ald.my.id Open in urlscan Pro
198.252.106.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ald.my.id/?arsae=https%3a%2f%2fwww.whatisitwellington.com%2f2021%2f06%2f8-new-matthew-crawford-onlyfans.ht...
Effective URL:
http://ald.my.id/
Submission: On February 15 via api (February 15th 2024, 9:15:41 pm UTC) from US — Scanned from US

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 3 countries across 37 domains to perform 126 HTTP transactions. The main IP is 198.252.106.147, located in Los Angeles, United States and belongs to . The main domain is ald.my.id.

This is the only time ald.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	198.252.106.147 198.252.106.147	() ()
5	2607:f8b0:400... 2607:f8b0:4006:809::2009	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:77:... 2a04:4e42:77::159	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2640	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.18.115.121 104.18.115.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.3 192.0.77.3	() ()
4	2607:f8b0:400... 2607:f8b0:4006:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2514:fa00:7:59dd:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	158.69.254.144 158.69.254.144	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.55.22 18.238.55.22	() ()
2	3.14.20.254 3.14.20.254	() ()
1	104.18.34.83 104.18.34.83	() ()
2	67.202.105.31 67.202.105.31	() ()
1	18.173.132.23 18.173.132.23	() ()
10	2607:f8b0:400... 2607:f8b0:4006:81c::2001	() ()
2	108.138.128.124 108.138.128.124	() ()
1	2606:4700:20:... 2606:4700:20::681a:c3c	() ()
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	() ()
1	52.1.95.128 52.1.95.128	() ()
6 8	142.251.41.2 142.251.41.2	() ()
4 8	172.64.151.101 172.64.151.101	() ()
6 8	68.67.179.155 68.67.179.155	() ()
1	104.18.35.167 104.18.35.167	() ()
1 2	67.202.105.21 67.202.105.21	() ()
2	34.86.70.109 34.86.70.109	() ()
1	23.48.224.133 23.48.224.133	() ()
1	108.139.29.7 108.139.29.7	() ()
1	142.251.41.6 142.251.41.6	() ()
1	184.28.61.13 184.28.61.13	() ()
1	52.22.89.206 52.22.89.206	() ()
126	42

4 198.252.106.147 (Los Angeles, United States) 1 redirects

ASN- ()
PTR: 198.252.106.147-static.reverse.arandomserver.com

ald.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2009 (United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:77::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2640 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.115.121 (None, )

ASN13335 (CLOUDFLARENET, US)

www.boyculture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.3 (San Francisco, United States)

ASN- ()
PTR: wordpress.com

44.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2016 (United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:fa00:7:59dd:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.22 (None, )

ASN- ()

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.14.20.254 (None, )

ASN- ()

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN- ()

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.31 (None, )

ASN- ()

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.23 (None, )

ASN- ()

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.124 (None, )

ASN- ()

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (None, )

ASN- ()

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (None, )

ASN- ()

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.95.128 (None, )

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.41.2 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (None, ) 4 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.179.155 (None, ) 6 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN- ()

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.21 (None, ) 1 redirects

ASN- ()

lex.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.70.109 (None, )

ASN- ()

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.224.133 (None, )

ASN- ()

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.7 (None, )

ASN- ()

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.6 (None, )

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.61.13 (None, )

ASN- ()

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.89.206 (None, )

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com	535 KB
21	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net ad.doubleclick.net	143 KB
8	adnxs.com 6 redirects ib.adnxs.com	9 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	4 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 10861	72 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	273 KB
4	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1104	108 KB
4	ald.my.id 1 redirects ald.my.id	35 KB
3	33across.com 1 redirects cdn-tc.33across.com lex.33across.com	1 KB
3	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	31 KB
3	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	9 KB
3	sharethis.com pd.sharethis.com t.sharethis.com	5 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com data-beacons.s-onetag.com	13 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 14494 t.dtscout.com	5 KB
2	simpli.fi i.simpli.fi	1 KB
2	google.com fundingchoicesmessages.google.com	63 KB
2	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com Failed	47 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12731 s4.histats.com — Cisco Umbrella Rank: 12280	5 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3698	50 KB
1	flashtalking.com servedby.flashtalking.com	1 KB
1	adsafeprotected.com fw.adsafeprotected.com
1	dtscdn.com t.dtscdn.com	598 B
1	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 16477	7 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 11252	15 KB
1	wixmp.com images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com — Cisco Umbrella Rank: 18186	29 B
1	tumblr.com 44.media.tumblr.com — Cisco Umbrella Rank: 37067	93 KB
1	boyculture.com www.boyculture.com	640 B
1	wp.com i2.wp.com — Cisco Umbrella Rank: 8999	4 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1915	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
0	ftstatic.com Failed ajs-assets.ftstatic.com Failed
0	lijit.com Failed ap.lijit.com Failed
0	criteo.com Failed ads.us.criteo.com Failed
0	pippio.com Failed pippio.com Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	onaudience.com Failed pixel.onaudience.com Failed
0	fansmetrics.com Failed img4.fansmetrics.com Failed
126	37

	Domain	Requested by
17	pagead2.googlesyndication.com	ald.my.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
5	www.blogger.com	ald.my.id
4	i.ytimg.com	ald.my.id
4	pbs.twimg.com	ald.my.id
4	ald.my.id	1 redirects
2	i.simpli.fi	ald.my.id
2	lex.33across.com	1 redirects ald.my.id
2	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	tags.crwdcntrl.net	e.dtscout.com cdn-tc.33across.com
2	pd.sharethis.com	e.dtscout.com ald.my.id
2	t.dtscout.com	e.dtscout.com
2	netdna.bootstrapcdn.com	ald.my.id netdna.bootstrapcdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	servedby.flashtalking.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	data-beacons.s-onetag.com	get.s-onetag.com
1	t.sharethis.com	pd.sharethis.com t.sharethis.com
1	cdn-tc.33across.com	de.tynt.com
1	fw.adsafeprotected.com	googleads.g.doubleclick.net
1	t.dtscdn.com	e.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	ic.tynt.com	ald.my.id
1	cdn.tynt.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	encrypted-tbn0.gstatic.com	ald.my.id
1	fonts.gstatic.com	fonts.googleapis.com
1	2.bp.blogspot.com	ald.my.id
1	blogger.googleusercontent.com	ald.my.id
1	s10.histats.com	ald.my.id
1	images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com	ald.my.id
1	44.media.tumblr.com	ald.my.id
1	www.boyculture.com	ald.my.id
1	i2.wp.com	ald.my.id
1	i.pinimg.com	ald.my.id
1	fonts.googleapis.com	ald.my.id googleads.g.doubleclick.net
0	ajs-assets.ftstatic.com Failed	servedby.flashtalking.com
0	ap.lijit.com Failed	get.s-onetag.com
0	www.gstatic.com Failed	googleads.g.doubleclick.net
0	ads.us.criteo.com Failed	googleads.g.doubleclick.net
0	pippio.com Failed	ald.my.id
0	px.ads.linkedin.com Failed	ald.my.id
0	pixel.onaudience.com Failed	ald.my.id
0	img4.fansmetrics.com Failed	ald.my.id
126	51

This site contains no links.

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
*.pinimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-09` - `2024-07-09`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.boyculture.com Cloudflare Inc ECC CA-3	`2023-03-21` - `2024-03-20`	a year	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.wixmp.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-25` - `2024-06-22`	6 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
cert1-prod.aut.a24365.net R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://ald.my.id/
Frame ID: A5263CB1D17122293C0F433E292C11F4
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html
Frame ID: 760FDDAE4369B8777B50E495DC50529E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734498&bpp=10&bdt=635&idt=808&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=647771535837&frm=20&pv=2&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=594&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=857
Frame ID: FF16A4C609F777ABA2417B9A6BD4B93E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908
Frame ID: 85A59D5AD3B8E054262065649F8FD147
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&adk=1812271804&adf=3025194257&lmt=1708031735&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=252x1080_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708031734535&bpp=3&bdt=672&idt=896&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&fsapi=1&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=964
Frame ID: 008DCB6F758F835D05D637B4396EB746
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001708031735183D80BFFB3DA9F30B
Frame ID: 25702CE6C28826F05537DEA86AC7CB5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNW90V2eDQr9rc8s4mL8ZFt1BPbsRLoJ5kR9vP3I7Sx84GVe5ow5IjqWYa07bEBZxFO7TCYBBAcsEYAk3KVn_kp1iYXQvA
Frame ID: 1E79520F30CF30F7E83B49D19F1DBDF5
Requests: 5 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 498BC7B963C7A0707523D133AFBECC05
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHpMxCpgz4Yiqn9gwIwAQ&v=APEucNVHuvfimMsNlT23VSH90Fpgr79GgOU7FaDWs_xw15ztqwbf9UVIotzW7NpgWlL2G7k9P273YdxpLJGbpju8L17kfj8JhA
Frame ID: 2F6DDF7940FD9EAFEB53E25EA6EEC728
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7D928DE61DC9668FBBAC93114F4701A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2542884292174911&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1708031736&rafmt=1&to=qs&pwprc=1852733892&format=1200x90&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1708031736642&bpp=7&bdt=2779&idt=-M&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D359f153f2318e163%3AT%3D1708031735%3ART%3D1708031735%3AS%3DALNI_Ma-mef7fx6slBI7XOUb9zNRLE3qig&gpic=UID%3D00000dca3ad60a34%3AT%3D1708031735%3ART%3D1708031735%3AS%3DALNI_MaiRSun6Zkn-45vQ6tFjviSByBoJQ&eo_id_str=ID%3Da57d0dffdf879fd0%3AT%3D1708031735%3ART%3D1708031735%3AS%3DAA-AfjbS3-9kPWRsSTd_laPVzmy8&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&psts=AOrYGslg7UZDyywvGH23OuY_Om2LCfTqG1VBVB5JK3zOX6ycV7UHxZBC3qedtUiRWRHB8VDuTZC61ZR1TE81gqix5pt5MVU&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=318
Frame ID: 7FF54D587CFB27F11234E9E977D48440
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 48A7C4AF9529EB4AA9EE79A55D1FFCE9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AFF8BD8AE093A6790BE61BF1E545D096
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 018316F5A34A246CD9BC3D0210C78A30
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23D39059518CAF23DC964ACFC6C05CDA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zc5-9wAJCHgB7o2PAA7CcjpI85MlwS4JgHZEaQ&u=%7Cmoz1xj0IOgfcQsgcMz11raISKtJ5xQRtMX6Y%2FMxgk80%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdjldJVdp2Q_IhoaKl1ZNxL-lbQFmGXMWGg6ZYifI59SH0_Hj2NA0TsoZQfEb8mfG3DwLuDJQCLpG8L4FdgYKmobQ7eaUZ1RX3qmJEfBrYAnVxEXK9kfKvbAxg1htKrFnTci35bMzN7b-Iznklt2yLXM8aozGE32D9cIQMFxfHVyavYkFvTIdcFqXlzwz0TPWbLMF02tXwGg22YGqjysmtOk0O7suHbaGKBW3-ydJ5DqqNd0-G3T5RE6ICDyJn2w7lhcdwwuyLX3iLOqW762L1Vnh8SiyxudWWBu_uUizbgzg9OAQZmGVZLlIZ96rlj2uS9ytFjHWirjGHjAM5g7svwr-OVAjc64gRincVpCeIqaTRIhPPebcL5YopKCD-GT4oSMstbcV3g3OIkHMUGIY1hrWjbfojpeQrmKLTwY2T3yCW1W_wOfJc51_cDvJj7sgZfDDX96TqgpHV2MH6w80j64oMHS6g8YW67S6buCrtEjduBiZQ_YVHwEdanD44yQsKzFEglyMgxb5ZUSOLEwWOzkhIKROLn4XXsTZlA9Kf2AuA-git7N_mdQRpVFV_SbS1DtU4T6RLjXHbQpxgvlXvt0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQMg937OZfiQJI-bur8P8oS7-Aqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1NDI4ODQyOTIxNzQ5MTHIAQmoAwHIAwKqBPEBT9B6Z5hfcRkW491MebvKTLKxhiTCCcx-Shz0f8Gm-CO7oXmlUzR_RgNkpIT5fwvzU16N1jvXaVsPJfOinofeTzUxGf-jU_bxLpwFt1UUB4U3AOCGE9YEp939riB9_pIWS73RoprnrwvwA8bAI5f06v-SnD0_FlBiepCnIikHnfv3N1GeaEBBQ9XAaMOMcjdLft2ibXxyEmdpadNmGbRi51h65PLImFuw4EuRVSpxkyKZjultSbGe_mdWYZRbf_1HUlhrACHiwlbH_EdEEO0I2gt89Otq6Ufs9C29yk6LhyUDJqyS3sGdAmxOzlg2Opr00YAG7JS2hdSZ0Jt0oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAISL39wTpYi87zhqKuhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3e9W24fYYK0-N0kwV9x3z847t1Gg%26client%3Dca-pub-2542884292174911%26adurl%3D
Frame ID: A3CF0C0678984F2749CC83DAD5C08669
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 6EAF2C2999B3CA3A1313A6064EA212F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[8+] New Matthew Crawford Onlyfans | #99DEGREE

Page URL History Show full URLs

http://ald.my.id/?arsae=https%3a%2f%2fwww.whatisitwellington.com%2f2021%2f06%2f8-new-matthew-... HTTP 302
http://ald.my.id/ Page URL
http://ald.my.id/ Page URL
http://ald.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

126
Requests

65 %
HTTPS

44 %
IPv6

37
Domains

51
Subdomains

42
IPs

3
Countries

1568 kB
Transfer

3858 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ald.my.id/?arsae=https%3a%2f%2fwww.whatisitwellington.com%2f2021%2f06%2f8-new-matthew-crawford-onlyfans.html&arsae_ref=https%3a%2f%2fwww.bing.com%2f HTTP 302
http://ald.my.id/ Page URL
http://ald.my.id/ Page URL
http://ald.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ald.my.id/?arsae=https%3a%2f%2fwww.whatisitwellington.com%2f2021%2f06%2f8-new-matthew-crawford-onlyfans.html&arsae_ref=https%3a%2f%2fwww.bing.com%2f HTTP 302
http://ald.my.id/

Request Chain 56

https://pixel.onaudience.com/?partner=137085098&mapped=6D001708031735183D80BFFB3DA9F30B HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=130f1ea8-f407-4bbb-9d67-dd3e79d9b003&icm&gdpr=0&gdpr_consent=&cver

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1

Request Chain 66

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc5..MAoJMIAABftAGJgugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJYSKL2gnWq9Cx1aLm582Y&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

Request Chain 68

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

Request Chain 73

https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBusiness%26pdev%3D%26pctry%3DUS%26referrer%3Dhttp%253A%252F%252Fald.my.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D HTTP 302
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBusiness%26pdev%3D%26pctry%3DUS%26referrer%3Dhttp%253A%252F%252Fald.my.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1

Request Chain 74

https://rc.rlcdn.com/361726.gif?n=1&33random=1708031736373.2 HTTP 307
https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCPj9ua4GEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=26d03a5c0882ff3fb87d363b8110f323d27b29f43e9cf4c489f9cd837017572c791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=26d03a5c0882ff3fb87d363b8110f323d27b29f43e9cf4c489f9cd837017572c791426b5417dce21&rand=05073084

Request Chain 76

https://rc.rlcdn.com/361726.gif?n=1&33random=1708031736373.5 HTTP 307
https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI-f25rgYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI-f25rgYSBAgCEABCAEoA&google_gid=CAESEL0U6pB8vq1fErss5TGaHpA&google_cver=1

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc5..MAoJMIAABftAGJgugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJYSKL2gnWq9Cx1aLm582Y&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

Request Chain 88

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

Request Chain 123

http://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C HTTP 307
https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ald.my.id/
Redirect Chain

http://ald.my.id/?arsae=https%3a%2f%2fwww.whatisitwellington.com%2f2021%2f06%2f8-new-matthew-crawford-onlyfans.html&arsae_ref=https%3a%2f%2fwww.bing.com%2f
http://ald.my.id/

319 B
579 B

105ms
104ms

Document
text/html

198.252.106.147

General

Check archive.org

Show headers Download Go to

Full URL: http://ald.my.id/
Protocol: HTTP/1.1
Server: 198.252.106.147 Los Angeles, United States, ASN (),
Reverse DNS: 198.252.106.147-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: b132abd0d5954bad5ac5711769f99e29e63bda475da55ff0a0a318d5ac5e4d11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:15:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:15:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: http://ald.my.id
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK / Show response
ald.my.id/ 320 B
578 B 164ms
156ms Document
text/html 198.252.106.147

General

Check archive.org

Show headers Download Go to

Full URL: http://ald.my.id/
Protocol: HTTP/1.1
Server: 198.252.106.147 Los Angeles, United States, ASN (),
Reverse DNS: 198.252.106.147-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: d61aee451b1f591f1c12f298a774245c69b1429efebeb519053af3563c9730fc

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:15:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK Primary Request / Show response
ald.my.id/ 122 KB
33 KB 115ms
114ms Document
text/html 198.252.106.147

General

Check archive.org

Show headers Download Go to

Full URL: http://ald.my.id/
Protocol: HTTP/1.1
Server: 198.252.106.147 Los Angeles, United States, ASN (),
Reverse DNS: 198.252.106.147-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 570aa4c92b2b7675db29703e028e5c0549c7e70319df5aa6a1f68c3340f7154a

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:15:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 231ms
66ms Stylesheet
text/css 2607:f8b0:4006:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 04:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6620
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 00:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 14 Feb 2025 04:29:37 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
1 KB 152ms
85ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Fjalla+One

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f60d07d01c38857df8bddd6ba4c12f710bd580687bf61d9f3ab0078243333bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 15 Feb 2024 21:15:33 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 15 Feb 2024 21:15:33 GMT

GET
H/1.1 200
OK font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
6 KB 94ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

HTTP/1.1

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 974
Age: 6857249
Transfer-Encoding: chunked
CDN-CachedAt: 09/03/2022 05:42:05
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:04:53 GMT
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
Server: cloudflare
ETag: W/"1f9e9d1a5a1d347d945ef4b7727f2ea0"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 2bf7de4958127e68731f40ffb95e9659
timing-allow-origin: *
CDN-RequestCountryCode: US
CDN-Status: 200
CF-RAY: 856091211895743d-MIA
CDN-RequestPullSuccess: True

GET
H2 200 1535467126-widget_css_2_bundle.css
www.blogger.com/static/v1/widgets/ 34 KB
7 KB 236ms
73ms Stylesheet
text/css 2607:f8b0:4006:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1535467126-widget_css_2_bundle.css

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7452
x-xss-protection: 0
last-modified: Tue, 25 Nov 2014 14:03:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 14 Feb 2025 11:31:22 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
54 KB 178ms
103ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c6666db85c3a49d88b6b8dff33af917374806754b8aa54b2305e861415ceaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54823
X-XSS-Protection: 0
Server: cafe
ETag: 15516380170283583795
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Thu, 15 Feb 2024 21:15:34 GMT

GET
H2 200 vpf_PcUB.jpg
pbs.twimg.com/profile_images/1256348357305544706/ 24 KB
24 KB 313ms
99ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1256348357305544706/vpf_PcUB.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25809fd79e5999abbcb4d094110bd4a4061515e5eac0eb58e7bfc609ee2d678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 24875
x-served-by: cache-pdk-kpdk1780106-PDK, cache-iad-kiad7000139-IAD, cache-tw-ZZZ1
last-modified: Fri, 01 May 2020 22:20:44 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 743f5b4b40e9bda3
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Cu_rS_cUEAAgBsQ.jpg
pbs.twimg.com/media/ 21 KB
21 KB 298ms
85ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Cu_rS_cUEAAgBsQ.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c30a811a254288f5a47373f56540d439a717b6cd0864710a74ad17c7075ab504

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 21201
x-served-by: cache-pdk-kpdk1780046-PDK, cache-iad-kiad7000139-IAD, cache-tw-ZZZ1
last-modified: Mon, 17 Oct 2016 19:57:26 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 345259b8c0a01f4a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 d40884d531ea9a2ff743989c2807b34f.jpg
i.pinimg.com/originals/d4/08/84/ 48 KB
48 KB 322ms
167ms Image
image/jpeg 2606:4700:4400::6812:2640
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d4/08/84/d40884d531ea9a2ff743989c2807b34f.jpg
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b22a44c05a6f35ff28433dce831a52f8069f9819c1dfa665af60e1f26938bc9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-cdn: cloudflare
server: cloudflare
etag: "61a84242ea7fd67c8f13a69f18126d41"
edge-start: 1708031734285
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 856091234d150981-MIA
alt-svc: h3=":443"; ma=600
content-length: 48923
origin-latency: 122

GET
H2 200 matt-crawford-by-hayden-su-cover.jpg
i2.wp.com/fashionablymale.net/wp-content/uploads/2017/02/ 4 KB
4 KB 284ms
132ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/fashionablymale.net/wp-content/uploads/2017/02/matt-crawford-by-hayden-su-cover.jpg?fit=1200%2C480&ssl=1&resize=350%2C200

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1f90a596b38bc5b3dc66443801ccf25b68a27350ede4bd2f75a79a5adab2b6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3752
x-nc: MISS mia 7
last-modified: Thu, 15 Feb 2024 21:15:34 GMT
server: nginx
etag: "d91d96f6556d48d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://fashionablymale.net/wp-content/uploads/2017/02/matt-crawford-by-hayden-su-cover.jpg>; rel="canonical"
expires: Sun, 15 Feb 2026 09:15:34 GMT

GET
H2 200 6a00d8341c2ca253ef01b7c90ef552970b-800wi
www.boyculture.com/.a/ 0
640 B 459ms
351ms Image
image/png 104.18.115.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.boyculture.com/.a/6a00d8341c2ca253ef01b7c90ef552970b-800wi

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.115.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 varnish
x-reproxy-expected-size: 999216
age: 0
x-reproxy-cache-for: 14400; Last-Modified Content-Type Content-Disposition Expires
content-disposition: inline; filename=6a00d8341c2ca253ef01b7c90ef552970b-800wi.png
x-vserver: oak-tp-cache007
content-length: 0
x-webserver: oak-tp-web084
last-modified: Tue, 25 Jul 2017 02:48:18 GMT
server: cloudflare
vary: cookie
content-type: image/png
x-varnish: 322718555
cache-control: s-maxage=14400
x-phapp: oak-tp-web084
x-reproxy-url
accept-ranges: bytes
cf-ray: 85609122fb1e4c00-MIA

GET
H2 200 m-uKGKkX.jpg
pbs.twimg.com/profile_images/1255715411783540736/ 24 KB
24 KB 204ms
156ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1255715411783540736/m-uKGKkX.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3ad3a262be147c5d5b2dcbcaa6b709b51f872810492df045a274b2f3bc87af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
x-cache: MISS, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 24875
x-served-by: cache-pdk-kpdk1780036-PDK, cache-iad-kiad7000139-IAD, cache-tw-ZZZ1
last-modified: Thu, 30 Apr 2020 04:25:38 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 9a81c81b12d5d801
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1202679c1912000a90d623a05ccb00cd846b81ea.gifv
44.media.tumblr.com/0408cf545aa7d2131c959ad5691585fa/83f5e84824b73b6f-80/s500x750_f1/ 92 KB
93 KB 478ms
370ms Image
image/webp 192.0.77.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://44.media.tumblr.com/0408cf545aa7d2131c959ad5691585fa/83f5e84824b73b6f-80/s500x750_f1/1202679c1912000a90d623a05ccb00cd846b81ea.gifv

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN (),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f0e00a1456a0d600b9fee04d8fb9dd82641117e4a0134917f7553727dec9ea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
strict-transport-security: max-age=31536000; preload
content-disposition: inline; filename="tumblr_0408cf545aa7d2131c959ad5691585fa_1202679c_500.webp"
server-timing: dc;desc=mia, cache;desc=MISS;dur=332.0
alt-svc: h3=":443"; ma=86400
content-length: 94374
x-nc: MISS mia 5
last-modified: Thu, 03 Dec 2020 10:13:11 GMT
server: nginx
etag: "2e5d7c9f2b77ee1f594f0dcedd60507f-1523937600-98b6076"
access-control-max-age: 86400
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/um3Q73-xYsI/ 141 KB
141 KB 276ms
119ms Image
image/jpeg 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/um3Q73-xYsI/maxresdefault.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a175dccebd38ef92909275e74776825b0ae41a314d91a145868472f8bfdae4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144497
x-xss-protection: 0
server: sffe
etag: "1615750337"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Feb 2024 23:15:34 GMT

GET
H2 200 Cx4tsSrXgAA4Nxu.jpg
pbs.twimg.com/media/ 37 KB
38 KB 143ms
100ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Cx4tsSrXgAA4Nxu.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d6c5debd5cacea6677750d9ef0f9fdc0f79dac425bb1507d3a7c04ec5c44139

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 38346
x-served-by: cache-pdk-kpdk1780096-PDK, cache-iad-kiad7000139-IAD, cache-tw-ZZZ1
last-modified: Tue, 22 Nov 2016 18:17:39 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: de8d6761824bd5bf
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 404 matthew_crawford_feet_4755077_by_matthewdarkness13_de0somm-fullview.jpg
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/7b2bb76c-501b-4c4e-92ec-479a0f99650e/de0somm-92c4ee20-478d-4ee5-a307-3ade97f6afec.jpg/v1/fill/w_637,h_637,q_75,strp/ 29 B
29 B 393ms
155ms Image
text/plain 2600:9000:2514:fa00:7:59dd:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/7b2bb76c-501b-4c4e-92ec-479a0f99650e/de0somm-92c4ee20-478d-4ee5-a307-3ade97f6afec.jpg/v1/fill/w_637,h_637,q_75,strp/matthew_crawford_feet_4755077_by_matthewdarkness13_de0somm-fullview.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NjM3IiwicGF0aCI6IlwvZlwvN2IyYmI3NmMtNTAxYi00YzRlLTkyZWMtNDc5YTBmOTk2NTBlXC9kZTBzb21tLTkyYzRlZTIwLTQ3OGQtNGVlNS1hMzA3LTNhZGU5N2Y2YWZlYy5qcGciLCJ3aWR0aCI6Ijw9NjM3In1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmltYWdlLm9wZXJhdGlvbnMiXX0.OUnFUNbQgjVDQm4eePWaCLeQ6Yvx6zz1rfXrY6Y0-pM
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:fa00:7:59dd:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 93b7e27f75c1e7342f2008a28c7b7dec1a738553eaaaab5472e2a68d7809dbce

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-seen-by: image-manipulator-5f8d6d5d88-jxhh9
date: Thu, 15 Feb 2024 21:15:34 GMT
via: 1.1 google, 1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-cache: Error from cloudfront
content-type: text/plain; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
x-amz-cf-id: STU2G23s-T3t6D7_-jHxMAntR8vYvS6h-IFoJ59wb_JZigs83McxxQ==
content-length: 29
wix-tracer: 2cQ71fSdIvmCsYOQNJAKeOIAjPn

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/jssmseH1gQg/ 13 KB
13 KB 157ms
88ms Image
image/jpeg 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jssmseH1gQg/hqdefault.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46319e2dff4cc8362c8a9f98c9eb89b34aed36909a4071ed67fdb68dd0bd6ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13311
x-xss-protection: 0
server: sffe
etag: "1506654628"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Feb 2024 23:15:34 GMT

GET OC9oZWFkZXIuanBn.jpg
img4.fansmetrics.com/E8PJlqptXlm8f0Cdkwv9LPvLEitSxAjCxaV1Hy5VnmY/width:1000/resizing_type:fit/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3cv/d3Uvd3UxL3d1MWZy/eWp4d3lrank4cW9m/eHBxb2RoZDd6aGo5/Y... 0
0

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qqg-p8SXUSY/ 6 KB
6 KB 207ms
204ms Image
image/jpeg 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qqg-p8SXUSY/hqdefault.jpg?sqp=-oaymwEiCKgBEF5IWvKriqkDFQgBFQAAAAAYASUAAMhCPQCAokN4AQ==&rs=AOn4CLDwQp17cb2Q9n_1qeyI084lP9ClPw

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06b87390203cc93ec95bc5d4a8da9c1b4b4cf268da569c19feda5688e98c6d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6097
x-xss-protection: 0
server: sffe
etag: "1615308138"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Feb 2024 23:15:34 GMT

GET My9hdmF0YXIuanBn.jpg
img4.fansmetrics.com/pC3sVOohevn-HfmhagX5--PaFnyRIZ8C4cJVUU1J5j4/width:300/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3Av/cDMvcDM0L3AzNHM0/ejB3aGZ3MnUxcXVu/YnhvaXc1aW1xbHU0/Y2R5MTU5OTU5Mzk1/ 0
0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/lkT5NHhHYNI/ 112 KB
112 KB 187ms
186ms Image
image/jpeg 2607:f8b0:4006:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/lkT5NHhHYNI/maxresdefault.jpg

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff43fded9140a1ed20c8c2145abec4abaa41c987dfb8b71ddf28923cb3dff87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114909
x-xss-protection: 0
server: sffe
etag: "1609360985"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Feb 2024 23:15:34 GMT

GET
H2 200 872616150-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
57 KB 92ms
68ms Script
text/javascript 2607:f8b0:4006:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/872616150-widgets.js

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a4b7664b8ac5c6fed73579023d5121e2d06c488d89f0b4b17d999c76401e3b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57945
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 15:55:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 14 Feb 2025 16:08:51 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 162ms
156ms Stylesheet
text/css 2607:f8b0:4006:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1526608365126925745&zx=f7acdc3c-ccfb-47d7-a73a-dfd5a805efa2

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 15 Feb 2024 21:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 21:15:34 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 106ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:34 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Server: cloudflare
Age: 39682
ETag: "-375139978"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8560912458839ae0-MIA
Content-Length: 4547

GET
DATA 200
OK truncated
/ 362 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Best%20Auto%20Insurance.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTZef2smB-4WzKsOkrjN080E4YRXcWmVbIq6jcTxUMgr56k-eUFqy-Jm7D6EXXqB1WQfk-XifK51XMT1BsWcREtTRxd8-6dGx6m_nWYjXwYtdWuSM5xKwP0FgJhf4pxe8oEKqIizH5_bYtcQc3... 15 KB
15 KB 517ms
346ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTZef2smB-4WzKsOkrjN080E4YRXcWmVbIq6jcTxUMgr56k-eUFqy-Jm7D6EXXqB1WQfk-XifK51XMT1BsWcREtTRxd8-6dGx6m_nWYjXwYtdWuSM5xKwP0FgJhf4pxe8oEKqIizH5_bYtcQc3HUz44jaH9QX0JyjQKcO_NqOZwd1QZx9dzpk_d77Uaw/s300/Best%20Auto%20Insurance.png

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f7e0cfb6d530c55022148ddcdb56488b7555c33ba634aace1248a64aeefc917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v2a8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="Best Auto Insurance.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
expires: Fri, 16 Feb 2024 21:15:34 GMT

GET
H/1.1 200
OK share.png
2.bp.blogspot.com/-FYy1a99SDXE/VXuCSz_hYjI/AAAAAAAACbg/8dz4LkDIHYY/s1600/ 6 KB
7 KB 157ms
89ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-FYy1a99SDXE/VXuCSz_hYjI/AAAAAAAACbg/8dz4LkDIHYY/s1600/share.png

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e6ae4e6751e18f746dd724021763c974b8ab038a2316ff78117ae81fd0fd6812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:34 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v9b9"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: inline;filename="share.png"
Timing-Allow-Origin: *
Content-Length: 6485
X-XSS-Protection: 0
Expires: Fri, 16 Feb 2024 21:15:34 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 99ms
64ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: http://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

HTTP/1.1

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin: http://ald.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:34 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
CDN-EdgeStorageId: 976
CDN-CachedAt: 09/03/2022 05:39:27
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 44432
Last-Modified: Mon, 25 Jan 2021 22:04:53 GMT
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
Server: cloudflare
ETag: "3293616ec0c605c7c2db25829a0a509e"
Vary: Accept-Encoding
Content-Type: font/woff
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: d9904d20e7627d634bd197a6e50cd899
Accept-Ranges: bytes
timing-allow-origin: *
CDN-RequestCountryCode: US
CDN-Status: 200
CF-RAY: 85609122c8dd4962-MIA
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v15/ 44 KB
44 KB 146ms
68ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fjalla+One

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://ald.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 10:36:03 GMT
X-Content-Type-Options: nosniff
Age: 38371
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44584
X-XSS-Protection: 0
Last-Modified: Mon, 03 Apr 2023 20:46:24 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 14 Feb 2025 10:36:03 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1526608365126925745&zx=f7acdc3c-ccfb-47d7-a73a-dfd5a805efa2

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 15 Feb 2024 21:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2024 21:15:34 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 407 KB
138 KB 587ms
137ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9dee3f456c3ad2323a8cd3a1ea726f198b9c2d044ae13eb0dbb695dd05a9334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141255
x-xss-protection: 0
server: cafe
etag: 10675235952106102972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:15:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/ Frame 760F 9 KB
5 KB 487ms
79ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 18:14:49 GMT
etag: 3890843268177463596
expires: Thu, 29 Feb 2024 18:14:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 2 KB
3 KB 439ms
76ms Image
image/jpeg 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:58:24 GMT
x-content-type-options: nosniff
age: 83830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2347
x-xss-protection: 0
last-modified: Tue, 22 Dec 2015 19:19:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Feb 2025 21:58:24 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 378 B
513 B 421ms
85ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4588402&@f16&@g1&@h1&@i1&@j1708031734593&@k0&@l1&@m%5B8%2B%5D%20New%20Matthew%20Crawford%20Onlyfans%20%7C%20%2399DEGREE&@n0&@ohttp%3A%2F%2Fald.my.id%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:6692692&@b3:1708031735&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttp%3A%2F%2Fald.my.id%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: 523c5e178529160f89866b88b5ff01eeb956046feca061f05149fce17d8157bb

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:34 GMT
Connection: close
Content-Length: 378
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 7 KB
4 KB 237ms
117ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4588402&@f16&@g1&@h1&@i1&@j1708031734593&@k0&@l1&@m%5B8%2B%5D%20New%20Matthew%20Crawford%20Onlyfans%20%7C%20%2399DEGREE&@n0&@ohttp%3A%2F%2Fald.my.id%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:6692692&@b3:1708031735&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttp%3A%2F%2Fald.my.id%2F&@w
Protocol: HTTP/1.1
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d7ff0e228a4b09fc4c14d763fd3f5903e7cdaa0ee7a5eb282ab7e321c86a48

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:35 GMT
X-T: 0.294
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqbKsApMz05x%2BZ14%2FmendzfH%2BI7j1ZxCnDMRmNxAvc5A5N18Repv5HD314rjQsFE2YjypMFqvMdERW6AP3phX%2BtTc07jd43Tsx6woMrhUxKomOLwet%2FEiUQFitlPksU3Mj3VsR%2BFhPttYvg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-S: mtl1
CF-RAY: 856091294839b3c8-MIA
Expires: Thu, 15 Feb 2024 21:15:34 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF16 28 KB
12 KB 821ms
806ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734498&bpp=10&bdt=635&idt=808&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=647771535837&frm=20&pv=2&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=594&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=857

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00f7ca35d0054a2aa06512a9b25069bfd55aa2d0f50469f8ddf52963d6211d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12474
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:36 GMT
expires: Thu, 15 Feb 2024 21:15:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85A5 33 KB
13 KB 983ms
972ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02496df713f8ac57da43587b843c9f22db65af1a426fe2da43fe27d156ed943c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12823
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:36 GMT
expires: Thu, 15 Feb 2024 21:15:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 008D 392 KB
67 KB 712ms
710ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&adk=1812271804&adf=3025194257&lmt=1708031735&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=252x1080_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&dt=1708031734535&bpp=3&bdt=672&idt=896&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&fsapi=1&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=964

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e624b0bcc1802ddacc2de616421a567a65e4c743ec5fc80b112bdb1a6c1ccfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68058
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:36 GMT
expires: Thu, 15 Feb 2024 21:15:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 131ms
129ms Image
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=back-to-top&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 2570 1 KB
764 B 237ms
141ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001708031735183D80BFFB3DA9F30B
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1962a7c0e878795df782f5dc207bcd832d241cdbc40efeeec4d63618eb653923

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8560912bb9958df1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:15:35 GMT
expires: Thu, 15 Feb 2024 21:15:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3swljms1paEsMc6mx7dyQY%2FMVL8ecGCIurK95%2FFwRJOVZcTwCQD6UGlI5N00Y0wpImPvmDTi1L64fpe5f02UvzRqZ%2B5UJIf4DQnHI4kZBlAO4R6ai2Nu3TND%2BJSfXN98EezTiP7aQZB7%2FA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 246ms
73ms Script
text/javascript 18.238.55.22

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.22 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 10:14:20 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 b88fe06cb643513c120238beec43283e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 39675
x-amz-cf-id: ZylAUkDYE1oZbZKohwXfivOnwqd4IYLNrLQ6hvPt483GQjHvwfZ7KA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 941ms
70ms Script
application/javascript 3.14.20.254

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.14.20.254 -, , ASN (),

Reverse DNS

Software

Resource Hash

eeec55951c1de946ac3223f4daafac7f1cd8b253fb4064aa878da400be47cfb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 177ms
50ms Script
application/javascript 104.18.34.83

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 117360
etag: W/"651ed188-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8560912beda97440-MIA
expires: Sun, 18 Feb 2024 21:15:35 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
510 B 229ms
132ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=ald.my.id&_ss=a817y1kwq7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=1jf1&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa69091e540cc66ea335dd43fb9ecbae60c9db7325a8e44da7b5be46cd2bdbd2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:35 GMT
x-t: 0.195
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IfvWau86YsByTaFRWnVr0ig0vRvbcQdPLegjevBSu6WZu83F0MaMUGtahpqdg1CloiU24YNVOPC0L0KCMgckHkoRVihQe2SmcyntugOthYR8pPDCl%2BrvzXSlFhfYOCBcVh%2FgyvfVTjkH7k%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8560912bb9988df1-MIA
expires: Thu, 15 Feb 2024 21:15:34 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 682ms
69ms Image
image/gif 67.202.105.31

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1708031735727&dn=AFWU&iso=0&pu=http%3A%2F%2Fald.my.id%2F&r=http%3A%2F%2Fald.my.id%2F&t=%5B8%2B%5D%20New%20Matthew%20Crawford%20Onlyfans%20%7C%20%2399DEGREE
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
464 B 622ms
75ms Fetch
application/json 18.173.132.23

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:47:24 GMT
via: 1.1 02d40d77941fe6c2f8e7ff5156c01128.cloudfront.net (CloudFront), 1.1 11280d8f37ba4cb1d8f36f9f2a6e4c76.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 1692
x-amzn-requestid: 8690bebd-4463-4982-9ea5-248e9c4742de
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: TMe-hHWwCYcEanQ=
content-length: 50
x-amz-cf-id: 0M0d9-Fp7GHA-ZOZ-5z43BcKRbux87BNOaICmHTAkIBNl8IZ2yD8fw==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 384ms
73ms Script
application/javascript 67.202.105.31

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=http%3A%2F%2Fald.my.id%2F&pu=http%3A%2F%2Fald.my.id%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfd0746bb41877707a7922b5532f17218bb0dde1d0ff072a2882b9a3a55eb94

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 15 Feb 2024 21:15:36 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1266
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF16 42 B
63 B 223ms
220ms Image
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtKqfd57aiJMkZpiM5yKGj19IiLvjYTmpAP4d6H-Ocrj1Bf9GrtFDVRHbjXBSnHwT3vPLviMcsEfNRvSToz0_Gunb0vaTHffz-jKQZFFu5mCO5sRc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734498&bpp=10&bdt=635&idt=808&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=647771535837&frm=20&pv=2&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=594&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=857

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FF16 93 KB
33 KB 124ms
121ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:15:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame FF16 3 KB
1 KB 229ms
73ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame FF16 20 KB
8 KB 251ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FF16 204 KB
61 KB 91ms
89ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:35:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1E79 624 B
246 B 119ms
116ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNW90V2eDQr9rc8s4mL8ZFt1BPbsRLoJ5kR9vP3I7Sx84GVe5ow5IjqWYa07bEBZxFO7TCYBBAcsEYAk3KVn_kp1iYXQvA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734498&bpp=10&bdt=635&idt=808&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=647771535837&frm=20&pv=2&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=594&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=857
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:36 GMT
expires: Thu, 15 Feb 2024 21:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 232ms
72ms Script
text/javascript 108.138.128.124

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e822cdbdb0e7f6a40fa06e5492b5d68c11ed3bd2523f5f40fed171e6ee18f3d7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 09:00:08 GMT
content-encoding: gzip
via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 15:50:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 44129
etag: W/"06c95ed0263bfe7a06f85069aabf8837"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: -1mpo1C81RmZKxPbT6znk8FN5rCFEtBiGR6IYBRyZzWadb3PYMXHQA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
598 B 217ms
99ms Script
application/javascript 2606:4700:20::681a:c3c

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001708031735183D80BFFB3DA9F30B&nid=300&p=836148727&t=600&s=1600x1200x24&u=http%3A%2F%2Fald.my.id%2F&r=http%3A%2F%2Fald.my.id%2F
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fald.my.id%2F&j=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
x-t: 0.92
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjFlwn1n4pFNS7h2ZoFmy%2Fd2%2FY2UzHAaiGR2PktJuoyYpLZ2qjEibdwsGd6e8Ukqw%2B3YQO9pSBwrTvA3CWqQsowwU40AW8ZwWfVbFz2jMdjLhLsiPy2mHNjC9b7sTYuBL4NRhInDBNlsxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85609130f851741e-MIA
expires: Thu, 15 Feb 2024 20:21:18 GMT

GET

/
pixel.onaudience.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001708031735183D80BFFB3DA9F30B
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=130f1ea8-f407-4bbb-9d67-dd3e79d9b003&icm&gdpr=0&gdpr_consent=&cver

0
0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/ 165 KB
56 KB 148ms
145ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/reactive_library_fy2021.js?bust=31081169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f248eae9976c5b812e7219aa20a9e7988bf2b312a19e134707694e908683549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57026
x-xss-protection: 0
server: cafe
etag: 12748207758698818176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:15:36 GMT

GET
H2 200 ca-pub-2542884292174911
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 346ms
103ms Script
application/javascript 2607:f8b0:4006:820::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2542884292174911?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DzG2X6s2TdxuIcjmx7LZAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-DzG2X6s2TdxuIcjmx7LZAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIR6OH393rmMTWNA18RQTAOYdRKs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85A5 42 B
63 B 130ms
126ms Image
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYcwrMSYKl_G2L7DqfxF9gzXai_goDUB3L5APPNx-7xX1tOAmLcGjizKnZnso8sDaz7w6uV1ylGL_rTK0VyIbU_TTHzENTJSU8HhsCrbH-WVYfmZI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 85A5 93 KB
33 KB 111ms
107ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:15:36 GMT

GET
H2 200 adj
fw.adsafeprotected.com/rjss/bgd/1941868/78231746/xbbe/creative/ Frame 85A5 280 KB
0 735ms
78ms Script
application/javascript 52.1.95.128

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1941868/78231746/xbbe/creative/adj?p=APEucNVrxkL2mLrSNIwk-LEvflyZlhxa2rLwZXLDekcNLOROj_FJQM0&d=CpkBAKAmf-BT0D9sjkaRORAz0pqJvOrLX226Ft8o4ydANkkAo8PKk4APM6SQm2jcTYt9oCg5QE3lRoqtu3rA47qo27PTeFdSFsIwu9ZoQbuY4xvApC89C9YOK54ik7cH_hj7qcTtGWLcN1CkTQSb19URkC1a2ywH7_8R_rO730uQN_ElpoeaBSMcfJGHQEkVBCW8IZ_nnE8wUTU8EskVAKAmf-DytQD0cvEYywCMPlQnefvBBOb4gFPVjFp9lexLXaSilyNbTk44bENK-GZ9XcGSLvs-WbnF92YDRXS_JiPAJugQCqy76Ep7p559F0DSvOWDCTo3nPgCZ8N4hM_vX3Ot1BrDnBY6fqxfA-CIpZu5J1qe4PM_ZZm5bzjLLC6sLdL5QZz_zqW0YX2BEauxdwziMNxvHrOc4KfARVJxyGwG2NgI9PUK1tIPbRAUP-JrEQWq-YjDoa42gI4ksX5eGo9ZQyNVdL2IS5KPImIcLjNWWbrEG6x7FwxhOioVMz_BtW_tNBvePOTHr7CUn6ps4uv3vMN_47d0dRPI02WWDpvEUioDlY-UX50gRk3pEIXznrRJFymiyX0uG0hWLu8hlz4WEx-Zzjsp-mqU-LqPTErxD3k42YMrUkxff1-ayZWiLAVtKgGSe0yK9YIuP459rfV2HaHC8Mb7ubucRNSuAo2GWQ84CT_0bt2dEZOc6inAW_19JpKZTen70Ha14QBlXG1TbocerOobo0XF5NwUkVPoEA4vheCxrlkEmmdyTDYxhEeVllaiNUMz-PNeNPtpoUWg0zeaC4hHQAILiSEBsKC3IZs6CazGAhZp5aDq43rGnRyGpnchKrivpibwK-MWgkHTD2ri7VknqWqNUtyT6_L8IL505pOlbx89DcNHTBRp60CUYjT-I1g7RIQSvToWYM1Fpv4mvp4oDqkuYnwE7SHwcZH8HUOlrqfqJxzgKGHauskZND8g85srG9NfQM9QNbuzlf_BG5F3-R-MrYC6ClhJqJYfAUBGEIVqGedzLIJzhAsJze4OXfuYA6Sz8LRgz8jZLt_j8G36PaescgSIoAWneVQQiTJ8rDzd1m5K4_HqGvV4hNwtZkkrb3GUVOr12t8Lh9gKhXz9Cuvi6N0xQ72gUaQnN7nnK3NS-rB4ZibamQsrXmdMGxgEmtQw6YmOOSPgAp1aiyWQLsyOvy3TSArCP9jPj1raTBcNjkrOw6ItzFjimVb0akASscM2YGQQnqj2xOXCNoAur2TTvY5FXDQJGA1gVPjsTvEMztZwWP9ttpT8FacGS1aHfZadyHZbBn_qeDhWPb8OWiOBCDqVsZFR8S2RMlxi8Jln4DB-2lUbInkT7fb1kVBtI4Evx6AKMVsIAxOKctnLjXZolEty9xpGPXp-5-QqyWgKL7FshmorycaXUIMqFKPhK5QBCcoGcSnYwTMm236G9eMuevZmExHY4d_4B8kcMw3nWOfnJz_2JSlbWUtdEZTMjg1Bvlpu3bkUFclfA6Xki62UG822Z5ACHOKNKV8_tfIg3J_6zzLQDfkv_qn2dnh2QuwWm7ld8gWXN-lc3Bk4AyEaxXgPOSCwGFOqLKxjBTTl-lYekUZvj4IpfsPz9V9_sDVV8CbFiT04vJvuOLLVtzz1O5rG_5ohUrBaxdylPOw70eOHzGJXf8L8IWVRpSDMi9GlIXUEgUUygRnIMKE0uv_Vk6rNaNHNr7ZBW_ur12d4JyVNR9imuei2coOX-uAyVtBzz_qlpn9dOVndl_MkxVGxZEB6qF3tqjLyFY6c662uVrBxwCts_uAD6q2VXKgYvCj1RixCWy7MPpSiKdtV-tuPMRcYDnHISkvjWPWcJCfGnf-VHDxsXkQ_R5XhbY4NTilInB_bzZyW3aac0d4eN0c8Qr7dha3x3XIhf1XUr8KdDXr5tDbxgUOCZw0tSGcSN9TDbsY3bxnj4sgwrnRZIBZXvhLjqkB7FVWu0NILeTyb4qL7gvL3koykqZhU4WbHmLu6lTtqaeawaECpGgJRcjsEGGH1PZJq9zNoiKuHXmYFYrSsgdeE-Wj57WKKtbIdO2wzmEjd-9ECeL3btOcfTeiEgLSNhcbZ5ZKFxhSuLQuFl1NcX39PfaGxzKG6iOTwtVKdCJC9OCG42-dgz7uu1b0sANXT7xV0rcvV0Ew-Xf6-CgC50_LtdMirO03GU-87MiDyJcRKwXVoYEmwP8t0Cs0r3pQjmkzSP7JOGrQQ8pmnDc6NG3eUtzQ7fR5y1gXpblEV7MeCtbTCdY_hLU3I-br6FfHp8wDgnSKjQAsEUlp-xCy7Q0K2P_9VTlq6VKAITLWE67VJqG3AjZzI8aAxVh8BwkHJtaHLY6KktxRgX9574DycIcmgGbZy7EWvsoWzPLTLcQ2C_9GGSkdlPj1wAkx70YRzsRbLl9-ZuebRV7V6IUATTmWrpjZhJpkyYGZeHKJv9OIwGTu8dX_P9aSyIA53lUjU796Btk2MfzloB3YDdP2WeTHQ7rH6RA8A1D5cfTqHZPcEMAMq7Z_2tuI56Dt3LINP0k7U2n9vzvzKzGcND0KIImkCIFe6HwNiAhxCa6ubT1_PieL0qlbOw0ZpXOA4kEweg95kk_wKZzmxwlNqGVyTX95rMMO7MyYfQGZTiv_pFSM5-oo7VdUuiAjBi_DTNiN4BH9df17DJ11FyLXtYghUZ-cZcSfPS0JSE31BhQlVZD-TY2Fe8wfgSbuN78MiYAP_0ydNBtn2MBxCQPJeAu9WfwGOApCKWYMIBOpFz7AIuCXYPdaRq2XbflIfkS_JwrXCwYlPI9Lz-AwQJgusHI7CPg7XMjzQ3xkYezbUbTmEE2Sw-R7nuwOg8Rt25J-DGfOkseIkgCmXCfvTLIYqtn1oc9FWrFm9o4EMPeV94NM3iFTMWdkL81vPBxhR_IY4xPfFkKKIsKc0aGE4I_pHaxVM-IaJeRxMCObXjr69snVnokN6GIbbIRiQjuoYqmd26olEiDg1Tc6U3F8Howgv2CZWdLrBZcURw400kkQ5IIKIehxQ_3Uhkk3ff50OjHj4x-60FvBTCejRYL5CFGFYwJYvDICzuNC-JXMKTIFCSAYfoVHXq6KQ3NPuUpaZW_FMrveaCqjWEkUtUBvROIidTvgLqC2NkJhrUhfRAXCK5kA3rKGVCDvotfkqMXsFDnacwn-rEoatKw7_bPZ6OmOi1w34hU06hAaLJj_1Cs3abwc_ZKNo2m4xnDzF2r8FUUtMje1cOaYdU_5sI52yexIkH1FjWUSw_xVG4XS1VZ-yOJBd3XRvXw4iUUT3S4pwApW06N2kGekDekrK7BPLlP9-HKlY39h1O7LDyEOl6hMECplDIC-6N-bDTL6TuaxWvbR5_pzoLA7W6e__3w6hkeaUFGtKGdcBJ2oVgkp_mWY9jshMfNdedBMv6tXcw1xUjjdQNtFtuwDVbYrxBb1SMCW8Pm4yaHG-hFjAfTVB89Fq4j3YYvIY0Mmzz6743hXb6Az0qH55n-9fhOisuaIjqUAV1FqS-F5qd2AiQVTa5VipOcUiAH3RyJ485LkxqDooP6WQvxCdFrXPgd4izk_eRhBHuqf4GUDwYNDf-O2HFRBVYGasOzZZQ62c8AqBALMuKvH6s1JuHkABmMg_0ICXhUDzUnVUepfMEoWWd2jOUoKWvIEeBtNURIWTel2AJRhyH4XmsA1SsWBwsA4UtvVW8tNZfDNAakohnJ5k7Qu1Vs0AvTgVzHMZQDsH1BLKuYOvctpWAfpKhKIpCVXdtjowzO3fIpgITtgtwsYWIz25XjPmZc4-DJqAI1mn3pedN_Gq9x567GqJWkjOHRfZXNzYESknFKGTowOn2LJtJhkobmdmHJAgDo8vK3LJCFha2m8KVjt9ZW3d0mgLPT_RAHdgORpUCAQSTgAvHhf__QW99X6e4TAVOzhZieqAAQEoV9g7LqpLjhmLZh_ENuBMznXZqYHN3kw_2sOlsMhsw3MBttGzVvOXmDAypsi3h5d-bludjcxwDBgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1015467873&ias_pubId=pub-2542884292174911&ias_chanId=1&ias_placementId=20936853500&bidurl=http://ald.my.id/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jTJCi_zprvANP4AyBjmY1C
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.95.128 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 85A5 3 KB
1 KB 129ms
66ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 85A5 20 KB
8 KB 121ms
56ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 85A5 204 KB
61 KB 103ms
70ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:35:14 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1E79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1

43 B
327 B

103ms
78ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNW90V2eDQr9rc8s4mL8ZFt1BPbsRLoJ5kR9vP3I7Sx84GVe5ow5IjqWYa07bEBZxFO7TCYBBAcsEYAk3KVn_kp1iYXQvA
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kot0jPn%2BZxYSqQhQWvnN8x%2BK2SPf6vptlhYZfaYfH3QmvMTj5ogWGkH1yiFk3s1kk6g1EKF1OgUKb7042ERiMojCl%2B%2FkH20Qa7txIeWjB23mbH3SRAytIUshKQkqfQ30JkvmsZFBIODn5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85609133ade77428-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1E79
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc5..MAoJMIAABftAGJgugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2

43 B
770 B

147ms
137ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNW90V2eDQr9rc8s4mL8ZFt1BPbsRLoJ5kR9vP3I7Sx84GVe5ow5IjqWYa07bEBZxFO7TCYBBAcsEYAk3KVn_kp1iYXQvA
Protocol: H3
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF0W3pcu6Tp80uls%2ByxQVE6R71QSMp1h%2Foc%2Bq%2F%2FVW1yUJKxL7ZoZuiVwNfR8KZA4e1pk75o4IBw8T6eEqpClE1jqullYhiWq9NQVXXfeR8utNPa68STZ6VgsMlbM5swF8bvIRH34UpyxWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8560913659dc74a2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 1E79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJYSKL2gnWq9Cx1aLm582Y&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

43 B
1 KB

141ms
95ms

Image
image/gif

68.67.179.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARik_YSAAjAB&v=APEucNW90V2eDQr9rc8s4mL8ZFt1BPbsRLoJ5kR9vP3I7Sx84GVe5ow5IjqWYa07bEBZxFO7TCYBBAcsEYAk3KVn_kp1iYXQvA

Protocol

Server

68.67.179.155 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
an-x-request-uuid: abb90afa-44ac-44db-8112-84220e506b8c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
an-x-request-uuid: 6ef93b2d-fc06-488b-afa6-e95c170788eb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1E79
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

170 B
188 B

158ms
148ms

Image
image/png

142.251.41.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

Requested by

Protocol

Server

142.251.41.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
an-x-request-uuid: 5eed3c92-2c3c-4621-b5a7-593cddf2f4dd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF16 0
20 B 131ms
130ms Ping
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1171118769557&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF16 0
20 B 164ms
135ms Ping
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1171118769557&version=m202401290101&ct=77&x=1&cor=11736530774972631000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame FF16 34 KB
19 KB 166ms
133ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4BaIb4KiMGa-TtHh_Vjaxvv4csd7Ntt4ZfS8ZSZOcODAvS9Bbj1lhgOiPemKDMzLJgwRGlKu13Y3ViTp_F1mVqMEo2EnBrkwf7_X6LmtVvPNLQV8EKuza_v_1cEEU9T2W_56lM5CPd_NxTEOZSu9lgbPFTqqikcSoFKRIfTi7qGNaLSw&cry=1&dbm_d=AKAmf-CFZBoV9lARLcd6CBWwJ9IAIBU_f4VQ0P7HOb6ndzzt87uHG2joSaj196YDtZMCCuojwoJIyIYIaNEoT311bwnLl1BJ0IeKHNDd_BcVml__FSPr7mQdn7zhhsf6PtIIQRESt7KSOXHmFJLHc6W2oRMMqV86FnaIyCUvTS7fs3amxKPP8GmEOMIUcUApefjjGiYgGgjh8vXdTs4TN_y65UlWPkBazes1kU9rs0Ks00Om_3zZbhhnvnuOvFXe9PPE5p-vpFo_0Uk6SWvE9cmV_DyIhsT7_gOsqk1mLECOUARpcziLdN9AP7gUxzq_CcvYLHr348bl-nyfohU85a4yyFkP0V_DWtMPtS8NX2_YEkkl6iYnI4Pr3oWdeP6uu3rrWDNYmOj8HpVHvsbKN06r6aJr51MN_ZrqeO_OBJydSxhAvhAibFAtK9FXBkgu2zKmyBUHGHlAQ1Yhq84YJq82XwEwdpJrVdniYEDeydf5ORwWdsAvwcCtdIixZMbz9D1yAdb51yFp23-5c8R3yyZqCcs8aCbviXoPiqFvSamgqUgpLBODp9L2JOqSIkvoGYFD_D9vpmbw6G9aFakzxMPz27wbAO0TjYELYMJRhqQO9Uvq6SLIwEwLlwnu-yJbE07YiIO8oyB5TfzC-XDXQAjXNxarqgRxR1eStg4kGL_X1XK_RVVtdG-uIhx1IkwbD16Zo93ppTSSNgMAXuxgiHcnuKv_u7cNpXp6N0l149Kp0jzoGJSYqD70S6a0g0tI5DgzrTf68mbK6kC-WevOAmFa4weoNFCRz-rt7uJHS31qSf4OJz20CG8Z8xx6P9iEoUvbWSe2dlKF-oEIxDMjTA8_hT3nqg1A_xO6_TbLdDqLNXwkXjHi5a0EZ1TT0iPD8hVstE-mWonXV0Pzd0HkEfib_XTyC1S8Qk5oKVL0s5PjT-b1qjFGIg2ptiB0qYZDUUX4pMAvaYN0ikUigi1kIEtNCGBzsyuoLrxmhYS0dLE_43EuINIOV6vb4OV2Q1K5MC4xVZo_7muc-85SCoSdGxughlPYlvPIJ_TkFZ8yb-Pn_9GJljGYwrWJ_G9XULsabrUYuRbyK-V0skKqzbHmp7KNnvdOG64O5s7Lljq_XuT52yfG9kLHt0iHAxGjqLDZSZGmuJ1Yf3BcahXmJoMYTNyrjMbFULy07cF9QPjHuFggW-MXCN0nN89eeYKOG5KuLE0flSiDf5rO-Qjo5bDDnlFBDhFlht2fJwrpg0e82oZogqy4QYbmGH-I2hC60IUpXpCXTvvMa-8R_X31e1NENiocjrCE6YMT7jgS60ozeX8ERmRhQxiUO--6WDx_uOQfMQAONiiQG8O3UWeb4yXlmwuXVWS-B5MdItJ1qcFA2zeQ1kgL6nJ10iskPt6wz-OhiX2u9R9m2B_j5ktxVALk3HD5G4IyRtp-LUWJJT1T0ErwOw0wlPy7jHA1B1gLYdBHQtkm42dHO760WhkpygL_WRiCNpjVB8zIXO0uYsuWGyrz-F0bC5aQIUlnUqblwNl56kLmfJSjXLP9Cy8ptAfPp4rX8SvVO3sDCmIwmHYhgh67L2G1GgXxFJ4-01lYo8J08IpaYEqOSsJXYypc4rWNFryeErNkrydV8lHkXnSqaLQf09fKeY-lUGO2acYxE4QK4ddi2FTJ2-xIW2zeGhqOIVPNRn904fPPBCdjNiputMohNYIT0KXZH_JCzPaOuMgjfvORYHptyk0O6NVrVlPjrdPJ0-5eDS47lBx40YaoIkItDHd0x8Ud2qFJ6psJRk83640yGfSGsST1C3Tc8-JefMRNNWLzt5HfLgbZfqhtsPVDb85tjkbPiqcjVjXlOoXRlNsmE3aq4PQ2EVm0GXJ6bx2g9gJRFuSOlg1168aXPKtzcNwzn_a536YOE0byzRUBSu3s7ER6xKuBsBvliNCj44GtbrWNnnrcw1grY7LnFLmyWgKpY0m9MadCS1UvTM297LkjH9CrfU_eUFJV9ITeEvS-IV8CADgToK4d5rM_Fi5i3n9NNusDqAnyGqSnyXxJ9xOwcyoV-CtKj9I8GhqhZbY8EwbCZgV1BzsluiE8cHrUR7Q-dMzibHdFhUl4jWFQVFA1CIX3gqurX7l-qqRItqUiGogn_wbrDsGx2i5aitNLs7QYsyRru7s5ZGeTn0zi8a4ujE3Hf6q7UHlyQYIms_1__OszDetW7_PeeHuzF0BvDMEpQ8X5N1CdC1Wfgn_ittD-NAsmE4B5RxrS0xUIXPl_ub9jOOcIVXijBJ5uaQJyw777AWhjCnq3pfewdUgE2dkn7pRl_aVdzfeA79Nr_ZsOnzdApBZ4GhM6f6hzojRDjopHtE7napjA5BS8rxQHva3bFRjvLbhwbsgcplHS5oQlmYmZ5fs1beAsKiCB0C6rtfeEYL3nHTE03LJHpgRcgabv2WSebM7EStSXkcTAi8iN9MpojhLTDfoDIJKBmDghU0qcPVWsz3WZnJDCjfmrXkzm1jEaCvEc2Hkm3DGyDGYskWwLWU9A4qrDD114sseX3ciGPa9ZG4jsSvAJQs6x5apLsaULd48b-mN3caHudODquYCsInyE5BE0HZQd9HgBSmrOE-8Ks1CmFP25vuoyReUagU4qPyzWXQpvxC3Ol8_45QdsFiiwODP9MjybXKUzFAKXoOcu9wT7PojCByx_MYpMY6dKRXHmbo4zNvOlJ5BFeT_9KxKw7gyAXhRbezWfVk2y3driLr-uF9JfClcPJtlqxzWLIFCBdwrO9YgHeDKzltObUjnawTFTCKnZWKyyxfA-fgSN48tV5FuN4lAz4gx17SNsplKEUX68GCzzdMo3SFDrRhGPJlujqthf9-pFiosSaPKQumZYO9zZsAK7v-zukZPC3LfTJK7vxIsKOuosZ2tcXe5uwA7JCjue7EgKy4D4UJ7fbMXKYCBrH6xNjJoUR1VvBkxzENhoRECrkRKJrLXZJf1c6vBQ8BkVtU-FO4IUO5lEa317p0D0t8KjP12L17i3v-4aZ4jWUjYeODqYQpf0zw4pCAT5pfwqquLyj5FohZ-TtfTRaMJATWcUOCFrHymAgBDW-jdn1gF1_vwWq67lJE5WEU1IYbwJSaCrBCOeM9HM3ouwdAhQM5H7Nw4kbj4wLq5zSIhHBaZeKVfrURq5GnV6384sdZeDYlZSA9zywMVZgUjawAw8uFydAGybX_N_3GHE9sgQAv5YQOAhxG4nmGemabEcHfnoq3Nw93AfbNp6HSaFcA94tjFrwREpO-UgbrQqVFqLDKe9S34LdsTEEOzum9SLJp84wkt8JzatlqDo-G-z3k_pwf9HwBEOqc_9G83vP9gqyouwJoAW7P6S7RVYdUDGZaZQc9vOWoyxIHB-dbj4pUHDySoNmNFcRpfWCYsHIP5rxDfedkmhofVTHMAY3VjP-rnYyE9lg6ICwwHQDqqcKomyKM1xG0zxnYgt6KV6v_E06gX9v_lmU6d0loioJr9PtTv_fcrWgp8l6N0culmYcB38wBArZOIwKPkrFmMpNI-IDc0q2wupauMyWlq6byzeKiIpBOhJgybe5mqDO6GUfHA6QI5mKDcwO0Q482CErzCY0bs6RZIpnXPPBxYiaiVy7byVwHYQ2SXRwkbGsUxBO8zN4UxATCSfYDJZ7fH0ZrdD7AHN4SL8-XgpRQuBybTTydmtGneap-VTkGeFXSPY1_NEEZonO3npA3uUHOcgaYMFeLWgHV_fIRZgVULaYdZocL6vnMDG-_Bu2ydQx-FSGPzwcK9aohur8uQt2mSj&cid=CAQSTgAvHhf_3WAG3Nu9T97FM2AJLm35uFQfm5qDIjr98IBXlaGfjan9daVoUPPcX0o7n2PqBmMN277DmhIwvRRl406pOMHs6JYgpxs8cpnB4BgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fald.my.id%2F&ds=l&xdt=1&iif=1&cor=11736530774972631000&adk=356101034&idt=216&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=952947216&adf=2571581873&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734498&bpp=10&bdt=635&idt=808&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&correlator=647771535837&frm=20&pv=2&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=594&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=857
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lotame-sync.html
cdn-tc.33across.com/ Frame 498B 343 B
459 B 230ms
57ms Document
text/html 104.18.35.167

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=http%3A%2F%2Fald.my.id%2F&pu=http%3A%2F%2Fald.my.id%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 125817
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 85609132be194c33-MIA
content-encoding: gzip
content-type: text/html
date: Thu, 15 Feb 2024 21:15:36 GMT
etag: W/"651ed18d-157"
expires: Sun, 18 Feb 2024 21:15:36 GMT
last-modified: Thu, 05 Oct 2023 15:09:01 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

/
lex.33across.com/ps/v1/pubtoken/
Redirect Chain

https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d55...
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d55...

0
68 B

139ms
89ms

Image
text/plain

67.202.105.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBusiness%26pdev%3D%26pctry%3DUS%26referrer%3Dhttp%253A%252F%252Fald.my.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Server: 67.202.105.21 -, , ASN (),
Reverse DNS
Software: 33XP019 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-33x-status: 208
date: Thu, 15 Feb 2024 21:15:36 GMT
server: 33XP019

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8
location: https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1708031736373.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBusiness%26pdev%3D%26pctry%3DUS%26referrer%3Dhttp%253A%252F%252Fald.my.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET

db_sync
px.ads.linkedin.com/
Redirect Chain

https://rc.rlcdn.com/361726.gif?n=1&33random=1708031736373.2
https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCPj9ua4GEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=26d03a5c0882ff3fb87d363b8110f323d27b29f43e9cf4c489f9cd837017572c791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=26d03a5c0882ff3fb87d363b8110f323d27b29f43e9cf4c489f9cd837017572c791426b5417dce21&rand=05073084

0
0

GET
H2 200 dpx
i.simpli.fi/ 95 B
551 B 342ms
41ms Image
image/png 34.86.70.109

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1708031736373.3&ref=http%3A%2F%2Fald.my.id%2F
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
server: openresty
content-type: image/png; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 95
x-request-id: F7Ql0K0hFvrX7Sc2VAjE
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

ddp
pippio.com/api/sync/
Redirect Chain

https://rc.rlcdn.com/361726.gif?n=1&33random=1708031736373.5
https://pippio.com/api/sync?pid=5324&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI-f25rgYSBAgCEABCAEoA
https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI-f25rgYSBAgCEABCAEoA&google_gid=CAESEL0U6pB8vq1fErss5TGaHpA&google_cver=1

0
0

GET
H2 200 dpx
i.simpli.fi/ 95 B
552 B 338ms
37ms Image
image/png 34.86.70.109

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1708031736373.6&ref=http%3A%2F%2Fald.my.id%2F
Requested by: Host: ald.my.id
URL: http://ald.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
server: openresty
content-type: image/png; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 95
x-request-id: F7Ql0Kz73zoms_yhi7uC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F6D 624 B
242 B 136ms
113ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHpMxCpgz4Yiqn9gwIwAQ&v=APEucNVHuvfimMsNlT23VSH90Fpgr79GgOU7FaDWs_xw15ztqwbf9UVIotzW7NpgWlL2G7k9P273YdxpLJGbpju8L17kfj8JhA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK t.dhj
t.sharethis.com/1/d/ 2 KB
2 KB 614ms
72ms Script
application/javascript 23.48.224.133

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.38161084376565246&stid=ZHoADGXOfvgAAAAIBDIqAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 15 Feb 2024 22:15:37 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 96ms
77ms Image
image/gif 3.14.20.254

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=http%3A%2F%2Fald.my.id%2F&event_source=dtscout&rnd=0.38161084376565246&exptid=ZHoADGXOfvgAAAAIBDIqAw%3D%3D&fcmp=false

Requested by

Host: ald.my.id
URL: http://ald.my.id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.14.20.254 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 21:15:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85A5 0
20 B 128ms
127ms Ping
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3397458115297&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85A5 0
20 B 187ms
186ms Ping
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3397458115297&version=m202401290101&ct=76&x=1&cor=4975159698944412000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 85A5 17 KB
12 KB 177ms
150ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfMLiBgKC1l7wP4EFTLG6znKhAEwY0Fhx1L_EFDX7IpN64lcFaJrQyIAuJoU6W_BuutblpSZe5K6oKBQCtBylwXvxs-3fIaAQuYTDhC4iENohsa5r-kU05ATtyByoaGQpAP4AyMN4omswpoL7JsooGQ0bjQUKElKC9DFK1rFDJUYCp22M&cry=1&dbm_d=AKAmf-AcQFYtnt1l4ntAnnp8ojIgGuCjALQ7omy8Ld4nJixnlkzkqE-JID1ErDQg4gIvmtDw3UfqYzm2LQznT1o3yBVBs5iDqABbRcGOm5jpYMP0Jd8qSOQVIEop3SzMo41j30NNipi6zIdyHKFwEcEDBUiogqziQH1s2JDKuzRxaT1SlaZM-byhDbrMzBBJIfNU5Co6UJo_C2DNkuhOpH9RBYF-Hz_9YBQgRV4UfRyH8-BIwsOQNQnlcZtkyPD7s30lzaBXut3l-3xQla1E7vO460kBmoijIlyc60-purtHC26_6uJFjpZ8pJU111AhuIbcQ9i_KLn6gvuqzVDbtmiz--vImsquNxQ0xzIwQTNyNuku2zEp2rdnZQPJA-18kQXH1vRRP9zz3JUiRe5e0rbmibw_5jMPB-OXK7OlFCRHy9daxICZG8W3pN5qDHbfFmAHzI0o7_j-qeN-MSiDAyu20JtfLrU2N7or4L6kFwbalqzxkGEisavaUBVsdcYmTozLzq6PwuznvL3BmxJu2NL0Ywt09i1tIhjSudaV0LXGlNgXyCxYSKyG0TT6Td2v7jduneFAYSaHj5GCh6YtdylNuM_JCmzZBbdXMARZumWYUi3TIergquy_61ts2kADw2EWYefEcWOFtCoOWHJ1dtujnK_XoCbfdNIk-DGoT-V7uKrsftKVV9JWaSuDf8gvUJ4VuQni9eaEimmAg51hc3XQhcDTqymqMLdILziLVXNNHZOET8xch7RAhdy3w4yRs57uanMx_tkaQWiZpEt_uG8PG7p4EtqnLs_lK-fsjU3Kj_seCm26voRCPACnOEuhXv1GhsZIf0larXLtr-b81wlknfwEb3oDdNzZthRWPz-0Us4hlbmc6LqvqhZzvmXTX0YysWgDz6vCkN1oF35mJGsrH91ifkQyZkRteqy-oBOoHsvu2wdQ8Z3FDyO55IrLdo8F8qV2KW1y5JJ7z2WhbmH9Z_2dmProu2szzOsfJZGZCc1tlS-2R-M49mZcgRWKiVbOWO7KJXm2v8nFXgNa-uHu7e-AF9V9-Yx6xScrBRqvZKFN29lEgLbxNC6onqobSa7etx_evgtH6sZ_GZowBDXLlMibDtrTAoj0pGcy5b2kGCeE-PFcrjmEfZgms6xMpaoXDrbj8ZJESaX7zIZwwd62iNIA_lJ7JtpA-F8_mXXk5r1XjUPDIq_kjwiBKiIRdcSd2H4_GqmkYpe4gWGmfhoNnpQ_o_OlSPlyVRfkE-lYUw0XM_sqm6KVdt9N_512J4jQNgpBlWTMXcd5GKum2gjP9QW6rUF1uoKjsFEev27mHZiW4TzrZVrEeEi_enWK00D2nIFT1a8xSavmdkXZvBFxmiGwECC9m3bPF_DiEUjNcUggEvK_-zFtVGlEsxTzWsAxlmf-zVVJyAA9LEPjFwV-huV364g-VINyruVsj7PHh-SiOZwdIA0j4XHqgm7o5qadmv5aT5Or7HGsAYn1fApvXX1biQmvP0P4pTPUVPiirA8tuA0oN2QBjOwrwaSugO-f29hllF486kcWtjr6gw2GtN-cnmUvZ9dt_q8ezPD2Ojw7J_RfI53Ed13GCctJb9IAyNTCmUxgX9peBfqydYmJtn9WkRorsaSkDMdAbWu2oigzeo-Po898VJKs5Z7Gi3zrtvJjr4maPpnn2zlUpZVG66jV-vwoonBnJAtQGBFlT9dY5OFgVG6sFZzkz03eEFbUOBiTe5GHd2R360QqNN9jJ-bPJB0RP-l83yY70BD2icjqMBmh5pdpGwod1AYEdzssJFWIowiSluAo6u8xkxUsiJXxaFYCkETAAm52sEEZAtnFT3DbNUZLa9o5G64msQ32wfqDGiAT59AKUxlcYGP3R5IqCLUCZHwckCCbvIArSB7swq3awHSpeLc-k0m-kc_rNocOsvwZqln5z4sLnEClyI_9DarZvtcRJCdOD9aQplRTndc20w8tB2uBs92w6snoj2PL7stQHycPaPom7zuTEIqFklSVHRmekQrJJYp-PgO2_eWL0sl0cA1O1qtFuy5DB-HU0II0iHW8yrJmbi39OZXA30lKL38tdlqss-PcJEE86vdGoYSR02gGhlx0DgBObpDXD-1XshKkJNeroclKSpDGtbq-xM9l4XrzwO3g1kbiSu5hH6S8SNsWohwdzi2o-gUGfm-qGJyJIoVG0yWWwZgd6lnwJ-x_vmcaC3wngGoJ8zgnOGQvRIuO0jh-9XIqic8lY3iAjOxfPRTPN89ihwoK6Chab8N7Oz13pUOsWP3W3pu34yH7DH5PVciIY66wI4rlhX4cG-GtjrwxK9oVQNIX4Nhx924RbZd8DK6mpuUhzIIKyU-9j9GiU5cz__kl6pLaRE7ONAmGLApj_SyEC0aZQgYdWInmfDs5Zai7aEVIfJJCEUX_EUT6U1B3bAaKMnaGvx2nk7lAceGF2pPwa-wDbdd_zcoWP_30tY6boN6HrzxWTGb_x_ShRDKLnlQzReNq6cKfi2-Wjs9v_UfS3xcLQ1otk8E65GkB-u7LPVXu0FJlFrtZbBenDeK0e_eaggzFfrGGM6Dl1axwaM-voMFKhgBTG90C6g9sgswFP9yNflWR33DFqa6nTho6CrrEEfut6EQ8jBUMeMJ5LPhbV-dFypcHUdIbMQYav0SnJb_ci7W2beGdpuaM_X7BP4CTqlmjIjN-DAKm7rxhbg_Qk17esHpAceXs_NEVpmERzMJzci4X0TVllPIhws9iuVo5Kv4c5FKfhr-WmvbetsXzfGPinkk46hx6K-rpDeUwnn6SQwsDr2cBEV60_MqbWLT7AdnoWvJQTr7d3zkW0Tx_0T5GYz40sNbcD0f3eksvLKQmz7L8FkCild1iAeKIJ6lxJ8OyYpNNxOeeETgHocSp0L8Cr-Aj3TEZJa8ukhmFkDsdfV8Q1kEXuqt2mfGVXzUZuiQqU8L4_v23F_szoH_nbsagsjWfzYD1PUkjs7b_UR-AkdL3APHFaUTFAGhb86RIeypm5NO5bFj7fojr4xDrivevzkzvjXWs-S4v-tgqMEOPjQ2aqqVUpGatp2nR9LXx0Pc94c_y2JBM32Jefxb_5xIuRw-etOwC4FxE-3cab9WwNYDWVduGrNIeXm5j8URmsAsKjhAGdj1Jwuo1O5123Ub8fIx_FY4Bjbeulil0gMdksOQcHmu0BdZGzE1UilvdzgOqAdcpaMmezqZJ_2mKDHMzwdKTaA&cid=CAQSTgAvHhf__QW99X6e4TAVOzhZieqAAQEoV9g7LqpLjhmLZh_ENuBMznXZqYHN3kw_2sOlsMhsw3MBttGzVvOXmDAypsi3h5d-bludjcxwDBgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fald.my.id%2F&ds=l&xdt=1&iif=1&cor=4975159698944412000&adk=2923430906&idt=131&cac=0&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2542884292174911&output=html&h=250&slotname=3704632056&adk=1080356790&adf=1713894358&pi=t.ma~as.3704632056&w=300&lmt=1708031735&format=300x250&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&wgl=1&dt=1708031734508&bpp=2&bdt=645&idt=862&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=303&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=908
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12739
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ 5 KB
2 KB 536ms
64ms Script
text/javascript 108.139.29.7

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.7 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 fdc88b576635a6d1858343ad162c44fc.cloudfront.net (CloudFront)
date: Thu, 15 Feb 2024 20:19:42 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 3356
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: XB9ZGmUIZLL9ATJOf83OOO7olZX-TvEUJqJV4jw6DJa1qnwIK-Yi9Q==

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2F6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1

43 B
336 B

102ms
76ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHpMxCpgz4Yiqn9gwIwAQ&v=APEucNVHuvfimMsNlT23VSH90Fpgr79GgOU7FaDWs_xw15ztqwbf9UVIotzW7NpgWlL2G7k9P273YdxpLJGbpju8L17kfj8JhA
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpkcVupStyYs15yx%2F21S9Tiz7xeSlRvPzLgIaIcULYrmS0s3B1NMcMZfmIP%2BJqwd1rPJ5GgcMNImr6TqXciLwLx1Rjgt1FRfNtb%2BkpfV9tKQX48CMcsazPIO1UEF3O5T1SdMYR6Fz01DYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85609133ade47428-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2F6D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc5..MAoJMIAABftAGJgugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2

43 B
729 B

149ms
139ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHpMxCpgz4Yiqn9gwIwAQ&v=APEucNVHuvfimMsNlT23VSH90Fpgr79GgOU7FaDWs_xw15ztqwbf9UVIotzW7NpgWlL2G7k9P273YdxpLJGbpju8L17kfj8JhA
Protocol: H3
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qj7GAAKSlIuJljxeCl8oqAefgihsjxB47F7AK838LFcsz8RTNy3DY28qt8JwEtTwD4L%2BOC8vEaP%2BThM9hGTJP4V2k%2B39iagVuLl8bEaU1ob01l0lXQ1i1o9O8X8Qe5OUtVh8mgdMe7Hm8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8560913659d874a2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFqNpRjXUkRGD3Tw5Bn1Vg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 2F6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJYSKL2gnWq9Cx1aLm582Y&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

43 B
1 KB

137ms
92ms

Image
image/gif

68.67.179.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHpMxCpgz4Yiqn9gwIwAQ&v=APEucNVHuvfimMsNlT23VSH90Fpgr79GgOU7FaDWs_xw15ztqwbf9UVIotzW7NpgWlL2G7k9P273YdxpLJGbpju8L17kfj8JhA

Protocol

Server

68.67.179.155 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
an-x-request-uuid: 899301cb-5de2-43d2-89f6-cc87742aad52
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:36 GMT
an-x-request-uuid: 74e79f21-14a1-4cd4-ac89-c87ed0553e0b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEJYSKL2gnWq9Cx1aLm582Y%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2F6D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

170 B
188 B

154ms
145ms

Image
image/png

142.251.41.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D

Requested by

Protocol

Server

142.251.41.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
an-x-request-uuid: 0633d6c0-0d5f-4479-b0ce-0ed50bfa7fa7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg2Nzk5MDcxMTk5MzQ1NjUyOA%3D%3D
x-proxy-origin: 38.132.118.67; 38.132.118.67; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame FF16 30 KB
11 KB 110ms
97ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4BaIb4KiMGa-TtHh_Vjaxvv4csd7Ntt4ZfS8ZSZOcODAvS9Bbj1lhgOiPemKDMzLJgwRGlKu13Y3ViTp_F1mVqMEo2EnBrkwf7_X6LmtVvPNLQV8EKuza_v_1cEEU9T2W_56lM5CPd_NxTEOZSu9lgbPFTqqikcSoFKRIfTi7qGNaLSw&cry=1&dbm_d=AKAmf-CFZBoV9lARLcd6CBWwJ9IAIBU_f4VQ0P7HOb6ndzzt87uHG2joSaj196YDtZMCCuojwoJIyIYIaNEoT311bwnLl1BJ0IeKHNDd_BcVml__FSPr7mQdn7zhhsf6PtIIQRESt7KSOXHmFJLHc6W2oRMMqV86FnaIyCUvTS7fs3amxKPP8GmEOMIUcUApefjjGiYgGgjh8vXdTs4TN_y65UlWPkBazes1kU9rs0Ks00Om_3zZbhhnvnuOvFXe9PPE5p-vpFo_0Uk6SWvE9cmV_DyIhsT7_gOsqk1mLECOUARpcziLdN9AP7gUxzq_CcvYLHr348bl-nyfohU85a4yyFkP0V_DWtMPtS8NX2_YEkkl6iYnI4Pr3oWdeP6uu3rrWDNYmOj8HpVHvsbKN06r6aJr51MN_ZrqeO_OBJydSxhAvhAibFAtK9FXBkgu2zKmyBUHGHlAQ1Yhq84YJq82XwEwdpJrVdniYEDeydf5ORwWdsAvwcCtdIixZMbz9D1yAdb51yFp23-5c8R3yyZqCcs8aCbviXoPiqFvSamgqUgpLBODp9L2JOqSIkvoGYFD_D9vpmbw6G9aFakzxMPz27wbAO0TjYELYMJRhqQO9Uvq6SLIwEwLlwnu-yJbE07YiIO8oyB5TfzC-XDXQAjXNxarqgRxR1eStg4kGL_X1XK_RVVtdG-uIhx1IkwbD16Zo93ppTSSNgMAXuxgiHcnuKv_u7cNpXp6N0l149Kp0jzoGJSYqD70S6a0g0tI5DgzrTf68mbK6kC-WevOAmFa4weoNFCRz-rt7uJHS31qSf4OJz20CG8Z8xx6P9iEoUvbWSe2dlKF-oEIxDMjTA8_hT3nqg1A_xO6_TbLdDqLNXwkXjHi5a0EZ1TT0iPD8hVstE-mWonXV0Pzd0HkEfib_XTyC1S8Qk5oKVL0s5PjT-b1qjFGIg2ptiB0qYZDUUX4pMAvaYN0ikUigi1kIEtNCGBzsyuoLrxmhYS0dLE_43EuINIOV6vb4OV2Q1K5MC4xVZo_7muc-85SCoSdGxughlPYlvPIJ_TkFZ8yb-Pn_9GJljGYwrWJ_G9XULsabrUYuRbyK-V0skKqzbHmp7KNnvdOG64O5s7Lljq_XuT52yfG9kLHt0iHAxGjqLDZSZGmuJ1Yf3BcahXmJoMYTNyrjMbFULy07cF9QPjHuFggW-MXCN0nN89eeYKOG5KuLE0flSiDf5rO-Qjo5bDDnlFBDhFlht2fJwrpg0e82oZogqy4QYbmGH-I2hC60IUpXpCXTvvMa-8R_X31e1NENiocjrCE6YMT7jgS60ozeX8ERmRhQxiUO--6WDx_uOQfMQAONiiQG8O3UWeb4yXlmwuXVWS-B5MdItJ1qcFA2zeQ1kgL6nJ10iskPt6wz-OhiX2u9R9m2B_j5ktxVALk3HD5G4IyRtp-LUWJJT1T0ErwOw0wlPy7jHA1B1gLYdBHQtkm42dHO760WhkpygL_WRiCNpjVB8zIXO0uYsuWGyrz-F0bC5aQIUlnUqblwNl56kLmfJSjXLP9Cy8ptAfPp4rX8SvVO3sDCmIwmHYhgh67L2G1GgXxFJ4-01lYo8J08IpaYEqOSsJXYypc4rWNFryeErNkrydV8lHkXnSqaLQf09fKeY-lUGO2acYxE4QK4ddi2FTJ2-xIW2zeGhqOIVPNRn904fPPBCdjNiputMohNYIT0KXZH_JCzPaOuMgjfvORYHptyk0O6NVrVlPjrdPJ0-5eDS47lBx40YaoIkItDHd0x8Ud2qFJ6psJRk83640yGfSGsST1C3Tc8-JefMRNNWLzt5HfLgbZfqhtsPVDb85tjkbPiqcjVjXlOoXRlNsmE3aq4PQ2EVm0GXJ6bx2g9gJRFuSOlg1168aXPKtzcNwzn_a536YOE0byzRUBSu3s7ER6xKuBsBvliNCj44GtbrWNnnrcw1grY7LnFLmyWgKpY0m9MadCS1UvTM297LkjH9CrfU_eUFJV9ITeEvS-IV8CADgToK4d5rM_Fi5i3n9NNusDqAnyGqSnyXxJ9xOwcyoV-CtKj9I8GhqhZbY8EwbCZgV1BzsluiE8cHrUR7Q-dMzibHdFhUl4jWFQVFA1CIX3gqurX7l-qqRItqUiGogn_wbrDsGx2i5aitNLs7QYsyRru7s5ZGeTn0zi8a4ujE3Hf6q7UHlyQYIms_1__OszDetW7_PeeHuzF0BvDMEpQ8X5N1CdC1Wfgn_ittD-NAsmE4B5RxrS0xUIXPl_ub9jOOcIVXijBJ5uaQJyw777AWhjCnq3pfewdUgE2dkn7pRl_aVdzfeA79Nr_ZsOnzdApBZ4GhM6f6hzojRDjopHtE7napjA5BS8rxQHva3bFRjvLbhwbsgcplHS5oQlmYmZ5fs1beAsKiCB0C6rtfeEYL3nHTE03LJHpgRcgabv2WSebM7EStSXkcTAi8iN9MpojhLTDfoDIJKBmDghU0qcPVWsz3WZnJDCjfmrXkzm1jEaCvEc2Hkm3DGyDGYskWwLWU9A4qrDD114sseX3ciGPa9ZG4jsSvAJQs6x5apLsaULd48b-mN3caHudODquYCsInyE5BE0HZQd9HgBSmrOE-8Ks1CmFP25vuoyReUagU4qPyzWXQpvxC3Ol8_45QdsFiiwODP9MjybXKUzFAKXoOcu9wT7PojCByx_MYpMY6dKRXHmbo4zNvOlJ5BFeT_9KxKw7gyAXhRbezWfVk2y3driLr-uF9JfClcPJtlqxzWLIFCBdwrO9YgHeDKzltObUjnawTFTCKnZWKyyxfA-fgSN48tV5FuN4lAz4gx17SNsplKEUX68GCzzdMo3SFDrRhGPJlujqthf9-pFiosSaPKQumZYO9zZsAK7v-zukZPC3LfTJK7vxIsKOuosZ2tcXe5uwA7JCjue7EgKy4D4UJ7fbMXKYCBrH6xNjJoUR1VvBkxzENhoRECrkRKJrLXZJf1c6vBQ8BkVtU-FO4IUO5lEa317p0D0t8KjP12L17i3v-4aZ4jWUjYeODqYQpf0zw4pCAT5pfwqquLyj5FohZ-TtfTRaMJATWcUOCFrHymAgBDW-jdn1gF1_vwWq67lJE5WEU1IYbwJSaCrBCOeM9HM3ouwdAhQM5H7Nw4kbj4wLq5zSIhHBaZeKVfrURq5GnV6384sdZeDYlZSA9zywMVZgUjawAw8uFydAGybX_N_3GHE9sgQAv5YQOAhxG4nmGemabEcHfnoq3Nw93AfbNp6HSaFcA94tjFrwREpO-UgbrQqVFqLDKe9S34LdsTEEOzum9SLJp84wkt8JzatlqDo-G-z3k_pwf9HwBEOqc_9G83vP9gqyouwJoAW7P6S7RVYdUDGZaZQc9vOWoyxIHB-dbj4pUHDySoNmNFcRpfWCYsHIP5rxDfedkmhofVTHMAY3VjP-rnYyE9lg6ICwwHQDqqcKomyKM1xG0zxnYgt6KV6v_E06gX9v_lmU6d0loioJr9PtTv_fcrWgp8l6N0culmYcB38wBArZOIwKPkrFmMpNI-IDc0q2wupauMyWlq6byzeKiIpBOhJgybe5mqDO6GUfHA6QI5mKDcwO0Q482CErzCY0bs6RZIpnXPPBxYiaiVy7byVwHYQ2SXRwkbGsUxBO8zN4UxATCSfYDJZ7fH0ZrdD7AHN4SL8-XgpRQuBybTTydmtGneap-VTkGeFXSPY1_NEEZonO3npA3uUHOcgaYMFeLWgHV_fIRZgVULaYdZocL6vnMDG-_Bu2ydQx-FSGPzwcK9aohur8uQt2mSj&cid=CAQSTgAvHhf_3WAG3Nu9T97FM2AJLm35uFQfm5qDIjr98IBXlaGfjan9daVoUPPcX0o7n2PqBmMN277DmhIwvRRl406pOMHs6JYgpxs8cpnB4BgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fald.my.id%2F&ds=l&xdt=1&iif=1&cor=11736530774972631000&adk=356101034&idt=216&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 09:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 09:00:57 GMT

GET
H3 200 Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FF16 41 KB
14 KB 111ms
89ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODAzMTczNjYzOTcyMQogIHNlcnZlcl9pcDogODk4MjA3NjUKICBwcm9jZXNzX2lkOiAyMTMwODQ5NTE5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame FF16 0
859 B 559ms
128ms Image
image/png 142.251.41.6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODAzMTczNjYzOTcyMQogIHNlcnZlcl9pcDogODk4MjA3NjUKICBwcm9jZXNzX2lkOiAyMTMwODQ5NTE5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA3MjY2MzU5MDkyNDU5ODI5MzA5CmRlYnVnX2tleTogMTA5ODY4OTY3NjQ0ODI2NTkzNTUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTE1IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MjM5NzE4NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDAwNDkzMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxOTI3Mjc5OTM1NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzNjk1MjQ4NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQKZG1hX3Byb2R1Y3RfaWQ6IDEyMjcxNTgzNwo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa0a1a9ee46a4e7210000000000000000","13":"0x5ef2dbf4520385080000000000000000","14":"0xf079c303318712e40000000000000000","15":"0x26ade9268d9c2a5b0000000000000000"},"debug_key":"10986896764482659355","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"7266359092459829309"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FF16 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/imp/8/225407;7893664;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN300x250/ Frame FF16 2 KB
1 KB 425ms
103ms Script
text/javascript 184.28.61.13

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;7893664;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN300x250/?ftOBA=1&ft_domain=ald.my.id&ft_ifb=1&ft_agentEnv=0&ft_referrer=http://ald.my.id/&us_privacy=${US_PRIVACY}&site_url=http://ald.my.id/&pub_id=1&sup_platform=1&cachebuster=317882.12358574674

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.28.61.13 -, , ASN (),

Reverse DNS

Software

prod-xre-app17.ash11 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Feb 2024 21:15:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app17.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 920
Expires: Thu, 15 Feb 2024 21:15:37 GMT

GET
H2 200 sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 498B 39 KB
12 KB 96ms
65ms Script
text/javascript 108.138.128.124

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.124 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 09:00:08 GMT
content-encoding: gzip
via: 1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:33:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 44129
etag: W/"9e2b17db5b44a04968dd5e9aac9141f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: eqk9kJTKv2CDuT0-_h0hBZecEAtOJu3Kduvh70n0D5mHrnYHWT26kg==

GET
H3 200 Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 85A5 41 KB
14 KB 76ms
69ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfMLiBgKC1l7wP4EFTLG6znKhAEwY0Fhx1L_EFDX7IpN64lcFaJrQyIAuJoU6W_BuutblpSZe5K6oKBQCtBylwXvxs-3fIaAQuYTDhC4iENohsa5r-kU05ATtyByoaGQpAP4AyMN4omswpoL7JsooGQ0bjQUKElKC9DFK1rFDJUYCp22M&cry=1&dbm_d=AKAmf-AcQFYtnt1l4ntAnnp8ojIgGuCjALQ7omy8Ld4nJixnlkzkqE-JID1ErDQg4gIvmtDw3UfqYzm2LQznT1o3yBVBs5iDqABbRcGOm5jpYMP0Jd8qSOQVIEop3SzMo41j30NNipi6zIdyHKFwEcEDBUiogqziQH1s2JDKuzRxaT1SlaZM-byhDbrMzBBJIfNU5Co6UJo_C2DNkuhOpH9RBYF-Hz_9YBQgRV4UfRyH8-BIwsOQNQnlcZtkyPD7s30lzaBXut3l-3xQla1E7vO460kBmoijIlyc60-purtHC26_6uJFjpZ8pJU111AhuIbcQ9i_KLn6gvuqzVDbtmiz--vImsquNxQ0xzIwQTNyNuku2zEp2rdnZQPJA-18kQXH1vRRP9zz3JUiRe5e0rbmibw_5jMPB-OXK7OlFCRHy9daxICZG8W3pN5qDHbfFmAHzI0o7_j-qeN-MSiDAyu20JtfLrU2N7or4L6kFwbalqzxkGEisavaUBVsdcYmTozLzq6PwuznvL3BmxJu2NL0Ywt09i1tIhjSudaV0LXGlNgXyCxYSKyG0TT6Td2v7jduneFAYSaHj5GCh6YtdylNuM_JCmzZBbdXMARZumWYUi3TIergquy_61ts2kADw2EWYefEcWOFtCoOWHJ1dtujnK_XoCbfdNIk-DGoT-V7uKrsftKVV9JWaSuDf8gvUJ4VuQni9eaEimmAg51hc3XQhcDTqymqMLdILziLVXNNHZOET8xch7RAhdy3w4yRs57uanMx_tkaQWiZpEt_uG8PG7p4EtqnLs_lK-fsjU3Kj_seCm26voRCPACnOEuhXv1GhsZIf0larXLtr-b81wlknfwEb3oDdNzZthRWPz-0Us4hlbmc6LqvqhZzvmXTX0YysWgDz6vCkN1oF35mJGsrH91ifkQyZkRteqy-oBOoHsvu2wdQ8Z3FDyO55IrLdo8F8qV2KW1y5JJ7z2WhbmH9Z_2dmProu2szzOsfJZGZCc1tlS-2R-M49mZcgRWKiVbOWO7KJXm2v8nFXgNa-uHu7e-AF9V9-Yx6xScrBRqvZKFN29lEgLbxNC6onqobSa7etx_evgtH6sZ_GZowBDXLlMibDtrTAoj0pGcy5b2kGCeE-PFcrjmEfZgms6xMpaoXDrbj8ZJESaX7zIZwwd62iNIA_lJ7JtpA-F8_mXXk5r1XjUPDIq_kjwiBKiIRdcSd2H4_GqmkYpe4gWGmfhoNnpQ_o_OlSPlyVRfkE-lYUw0XM_sqm6KVdt9N_512J4jQNgpBlWTMXcd5GKum2gjP9QW6rUF1uoKjsFEev27mHZiW4TzrZVrEeEi_enWK00D2nIFT1a8xSavmdkXZvBFxmiGwECC9m3bPF_DiEUjNcUggEvK_-zFtVGlEsxTzWsAxlmf-zVVJyAA9LEPjFwV-huV364g-VINyruVsj7PHh-SiOZwdIA0j4XHqgm7o5qadmv5aT5Or7HGsAYn1fApvXX1biQmvP0P4pTPUVPiirA8tuA0oN2QBjOwrwaSugO-f29hllF486kcWtjr6gw2GtN-cnmUvZ9dt_q8ezPD2Ojw7J_RfI53Ed13GCctJb9IAyNTCmUxgX9peBfqydYmJtn9WkRorsaSkDMdAbWu2oigzeo-Po898VJKs5Z7Gi3zrtvJjr4maPpnn2zlUpZVG66jV-vwoonBnJAtQGBFlT9dY5OFgVG6sFZzkz03eEFbUOBiTe5GHd2R360QqNN9jJ-bPJB0RP-l83yY70BD2icjqMBmh5pdpGwod1AYEdzssJFWIowiSluAo6u8xkxUsiJXxaFYCkETAAm52sEEZAtnFT3DbNUZLa9o5G64msQ32wfqDGiAT59AKUxlcYGP3R5IqCLUCZHwckCCbvIArSB7swq3awHSpeLc-k0m-kc_rNocOsvwZqln5z4sLnEClyI_9DarZvtcRJCdOD9aQplRTndc20w8tB2uBs92w6snoj2PL7stQHycPaPom7zuTEIqFklSVHRmekQrJJYp-PgO2_eWL0sl0cA1O1qtFuy5DB-HU0II0iHW8yrJmbi39OZXA30lKL38tdlqss-PcJEE86vdGoYSR02gGhlx0DgBObpDXD-1XshKkJNeroclKSpDGtbq-xM9l4XrzwO3g1kbiSu5hH6S8SNsWohwdzi2o-gUGfm-qGJyJIoVG0yWWwZgd6lnwJ-x_vmcaC3wngGoJ8zgnOGQvRIuO0jh-9XIqic8lY3iAjOxfPRTPN89ihwoK6Chab8N7Oz13pUOsWP3W3pu34yH7DH5PVciIY66wI4rlhX4cG-GtjrwxK9oVQNIX4Nhx924RbZd8DK6mpuUhzIIKyU-9j9GiU5cz__kl6pLaRE7ONAmGLApj_SyEC0aZQgYdWInmfDs5Zai7aEVIfJJCEUX_EUT6U1B3bAaKMnaGvx2nk7lAceGF2pPwa-wDbdd_zcoWP_30tY6boN6HrzxWTGb_x_ShRDKLnlQzReNq6cKfi2-Wjs9v_UfS3xcLQ1otk8E65GkB-u7LPVXu0FJlFrtZbBenDeK0e_eaggzFfrGGM6Dl1axwaM-voMFKhgBTG90C6g9sgswFP9yNflWR33DFqa6nTho6CrrEEfut6EQ8jBUMeMJ5LPhbV-dFypcHUdIbMQYav0SnJb_ci7W2beGdpuaM_X7BP4CTqlmjIjN-DAKm7rxhbg_Qk17esHpAceXs_NEVpmERzMJzci4X0TVllPIhws9iuVo5Kv4c5FKfhr-WmvbetsXzfGPinkk46hx6K-rpDeUwnn6SQwsDr2cBEV60_MqbWLT7AdnoWvJQTr7d3zkW0Tx_0T5GYz40sNbcD0f3eksvLKQmz7L8FkCild1iAeKIJ6lxJ8OyYpNNxOeeETgHocSp0L8Cr-Aj3TEZJa8ukhmFkDsdfV8Q1kEXuqt2mfGVXzUZuiQqU8L4_v23F_szoH_nbsagsjWfzYD1PUkjs7b_UR-AkdL3APHFaUTFAGhb86RIeypm5NO5bFj7fojr4xDrivevzkzvjXWs-S4v-tgqMEOPjQ2aqqVUpGatp2nR9LXx0Pc94c_y2JBM32Jefxb_5xIuRw-etOwC4FxE-3cab9WwNYDWVduGrNIeXm5j8URmsAsKjhAGdj1Jwuo1O5123Ub8fIx_FY4Bjbeulil0gMdksOQcHmu0BdZGzE1UilvdzgOqAdcpaMmezqZJ_2mKDHMzwdKTaA&cid=CAQSTgAvHhf__QW99X6e4TAVOzhZieqAAQEoV9g7LqpLjhmLZh_ENuBMznXZqYHN3kw_2sOlsMhsw3MBttGzVvOXmDAypsi3h5d-bludjcxwDBgB&dv3_ver=m202401290101&rfl=http%3A%2F%2Fald.my.id%2F&ds=l&xdt=1&iif=1&cor=4975159698944412000&adk=2923430906&idt=131&cac=0&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H3 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7D92 38 KB
13 KB 105ms
103ms Document
text/html 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 130770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 08:56:07 GMT
expires: Thu, 13 Feb 2025 08:56:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7FF5 0
0 478ms
461ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2542884292174911&output=html&h=90&adk=2743202993&adf=1602281170&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1708031736&rafmt=1&to=qs&pwprc=1852733892&format=1200x90&url=http%3A%2F%2Fald.my.id%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1708031736642&bpp=7&bdt=2779&idt=-M&shv=r20240214&mjsv=m202402130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D359f153f2318e163%3AT%3D1708031735%3ART%3D1708031735%3AS%3DALNI_Ma-mef7fx6slBI7XOUb9zNRLE3qig&gpic=UID%3D00000dca3ad60a34%3AT%3D1708031735%3ART%3D1708031735%3AS%3DALNI_MaiRSun6Zkn-45vQ6tFjviSByBoJQ&eo_id_str=ID%3Da57d0dffdf879fd0%3AT%3D1708031735%3ART%3D1708031735%3AS%3DAA-AfjbS3-9kPWRsSTd_laPVzmy8&prev_fmts=300x250%2C300x250%2C0x0&nras=2&correlator=647771535837&frm=20&pv=1&ga_vid=1575410770.1708031735&ga_sid=1708031735&ga_hid=2062834009&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808398%2C31081034%2C42532524%2C44795922%2C95324581%2C95325066%2C31081169%2C95320376%2C95324155%2C95324161&oid=2&psts=AOrYGslg7UZDyywvGH23OuY_Om2LCfTqG1VBVB5JK3zOX6ycV7UHxZBC3qedtUiRWRHB8VDuTZC61ZR1TE81gqix5pt5MVU&pvsid=747049577596405&tmod=968134285&uas=0&nvt=2&ref=http%3A%2F%2Fald.my.id%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=318

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 45244
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:15:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 48A7 9 KB
4 KB 121ms
70ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 00:43:08 GMT
etag: 3890843268177463596
expires: Thu, 29 Feb 2024 00:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame AFF8 9 KB
4 KB 110ms
68ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 00:43:08 GMT
etag: 3890843268177463596
expires: Thu, 29 Feb 2024 00:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 0183 9 KB
4 KB 130ms
93ms Document
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402130101/show_ads_impl_fy2021.js?bust=31081169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ald.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 00:43:08 GMT
etag: 3890843268177463596
expires: Thu, 29 Feb 2024 00:43:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxW0--Xn10Fv5-bFXhW0-yvSV_QNtP1CRIMoLWjJoJnRAaM6hL9N_VuWx9BbvIhtdSTo5VLBzp3CzDPJ5cTe7j5eC2DPiub_pKbQVU8ZgYF2WVOE_MGZ_MswAVWDAw70iRbJwAbR_w==
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 192ms
109ms Script
application/javascript 2607:f8b0:4006:820::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0--Xn10Fv5-bFXhW0-yvSV_QNtP1CRIMoLWjJoJnRAaM6hL9N_VuWx9BbvIhtdSTo5VLBzp3CzDPJ5cTe7j5eC2DPiub_pKbQVU8ZgYF2WVOE_MGZ_MswAVWDAw70iRbJwAbR_w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDMxNzM3LDYzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vYWxkLm15LmlkLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AVMp8CRuWXq3GUmqfQeJdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ald.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:15:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-AVMp8CRuWXq3GUmqfQeJdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6On393rmMTuDDpYDoAoG5Eqw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map
bcp.crwdcntrl.net/6/ Frame 498B 156 B
535 B 294ms
79ms XHR
application/json 52.22.89.206

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.89.206 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:15:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.0.205
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 23D3 38 KB
13 KB 174ms
136ms Document
text/html 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 130770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 08:56:07 GMT
expires: Thu, 13 Feb 2025 08:56:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 7D92 39 KB
15 KB 105ms
88ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 20:07:16 GMT

GET afr.php
ads.us.criteo.com/delivery/r/ Frame A3CF 0
0

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 48A7 3 KB
0 89ms
70ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H3 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 48A7 11 KB
0 91ms
71ms Script
text/javascript 2607:f8b0:4006:81c::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 23:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Feb 2024 23:29:09 GMT

GET
H3 200 ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 48A7 64 KB
0 92ms
72ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:35:14 GMT

GET css
fonts.googleapis.com/ Frame AFF8 0
0

GET load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame AFF8 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame AFF8 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame AFF8 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame AFF8 0
0

GET ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AFF8 0
0

GET c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame AFF8 0
0

GET css
fonts.googleapis.com/ Frame 0183 0
0

GET load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0183 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame 0183 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0183 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0183 0
0

GET ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0183 0
0

GET c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 0183 0
0

GET

t_.htm
t.sharethis.com/a/ Frame 6EAF
Redirect Chain

http://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

0
0

GET v2
ap.lijit.com/readerinfo/ 0
0

GET ftUtils.js
ajs-assets.ftstatic.com/ Frame FF16 0
0

GET AGSKWxXMwvFlwQbPGIis9xNpIlWCApnv5KwlHoDfnZAPdJ6QHdCPuq_PQhvAmaOQXiBgLJrasgS1TIENFx855lQwvzFcvZkvmGhyy4qam1fPX2xzRV3ARefYDNDKRfiiPc0yoMYDB_Ga_A==
fundingchoicesmessages.google.com/f/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img4.fansmetrics.com
URL: https://img4.fansmetrics.com/E8PJlqptXlm8f0Cdkwv9LPvLEitSxAjCxaV1Hy5VnmY/width:1000/resizing_type:fit/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3cv/d3Uvd3UxL3d1MWZy/eWp4d3lrank4cW9m/eHBxb2RoZDd6aGo5/Ymd1MTU5MzkzMjg5/OC9oZWFkZXIuanBn.jpg

Domain: img4.fansmetrics.com
URL: https://img4.fansmetrics.com/pC3sVOohevn-HfmhagX5--PaFnyRIZ8C4cJVUU1J5j4/width:300/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3Av/cDMvcDM0L3AzNHM0/ejB3aGZ3MnUxcXVu/YnhvaXc1aW1xbHU0/Y2R5MTU5OTU5Mzk1/My9hdmF0YXIuanBn.jpg

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=147&mapped=130f1ea8-f407-4bbb-9d67-dd3e79d9b003&icm&gdpr=0&gdpr_consent=&cver

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=26d03a5c0882ff3fb87d363b8110f323d27b29f43e9cf4c489f9cd837017572c791426b5417dce21&rand=05073084

Domain: pippio.com
URL: https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI-f25rgYSBAgCEABCAEoA&google_gid=CAESEL0U6pB8vq1fErss5TGaHpA&google_cver=1

Domain: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zc5-9wAJCHgB7o2PAA7CcjpI85MlwS4JgHZEaQ&u=%7Cmoz1xj0IOgfcQsgcMz11raISKtJ5xQRtMX6Y%2FMxgk80%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdjldJVdp2Q_IhoaKl1ZNxL-lbQFmGXMWGg6ZYifI59SH0_Hj2NA0TsoZQfEb8mfG3DwLuDJQCLpG8L4FdgYKmobQ7eaUZ1RX3qmJEfBrYAnVxEXK9kfKvbAxg1htKrFnTci35bMzN7b-Iznklt2yLXM8aozGE32D9cIQMFxfHVyavYkFvTIdcFqXlzwz0TPWbLMF02tXwGg22YGqjysmtOk0O7suHbaGKBW3-ydJ5DqqNd0-G3T5RE6ICDyJn2w7lhcdwwuyLX3iLOqW762L1Vnh8SiyxudWWBu_uUizbgzg9OAQZmGVZLlIZ96rlj2uS9ytFjHWirjGHjAM5g7svwr-OVAjc64gRincVpCeIqaTRIhPPebcL5YopKCD-GT4oSMstbcV3g3OIkHMUGIY1hrWjbfojpeQrmKLTwY2T3yCW1W_wOfJc51_cDvJj7sgZfDDX96TqgpHV2MH6w80j64oMHS6g8YW67S6buCrtEjduBiZQ_YVHwEdanD44yQsKzFEglyMgxb5ZUSOLEwWOzkhIKROLn4XXsTZlA9Kf2AuA-git7N_mdQRpVFV_SbS1DtU4T6RLjXHbQpxgvlXvt0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQMg937OZfiQJI-bur8P8oS7-Aqcge-wXILzt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1NDI4ODQyOTIxNzQ5MTHIAQmoAwHIAwKqBPEBT9B6Z5hfcRkW491MebvKTLKxhiTCCcx-Shz0f8Gm-CO7oXmlUzR_RgNkpIT5fwvzU16N1jvXaVsPJfOinofeTzUxGf-jU_bxLpwFt1UUB4U3AOCGE9YEp939riB9_pIWS73RoprnrwvwA8bAI5f06v-SnD0_FlBiepCnIikHnfv3N1GeaEBBQ9XAaMOMcjdLft2ibXxyEmdpadNmGbRi51h65PLImFuw4EuRVSpxkyKZjultSbGe_mdWYZRbf_1HUlhrACHiwlbH_EdEEO0I2gt89Otq6Ufs9C29yk6LhyUDJqyS3sGdAmxOzlg2Opr00YAG7JS2hdSZ0Jt0oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAISL39wTpYi87zhqKuhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3e9W24fYYK0-N0kwV9x3z847t1Gg%26client%3Dca-pub-2542884292174911%26adurl%3D

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/load_preloaded_resource_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/load_preloaded_resource_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Domain: ap.lijit.com
URL: https://ap.lijit.com/readerinfo/v2

Domain: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/f/AGSKWxXMwvFlwQbPGIis9xNpIlWCApnv5KwlHoDfnZAPdJ6QHdCPuq_PQhvAmaOQXiBgLJrasgS1TIENFx855lQwvzFcvZkvmGhyy4qam1fPX2xzRV3ARefYDNDKRfiiPc0yoMYDB_Ga_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDMxNzM3LDQ3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9hbGQubXkuaWQvIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ald.my.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: dce0ca8731075b2fc2f74ced40b9f235
ald.my.id/	1970-01-20 18:28:38	Name: popup-schedule-chuan Value: true
.www.boyculture.com/	1970-01-20 18:27:13	Name: __cf_bm Value: cE2LVscnGxlqL7sJime3GJLmf.lyM9Pxw1RA58_2xzM-1708031734-1.0-AZsNWdAUMhO3ylcrZlDa1OlMRGUGumf3o5xwSmbpnKHgnqUOudxk2Fx4MeMTPuafxalJSYuZsprrfRWCv/poJTY=
ald.my.id/	1970-01-21 03:12:47	Name: HstCfa4588402 Value: 1708031734593
ald.my.id/	1970-01-21 03:12:47	Name: HstCla4588402 Value: 1708031734593
ald.my.id/	1970-01-21 03:12:47	Name: HstCmu4588402 Value: 1708031734593
ald.my.id/	1970-01-21 03:12:47	Name: HstPn4588402 Value: 1
ald.my.id/	1970-01-21 03:12:47	Name: HstPt4588402 Value: 1
ald.my.id/	1970-01-21 03:12:47	Name: HstCnv4588402 Value: 1
ald.my.id/	1970-01-21 03:12:47	Name: HstCns4588402 Value: 1

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img4.fansmetrics.com/pC3sVOohevn-HfmhagX5--PaFnyRIZ8C4cJVUU1J5j4/width:300/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3Av/cDMvcDM0L3AzNHM0/ejB3aGZ3MnUxcXVu/YnhvaXc1aW1xbHU0/Y2R5MTU5OTU5Mzk1/My9hdmF0YXIuanBn.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://img4.fansmetrics.com/E8PJlqptXlm8f0Cdkwv9LPvLEitSxAjCxaV1Hy5VnmY/width:1000/resizing_type:fit/aHR0cHM6Ly9wdWJs/aWMub25seWZhbnMu/Y29tL2ZpbGVzL3cv/d3Uvd3UxL3d1MWZy/eWp4d3lrank4cW9m/eHBxb2RoZDd6aGo5/Ymd1MTU5MzkzMjg5/OC9oZWFkZXIuanBn.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/7b2bb76c-501b-4c4e-92ec-479a0f99650e/de0somm-92c4ee20-478d-4ee5-a307-3ade97f6afec.jpg/v1/fill/w_637,h_637,q_75,strp/matthew_crawford_feet_4755077_by_matthewdarkness13_de0somm-fullview.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7ImhlaWdodCI6Ijw9NjM3IiwicGF0aCI6IlwvZlwvN2IyYmI3NmMtNTAxYi00YzRlLTkyZWMtNDc5YTBmOTk2NTBlXC9kZTBzb21tLTkyYzRlZTIwLTQ3OGQtNGVlNS1hMzA3LTNhZGU5N2Y2YWZlYy5qcGciLCJ3aWR0aCI6Ijw9NjM3In1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmltYWdlLm9wZXJhdGlvbnMiXX0.OUnFUNbQgjVDQm4eePWaCLeQ6Yvx6zz1rfXrY6Y0-pM Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ald.my.id/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
44.media.tumblr.com
ad.doubleclick.net
ads.us.criteo.com
ajs-assets.ftstatic.com
ald.my.id
ap.lijit.com
bcp.crwdcntrl.net
blogger.googleusercontent.com
cdn-tc.33across.com
cdn.tynt.com
cm.g.doubleclick.net
data-beacons.s-onetag.com
de.tynt.com
dsum-sec.casalemedia.com
e.dtscout.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
get.s-onetag.com
googleads.g.doubleclick.net
i.pinimg.com
i.simpli.fi
i.ytimg.com
i2.wp.com
ib.adnxs.com
ic.tynt.com
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
img4.fansmetrics.com
lex.33across.com
netdna.bootstrapcdn.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pbs.twimg.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
px.ads.linkedin.com
s10.histats.com
s4.histats.com
servedby.flashtalking.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.blogger.com
www.boyculture.com
www.gstatic.com
ads.us.criteo.com
ajs-assets.ftstatic.com
ap.lijit.com
fonts.googleapis.com
fundingchoicesmessages.google.com
img4.fansmetrics.com
pagead2.googlesyndication.com
pippio.com
pixel.onaudience.com
px.ads.linkedin.com
t.sharethis.com
tpc.googlesyndication.com
www.gstatic.com
104.18.115.121
104.18.34.83
104.18.35.167
108.138.128.124
108.139.29.7
142.251.41.2
142.251.41.6
158.69.254.144
172.64.151.101
18.173.132.23
18.238.55.22
184.28.61.13
192.0.77.2
192.0.77.3
198.252.106.147
23.48.224.133
2600:9000:2514:fa00:7:59dd:7880:93a1
2606:4700:10::6814:4f63
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:4400::6812:2640
2606:4700::6812:bcf
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2009
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80b::2016
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:820::200e
2607:f8b0:4006:824::2001
2a04:4e42:77::159
3.14.20.254
34.86.70.109
52.1.95.128
52.22.89.206
67.202.105.21
67.202.105.31
68.67.179.155
00f7ca35d0054a2aa06512a9b25069bfd55aa2d0f50469f8ddf52963d6211d20
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02496df713f8ac57da43587b843c9f22db65af1a426fe2da43fe27d156ed943c
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
06b87390203cc93ec95bc5d4a8da9c1b4b4cf268da569c19feda5688e98c6d9e
0f7e0cfb6d530c55022148ddcdb56488b7555c33ba634aace1248a64aeefc917
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1962a7c0e878795df782f5dc207bcd832d241cdbc40efeeec4d63618eb653923
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1f90a596b38bc5b3dc66443801ccf25b68a27350ede4bd2f75a79a5adab2b6c8
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25809fd79e5999abbcb4d094110bd4a4061515e5eac0eb58e7bfc609ee2d678e
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2c6666db85c3a49d88b6b8dff33af917374806754b8aa54b2305e861415ceaf7
2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
45d7ff0e228a4b09fc4c14d763fd3f5903e7cdaa0ee7a5eb282ab7e321c86a48
46319e2dff4cc8362c8a9f98c9eb89b34aed36909a4071ed67fdb68dd0bd6ede
523c5e178529160f89866b88b5ff01eeb956046feca061f05149fce17d8157bb
570aa4c92b2b7675db29703e028e5c0549c7e70319df5aa6a1f68c3340f7154a
5bfd0746bb41877707a7922b5532f17218bb0dde1d0ff072a2882b9a3a55eb94
5f248eae9976c5b812e7219aa20a9e7988bf2b312a19e134707694e908683549
6a4b7664b8ac5c6fed73579023d5121e2d06c488d89f0b4b17d999c76401e3b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
8d6c5debd5cacea6677750d9ef0f9fdc0f79dac425bb1507d3a7c04ec5c44139
93b7e27f75c1e7342f2008a28c7b7dec1a738553eaaaab5472e2a68d7809dbce
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a175dccebd38ef92909275e74776825b0ae41a314d91a145868472f8bfdae4b3
aa69091e540cc66ea335dd43fb9ecbae60c9db7325a8e44da7b5be46cd2bdbd2
b132abd0d5954bad5ac5711769f99e29e63bda475da55ff0a0a318d5ac5e4d11
b22a44c05a6f35ff28433dce831a52f8069f9819c1dfa665af60e1f26938bc9e
c30a811a254288f5a47373f56540d439a717b6cd0864710a74ad17c7075ab504
d61aee451b1f591f1c12f298a774245c69b1429efebeb519053af3563c9730fc
e3ad3a262be147c5d5b2dcbcaa6b709b51f872810492df045a274b2f3bc87af0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e624b0bcc1802ddacc2de616421a567a65e4c743ec5fc80b112bdb1a6c1ccfe9
e6ae4e6751e18f746dd724021763c974b8ab038a2316ff78117ae81fd0fd6812
e822cdbdb0e7f6a40fa06e5492b5d68c11ed3bd2523f5f40fed171e6ee18f3d7
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
eeec55951c1de946ac3223f4daafac7f1cd8b253fb4064aa878da400be47cfb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e00a1456a0d600b9fee04d8fb9dd82641117e4a0134917f7553727dec9ea7e
f60d07d01c38857df8bddd6ba4c12f710bd580687bf61d9f3ab0078243333bec
f9dee3f456c3ad2323a8cd3a1ea726f198b9c2d044ae13eb0dbb695dd05a9334
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9
ff43fded9140a1ed20c8c2145abec4abaa41c987dfb8b71ddf28923cb3dff87b

ald.my.id Open in urlscan Pro 198.252.106.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

65 %HTTPS

44 %IPv6

37 Domains

51 Subdomains

42 IPs

3 Countries

1568 kBTransfer

3858 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ald.my.id Open in urlscan Pro
198.252.106.147 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

65 %
HTTPS

44 %
IPv6

37
Domains

51
Subdomains

42
IPs

3
Countries

1568 kB
Transfer

3858 kB
Size

10
Cookies

126 HTTP transactions
2 data transactions