade83c0f408138a948
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
eee0564fdf87f35bf1809c756013d091c82de4519287598cf7cf82548c88457c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec9c21599f9a56ff5408e48028c153522381a3dc5bbc605f08939cd77aaaec
f0bcc58fa08f0657aec81448fa6a0b7832150acd47520ce53181a30e6aa7952c
f10e7e8e766ae818d6da9437a9d3bf952fd69dec55757e43e754b5a96ff95aac
f1dccfb5038c7ffe5764ae9900b6739346b659e6161a471922fb083a2822304f
f2d9125a3b8dcadb464ef7dd6960c4a36fd62a469b4ffd9a5d21ff853d4022ed
f470420074a5b423399d0f9e0eaf640ea79e7ff8daa2a4c1473cf8c201d69d3c
f53f372f689059afb73db548dec6c019104427f7796e7c352b394a5c1666dc22
f54517768c11a8e0bfbc84bb7962ef16f8af25cd119a1aadd1748097eba8d3ad
f5aa68d1d8d572508048788d657a0fd586976155a283f0bdd0ea5f2f67266537
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6398701663a474d38695de7a5c41d627e21283fe1b4f79005ca7da4319a016d
f7434a931efe764d92936db992cdd56150f71ef0102a5e440a85a489ed85614b
f81bc1e33c99136c6dc087afd52fe48f19ef2c4be171e4ad254df273502136f8
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
feadd6b13f999b3c2dbd0c237271f64ef92c7548755fa98650beaad79bb9510a
ff06e528f84f10aeb70fcfcef8760b592d20cf5bcbdfd216292180a909350c99
ff7df2deca5b6231f2b3ac8cacb7a7b1e6f75445c225d87d5b08a38d4c07afab