news2023mdhw8447.viip-ky270.biz.id Open in urlscan Pro
2606:4700:3032::6815:55da Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news2023mdhw8447.viip-ky270.biz.id/
Effective URL:
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Submission: On November 10 via api (November 10th 2023, 10:58:06 pm UTC) from US — Scanned from US

Summary HTTP 130 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 48 IPs in 3 countries across 52 domains to perform 130 HTTP transactions. The main IP is 2606:4700:3032::6815:55da, located in United States and belongs to CLOUDFLARENET, US. The main domain is news2023mdhw8447.viip-ky270.biz.id.
TLS certificate: Issued by GTS CA 1P5 on November 5th 2023. Valid for: 3 months.

This is the only time news2023mdhw8447.viip-ky270.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3032::6815:55da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c08::8b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
3 4	2606:4700:10:... 2606:4700:10::ac43:4e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.150.185 52.85.150.185	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c1b::8a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:d625	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::64	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
14	104.16.113.74 104.16.113.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.114.74 104.16.114.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
9	23.202.152.28 23.202.152.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 8	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.220.109.13 23.220.109.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.210.198.39 34.210.198.39	16509 (AMAZON-02) (AMAZON-02)
4 5	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	2600:1f18:4e9... 2600:1f18:4e9:5a02:8e29:49f3:45a1:3923	14618 (AMAZON-AES) (AMAZON-AES)
1 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
9 12	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
1	18.160.46.85 18.160.46.85	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	69.166.1.35 69.166.1.35	27630 (AS-XFERNET) (AS-XFERNET)
2	23.56.220.66 23.56.220.66	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.205.157.40 54.205.157.40	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
2 2	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::9b	15169 (GOOGLE) (GOOGLE)
6 6	54.157.181.245 54.157.181.245	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2603:c020:400... 2603:c020:400d:3000:b5b3:7157:5b47:80e4	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	216.22.16.56 216.22.16.56	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2606:ae80:145... 2606:ae80:1451:24::760	25751 (VALUECLICK) (VALUECLICK)
1 9	107.22.34.250 107.22.34.250	14618 (AMAZON-AES) (AMAZON-AES)
1	23.220.136.230 23.220.136.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.17.215.204 104.17.215.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	207.198.113.93 207.198.113.93	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	54.165.78.186 54.165.78.186	14618 (AMAZON-AES) (AMAZON-AES)
130	48

7 2606:4700:3032::6815:55da (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

news2023mdhw8447.viip-ky270.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:4e7 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.150.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-150-185.iad89.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c1b::8a (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:d625 (United States)

ASN13335 (CLOUDFLARENET, US)

otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::64 (Washington, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.16.113.74 (None, )

ASN13335 (CLOUDFLARENET, US)

static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.114.74 (None, )

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::67 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.202.152.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-152-28.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.220.109.13 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-109-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.198.39 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-198-39.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (Brooklyn, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a02:8e29:49f3:45a1:3923 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.253.62.157 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.35 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.220.66 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.157.40 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-157-40.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.223 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.157.181.245 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-181-245.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.56 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:24::760 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 107.22.34.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-34-250.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.136.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-136-230.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.215.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.93 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.78.186 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-78-186.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	417 KB
17	mediafire.com static.mediafire.com — Cisco Umbrella Rank: 68434 www.mediafire.com — Cisco Umbrella Rank: 40261	81 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 adservice.google.com — Cisco Umbrella Rank: 105 translate.google.com — Cisco Umbrella Rank: 1323 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157	90 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823 image2.pubmatic.com — Cisco Umbrella Rank: 924 simage2.pubmatic.com — Cisco Umbrella Rank: 843 image4.pubmatic.com — Cisco Umbrella Rank: 1184 simage4.pubmatic.com — Cisco Umbrella Rank: 1289	27 KB
11	media.net contextual.media.net — Cisco Umbrella Rank: 691 cs.media.net — Cisco Umbrella Rank: 1513	17 KB
10	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887 sync.crwdcntrl.net — Cisco Umbrella Rank: 865	18 KB
8	openx.net 2 redirects jp-u.openx.net — Cisco Umbrella Rank: 14175 us-u.openx.net — Cisco Umbrella Rank: 522	2 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	3 KB
7	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460	3 KB
7	viip-ky270.biz.id 1 redirects news2023mdhw8447.viip-ky270.biz.id	124 KB
6	bidr.io 6 redirects match.prod.bidr.io — Cisco Umbrella Rank: 573	3 KB
6	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	27 KB
5	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 960	233 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 secure.adnxs.com — Cisco Umbrella Rank: 495	3 KB
4	aaxads.com 3 redirects c.aaxads.com — Cisco Umbrella Rank: 4142	304 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	291 KB
4	otnolatrnup.com cdn.otnolatrnup.com — Cisco Umbrella Rank: 72695 otnolatrnup.com — Cisco Umbrella Rank: 66520	60 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	2 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 877	221 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 726	958 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483	746 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	735 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 592	749 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131	832 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 dis.criteo.com — Cisco Umbrella Rank: 597	864 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	616 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 851 d.turn.com — Cisco Umbrella Rank: 1384	859 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	887 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 728	833 B
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2690 api.amplitude.com — Cisco Umbrella Rank: 1804	22 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2553	548 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	453 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	659 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 4024
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	792 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	961 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1617	4 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	516 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 931	723 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	673 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 988	634 B
1	googlesyndication.com 85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	42 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	5 KB
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 126514
0	aaxdetect.com Failed www.aaxdetect.com Failed
130	52

	Domain	Requested by
14	static.mediafire.com	news2023mdhw8447.viip-ky270.biz.id
12	cm.g.doubleclick.net	9 redirects jp-u.openx.net bcp.crwdcntrl.net
9	contextual.media.net	news2023mdhw8447.viip-ky270.biz.id contextual.media.net
9	fundingchoicesmessages.google.com	news2023mdhw8447.viip-ky270.biz.id
7	sync.crwdcntrl.net	bcp.crwdcntrl.net
7	match.adsrvr.org	7 redirects
7	news2023mdhw8447.viip-ky270.biz.id	1 redirects news2023mdhw8447.viip-ky270.biz.id static.cloudflareinsights.com
6	match.prod.bidr.io	6 redirects
6	us-u.openx.net	1 redirects jp-u.openx.net
5	translate.googleapis.com	news2023mdhw8447.viip-ky270.biz.id
5	securepubads.g.doubleclick.net	news2023mdhw8447.viip-ky270.biz.id securepubads.g.doubleclick.net
4	image2.pubmatic.com	ads.pubmatic.com news2023mdhw8447.viip-ky270.biz.id
4	ups.analytics.yahoo.com	3 redirects jp-u.openx.net
4	www.gstatic.com	news2023mdhw8447.viip-ky270.biz.id www.gstatic.com
4	c.aaxads.com	3 redirects news2023mdhw8447.viip-ky270.biz.id
4	www.googletagmanager.com	news2023mdhw8447.viip-ky270.biz.id www.googletagmanager.com
3	pixel.tapad.com	2 redirects news2023mdhw8447.viip-ky270.biz.id
3	simage2.pubmatic.com	ads.pubmatic.com news2023mdhw8447.viip-ky270.biz.id
3	x.bidswitch.net	3 redirects
3	s.amazon-adsystem.com	1 redirects jp-u.openx.net ads.pubmatic.com
3	ib.adnxs.com	3 redirects
3	www.mediafire.com	news2023mdhw8447.viip-ky270.biz.id
3	otnolatrnup.com	news2023mdhw8447.viip-ky270.biz.id cdn.otnolatrnup.com
3	btloader.com	news2023mdhw8447.viip-ky270.biz.id
3	www.google-analytics.com	news2023mdhw8447.viip-ky270.biz.id www.google-analytics.com www.googletagmanager.com
2	pixel-sync.sitescout.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	pubmatic-match.dotomi.com	2 redirects
2	eb2.3lift.com	1 redirects news2023mdhw8447.viip-ky270.biz.id
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	creativecdn.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pm.w55c.net	2 redirects
2	cs.media.net	contextual.media.net
2	pr-bh.ybp.yahoo.com	jp-u.openx.net news2023mdhw8447.viip-ky270.biz.id
2	sync-tm.everesttech.net	2 redirects
2	px.ads.linkedin.com	1 redirects jp-u.openx.net
2	id.rlcdn.com	2 redirects
2	ads.pubmatic.com	news2023mdhw8447.viip-ky270.biz.id
2	jp-u.openx.net	1 redirects news2023mdhw8447.viip-ky270.biz.id
2	www.google.com	news2023mdhw8447.viip-ky270.biz.id
1	simage4.pubmatic.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	d.turn.com	1 redirects
1	dmp.truoptik.com	1 redirects
1	tags.bluekai.com	bcp.crwdcntrl.net
1	image4.pubmatic.com	news2023mdhw8447.viip-ky270.biz.id
1	um.simpli.fi	1 redirects
1	us01.z.antigena.com	news2023mdhw8447.viip-ky270.biz.id
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	image6.pubmatic.com	ads.pubmatic.com
1	fonts.gstatic.com	news2023mdhw8447.viip-ky270.biz.id
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	p.rfihub.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	tags.crwdcntrl.net	cdn.otnolatrnup.com
1	ad.turn.com	1 redirects
1	pippio.com	1 redirects
1	api.amplitude.com	cdn.amplitude.com
1	googleads.g.doubleclick.net	news2023mdhw8447.viip-ky270.biz.id
1	85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	news2023mdhw8447.viip-ky270.biz.id
1	cdn.jsdelivr.net	news2023mdhw8447.viip-ky270.biz.id
1	static.cloudflareinsights.com	news2023mdhw8447.viip-ky270.biz.id
1	encrypted-tbn0.gstatic.com	news2023mdhw8447.viip-ky270.biz.id
1	translate.google.com	news2023mdhw8447.viip-ky270.biz.id
1	adservice.google.com	news2023mdhw8447.viip-ky270.biz.id
1	adservice.google.com.au	news2023mdhw8447.viip-ky270.biz.id
1	cdn.amplitude.com	news2023mdhw8447.viip-ky270.biz.id
1	cdn.otnolatrnup.com	news2023mdhw8447.viip-ky270.biz.id
0	www.aaxdetect.com Failed	news2023mdhw8447.viip-ky270.biz.id
130	78

This site contains links to these domains. Also see Links.

Domain
translate.google.com
facebook.com
prf.hn
windows.microsoft.com
blog.mediafire.com
vividengine.com
mediafire.zendesk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
viip-ky270.biz.id GTS CA 1P5	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
aaxads.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-12`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-18` - `2024-08-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Frame ID: F156A42475093755FE85652457F5ACE4
Requests: 75 HTTP requests in this frame

Frame: https://news2023mdhw8447.viip-ky270.biz.id/ser.php
Frame ID: 21001F7174C4ED4843EB2679B114E8AF
Requests: 1 HTTP requests in this frame

Frame: https://85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E2A2F83CDD4B380397616FE4C2E01288
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B10BF17996B0CBF55943730F6F38BDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: 25A6DA3A8A3BBBCCBFDA4E2C55B41330
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: FC79950AC2368DFCEFC6A20DDE9FC065
Requests: 11 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Frame ID: 4AF78D5F4E5D00E76E73E5CD1EF59F5D
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: F9DDF73B30D044EDCD33DF6C46F0AEC1
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3426586816634683000V10&type=rkt&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=968062843147396471
Frame ID: 892389DC03B6EBF48B95C1CB7D44D845
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 41F3594BD20DD78707039E0A02198E0D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 67B7E83EB2E06916D75E1F5202838D79
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKw07KnWsAABKHLcwGLg&gdpr=0&gdpr_consent=
Frame ID: 3178E359592A03E7BE598F80C02126F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7573772419155461810&gdpr=0&gdpr_consent=
Frame ID: AF51F6A5A30C13B5EFB51885395E6D5D
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Frame ID: 60E6A2DC3A1A5E4424552061A9C0B93D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nama File.zip

Page URL History Show full URLs

https://news2023mdhw8447.viip-ky270.biz.id/ Page URL
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6 HTTP 301
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/ Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

130
Requests

71 %
HTTPS

42 %
IPv6

52
Domains

78
Subdomains

48
IPs

3
Countries

1504 kB
Transfer

4299 kB
Size

148
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://facebook.com/share.php?u=
Title: Post to Facebook

Search URL Search Domain Scan URL

URL: https://prf.hn/click/camref:1011ldfGx/destination:https:/shop.pinnaclesys.com/1534/purl-ESDPNST25STML?coupon=MEDIAFIRE10
Title: Pinnacle Studio

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-US/windows/products/windows-media-player
Title: Windows Media Player

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://vividengine.com/
Title: On-Demand Video Encoding

Search URL Search Domain Scan URL

URL: https://mediafire.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire
Title: Twitter Page

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/
Title: MediaFire Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news2023mdhw8447.viip-ky270.biz.id/ Page URL
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6 HTTP 301
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=103.136.43.42&ver=1.2 HTTP 302
https://btloader.com/tag?aax_id=AAX3221EY&domain=103.136.43.42&ver=1.2&upapi=true

Request Chain 9

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2 HTTP 302
https://btloader.com/tag?aax_id=AAX3221EY&domain=www.mediafire.com&ver=1.2&upapi=true

Request Chain 12

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=news2023mdhw8447.viip-ky270.biz.id&ver=1.2 HTTP 302
https://btloader.com/tag?aax_id=AAX3221EY&domain=news2023mdhw8447.viip-ky270.biz.id&ver=1.2&upapi=true

Request Chain 62

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 HTTP 302
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Request Chain 69

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448 HTTP 302
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448&verify=true

Request Chain 70

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
https://id.rlcdn.com/464246.gif?partner_uid=c30a09fb-c8c2-0c16-0944-9ee8b82c91f9 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYzMwYTA5ZmItYzhjMi0wYzE2LTA5NDQtOWVlOGI4MmM5MWY5EAAaDQj56rqqBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406&expected_cookie=890fc654-53a1-4c5d-918e-04adfad33702

Request Chain 71

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7573772419155461810

Request Chain 72

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4438925548502429712&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZU61eQAC3paUYwAj HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZU61eQAC3paUYwAj&_test=ZU61eQAC3paUYwAj

Request Chain 75

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1&dcc=t

Request Chain 76

https://match.adsrvr.org/track/cmf/openx?oxid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0&gdpr_consent=

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx&google_tc=

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQb43VrJGzHZCOBX7QpoZI&google_cver=1

Request Chain 83

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Drkt%26refUrl%3D%26vid%3D96570817083426586816634683000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3426586816634683000V10&type=rkt&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=968062843147396471

Request Chain 84

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=4ba687e3-5353-4a19-8851-d824f780868b

Request Chain 85

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNjU4NjgxNjYzNDY4MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNjU4NjgxNjYzNDY4MzAwMFYxMA%3D%3D&google_sc=1&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHCe0pSYQayr5qMS29FpJ3g&google_cver=1

Request Chain 86

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Ddxu%26refUrl%3D%26vid%3D96570817083426586816634683000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Ddxu%26refUrl%3D%26vid%3D96570817083426586816634683000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=dxu&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=UBy3zX5U1R1ArT5

Request Chain 87

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a31c56d-ac84-43c1-8c1a-d10c89926bcf&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 88

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=nvkWPMr5FTiF_ENqna0PbJ77RGCFrUFhmvlBL51h HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08fbd87c-6a17-4f25-912b-99623af0f654&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 89

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=4Ddq_wnEpK02-uci6aGs

Request Chain 90

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3426586816634683000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3426586816634683000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=c14d07bd-6099-4494-9671-c4b7a792dc40&cs=1

Request Chain 91

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6

Request Chain 92

https://creativecdn.com/cm-notify?pi=medianet HTTP 302
https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=m6q14B64N65Vzf09FySd&pi=medianet&tc=1

Request Chain 102

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS3cwN0tuV3NBQUJLSExjd0dMZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://sync.technoratimedia.com/services?uid=AABKw07KnWsAABKHLcwGLg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AABKw07KnWsAABKHLcwGLg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKw07KnWsAABKHLcwGLg&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AABKw07KnWsAABKHLcwGLg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6104686414190543603&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKw07KnWsAABKHLcwGLg&gdpr=0&gdpr_consent=

Request Chain 103

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7573772419155461810&gdpr=0&gdpr_consent=

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-InYa_xzROW8fr4P8Ha6ag%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 105

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%2C%2C

Request Chain 107

https://eb2.3lift.com/xuid?mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg4OUQ4NkItRkM3My00NEU1LUJDN0UtQkUwRkYwNzZCQTZB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENF6ZskpRjGHPLP3t3hF1BY&google_cver=1

Request Chain 110

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3DDA4D46A8E94AF38B9C84F95A8C8761

Request Chain 111

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&gdpr=0&gdpr_consent=

Request Chain 112

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y7MQ3ZhE2uVAaPSesa8YFX1hQXWg0UA-~A&gdpr=0

Request Chain 114

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=56060bc0fd821305&is_secure=true&networkId=17100&version=1&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF_4JAmyAEbQN9vsTlAAAAAAA&expiration=1699743482&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 117

https://bcp.crwdcntrl.net/5/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr

Request Chain 120

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=004194d26861113397c8db50e2950c64

Request Chain 123

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a1f2c51edb2d7b3dadfc5b97da9dd8b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4438925548502429712/gdpr=0

Request Chain 124

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-sw63LT5E2pxK3WJpNYfDgrSIMhzDgGfn7fg-~A&gdpr=0

Request Chain 125

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=395099796 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7573772419155461810/gdpr=0/rand=395099796

Request Chain 126

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=45c2cc7c-011e-4cff-a37e-58570a2fa683-654eb57c-5553/gdpr=0

Request Chain 127

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=

Request Chain 128

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6/gdpr=0/gdpr_consent=

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
news2023mdhw8447.viip-ky270.biz.id/ 111 B
539 B 245ms
99ms Document
text/html 2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2023mdhw8447.viip-ky270.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dda4e88d19b47a0ea8710990fc11d58ff446e9006e284202f738f2004c2459da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8241e5d1d9d24bd2-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiWYbvLaxPr93BKT6hTGMdj0zBF3y0ohhy6Z2RhOfnAeiD52Ds6RV0%2BH7EG0xFCfM6Px7DaTIpmg8OaDEX0ycdTZblTN8iZxGaCJv7Xe9nTHNERJl5lAZQvSgATSK2%2FlLEKmUznjNze7lVqyEhbZVd31lZVeOv3mAeoUY9JEmbOX"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

Primary Request / Show response
news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Redirect Chain

https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6
https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

342 KB
92 KB

66ms
66ms

Document
text/html

2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60fb9b724b984008465c7c64fdd479d6d3e424c88811a967b59640947de38b6

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8241e5d2f9de4bd2-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALgf5RcsVBxiI99Jy%2F%2BNkUXp8u4FsffjCVLjgeAHR%2BcpS8hARvfw6iAn%2BUq92R%2FDDYYKoI8bRplQOXersmU1I6C0E6qsB0KAgmGzgeYcDgyR5Cy%2FEpbfHmy3sY1r1YzYpvo0mkQX6Sk2ev9C6LANAKgmIlKaPQKRziAC445Q40Jw"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8241e5d299dc4bd2-BUF
content-type: text/html; charset=iso-8859-1
date: Fri, 10 Nov 2023 22:58:00 GMT
location: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3W2MaSAd1XknOEeK9mpeoEcJOIw6HQjgiMlXJE8p1SKWYyFV%2BW%2FuaWRCxhW%2BRX0NCwcIJyyiHJqNyLNswluNcMbDYKRED9HzBi9HBogbQEAMJT1mp9Rfprv9zzj9A4JpblHqKRLDivw5RPMZElhQHk0XROyAWavF0Nm7kFB%2Fh44C"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 96ms
31ms Script
text/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 22:46:12 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 708
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 11 Nov 2023 00:46:12 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 177 KB
54 KB 174ms
101ms Script
application/x-javascript 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbf6cce8b320aa357a0e3cf835f8468abc126fab9cc87e6d6719f1413f11cad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 22:52:03 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, no-transform, max-age=900
cf-ray: 8241e5d42ef34bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 106ms
41ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e45c9e6f20408074510f325c8df4025b37de77e46be1d40c646b60693822fa07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84749
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
81 KB 73ms
49ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63bc88bdf5fed9118229c6f0a7f30683f1657e67f9b76bfa41d57f09f21bf5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83114
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2

204

tag Show response
btloader.com/
Redirect Chain

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=103.136.43.42&ver=1.2
https://btloader.com/tag?aax_id=AAX3221EY&domain=103.136.43.42&ver=1.2&upapi=true

0
44 B

160ms
79ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?aax_id=AAX3221EY&domain=103.136.43.42&ver=1.2&upapi=true
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8241e5d759494bc9-BUF

Redirect headers

location: https://btloader.com/tag?aax_id=AAX3221EY&domain=103.136.43.42&ver=1.2&upapi=true
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8241e5d67ac26aee-BUF
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 117ms
43ms Script
application/javascript 52.85.150.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.150.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-150-185.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Origin: https://news2023mdhw8447.viip-ky270.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 09:41:05 GMT
content-encoding: gzip
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
x-amz-cf-pop: IAD89-C3
age: 47817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22154
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3v8lLgIDCE0zOfcJ71Z0Ra8YjMb4x1tJ5NtW83ZKHQHxwTW2EWdauA==

GET
H3 404 prebid5.17.0.js
news2023mdhw8447.viip-ky270.biz.id/js/ 0
0 97ms
94ms Script
text/html 2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2023mdhw8447.viip-ky270.biz.id/js/prebid5.17.0.js
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgqzLuyMqfFIYRNxNG2F7Cn%2B8qKHD2k1iBFG%2BeFHi366fvYhAJeu8JAkVu5mqR6g0heZ8AEQmEBxNQEtjQqPZ65m0tuCLpWu7QEgG3f90TwYdqeIyQi820etogfMiiW%2BZzDcSlUSkGLKv8sJJQlCPSDUS%2BhZtRdJEW9GGuEfvzLG"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 8241e5d67f0c4bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
31 KB 133ms
59ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e47abe2beeae2d47e8e0bea79521d71fc658d4bd3b17cec7752e0178109cfb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31468
x-xss-protection: 0
server: cafe
etag: 253 / 19671 / 31079511 / config-hash: 5108900474499610176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2

204

tag Show response
btloader.com/
Redirect Chain

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2
https://btloader.com/tag?aax_id=AAX3221EY&domain=www.mediafire.com&ver=1.2&upapi=true

0
35 B

164ms
83ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?aax_id=AAX3221EY&domain=www.mediafire.com&ver=1.2&upapi=true
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8241e5d759474bc9-BUF

Redirect headers

location: https://btloader.com/tag?aax_id=AAX3221EY&domain=www.mediafire.com&ver=1.2&upapi=true
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8241e5d67ac36aee-BUF
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA= Show response
fundingchoicesmessages.google.com/f/ 22 KB
10 KB 140ms
66ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9a5e1e28bd2b5dd6d8f054ff8327082cebccad14696f2b25257100a12a21002

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6E9nRFFerprOBsNFccbIbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-6E9nRFFerprOBsNFccbIbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 135ms
132ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

110e8dc5261fe7b5d2554ae1e9c0fce9cc4a4e6da9f1e4d3b224d73899ae6588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64565
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2

204

tag Show response
btloader.com/
Redirect Chain

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=news2023mdhw8447.viip-ky270.biz.id&ver=1.2
https://btloader.com/tag?aax_id=AAX3221EY&domain=news2023mdhw8447.viip-ky270.biz.id&ver=1.2&upapi=true

0
142 B

158ms
77ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?aax_id=AAX3221EY&domain=news2023mdhw8447.viip-ky270.biz.id&ver=1.2&upapi=true
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8241e5d759464bc9-BUF

Redirect headers

location: https://btloader.com/tag?aax_id=AAX3221EY&domain=news2023mdhw8447.viip-ky270.biz.id&ver=1.2&upapi=true
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8241e5d67ac46aee-BUF
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pubads_impl_2022051001.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 411ms
338ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126527
x-xss-protection: 0
last-modified: Tue, 10 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 22:58:01 GMT

GET
H2 404 translateelement.css
translate.googleapis.com/translate_static/css/ 0
0 98ms
33ms Stylesheet
text/html 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpzhwQxcos8Yr93ABp3a69-Y9hhyg/ 222 KB
76 KB 262ms
198ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpzhwQxcos8Yr93ABp3a69-Y9hhyg/m=el_main

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cd217a21553137aeacaa6e36a35ed416d65de9c36460ee691a3931e1fc17122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77512
x-xss-protection: 0
last-modified: Tue, 10 May 2022 23:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 22:58:01 GMT

GET
H2 200 AGSKWxV9eJxVcrpvmyYsEOfDifXg6BNvs57Wgm_-PU21XZnuabQCx-ztoKOssSTgTAOeBSpJ15PuO0leQyl-t6n0joU= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 184ms
111ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV9eJxVcrpvmyYsEOfDifXg6BNvs57Wgm_-PU21XZnuabQCx-ztoKOssSTgTAOeBSpJ15PuO0leQyl-t6n0joU=?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzUsODQ5MDAwMDAwXSwiMzhBNTVFMDUtOTI1Ri00ODNDLThEMEEtNjVBNzhCMENDMzYwIiwiMDA1NzlFQ0MtRDQwNC00MTkxLUE3MjEtMzI1MUQ0OEQ1M0UyIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9iN3VuZWo4cDN0eXNtMjgvY3V0ZV9jYXRfcmVsYXhfb25fb3V0ZG9vcl9ncm91bmRfNjg5MjUzMy5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ffd580e41cb41bce6c987a46e5161debab35ee3774a66ec45805f7752629236

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gjCySWFlm_WN3s1l76YXVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-gjCySWFlm_WN3s1l76YXVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Tag.vrfy Show response
otnolatrnup.com/ 2 KB
1 KB 364ms
292ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=63764&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1365&bh=969&res=1920x1080&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fb7unej8p3tysm28%2FNama%20File.zip.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYoAA7gFigADugAGBAcAAIL3atlrl_GZM3EoC5rbIUcm8rXCGklB4FYJwmJsgeS8AwQAgMnIwSvLlexsNFhbr3w8lr4fmqMp7Ld8WTMnt5l_Bqvg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f2badd2e97b0aa9ab0b197e33a3f93e8600831537817283d67b7f6eba566fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
x-adscore-status: null
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
p3p: CP="CAO PSA OUR IND"
cache-control: private, no-transform
cf-ray: 8241e5d439354bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 Tag.vrfy Show response
otnolatrnup.com/ 2 KB
3 KB 362ms
290ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=51240&ver=async&referrerUrl=https%3A%2F%2F103-136-43-42.cprapid.com%3A2087%2F&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1365&bh=969&res=1920x1080&curl=http%3A%2F%2F103.136.43.42%2F~xmediafire%2F&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYoAAggFigACCgAGBAcAAIDYo0zHGzxyppJWlrfQ16ppqjRmAmUAUBxwGwlBa2_E3wQAg-M1MC-tAfhavCrWMBv54ZHQaYRX2SD4D7aB16ay9WoY
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df954c3aa9deca5c357e6ef2cfff004d3ded663813119e7d21df55b65a24264

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
x-adscore-status: null
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
p3p: CP="CAO PSA OUR IND"
cache-control: private, no-transform
cf-ray: 8241e5d439344bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 22 KB
9 KB 158ms
85ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b70393fc58e8325e777e1739f40088a1210a931291cdce250a2eade1326e5f6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TAkFa1rhRnZNVaABvdLvGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-TAkFa1rhRnZNVaABvdLvGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 integrator.js
adservice.google.com.au/adsid/ 0
0 116ms
46ms Script
text/html 2607:f8b0:4004:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com.au/adsid/integrator.js?domain=www.mediafire.com
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 404 integrator.js
adservice.google.com/adsid/ 0
0 103ms
39ms Script
text/html 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 AGSKWxW4mZbHfABgQYQjYivupH9MIZ-3VZJ_U6WjaERrQM9r1glQTSp-NP48XnpoHu4JLfXjoFDAspfze82v8Oj1iiViwUyP_PQDjC4cDP48gaBiiaFw-kWWRoEFKTGRWfwsl7-IsadkKcSkoYYLgqnt7HWh7WPGGRFoMKilbdUTadp8EqC6iLJzjZFNm3xA Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 145ms
72ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4mZbHfABgQYQjYivupH9MIZ-3VZJ_U6WjaERrQM9r1glQTSp-NP48XnpoHu4JLfXjoFDAspfze82v8Oj1iiViwUyP_PQDjC4cDP48gaBiiaFw-kWWRoEFKTGRWfwsl7-IsadkKcSkoYYLgqnt7HWh7WPGGRFoMKilbdUTadp8EqC6iLJzjZFNm3xA?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzcsMjI5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2I3dW5lajhwM3R5c20yOC9jdXRlX2NhdF9yZWxheF9vbl9vdXRkb29yX2dyb3VuZF82ODkyNTMzLm1wNC9maWxlIixudWxsLFtdXQ

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ede061a5e1cd56329cd9288e8bac4865e0e356600be79172622e17f66c655d7c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Pl-Zwdjnp2Iw8j7uyfjPjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Pl-Zwdjnp2Iw8j7uyfjPjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVePcSnZ7UfDRL9aWF7bBkt9k3nRZywi7kRsA4rHgN7Co_E9OVxs7U64MFwDSVoRWwlR9bI8JMKewn9uBfbIsZv48yGdb1einwlCwVGGLrjNDHFQcBQfauXb6rXrchcNWQv2APThUk4C7hgupudDhbE0CTvP1aloa_Y7ZX4sfQuq392o9e5XaRRQ9Jm Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 146ms
74ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVePcSnZ7UfDRL9aWF7bBkt9k3nRZywi7kRsA4rHgN7Co_E9OVxs7U64MFwDSVoRWwlR9bI8JMKewn9uBfbIsZv48yGdb1einwlCwVGGLrjNDHFQcBQfauXb6rXrchcNWQv2APThUk4C7hgupudDhbE0CTvP1aloa_Y7ZX4sfQuq392o9e5XaRRQ9Jm?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzcsNDk2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2I3dW5lajhwM3R5c20yOC9jdXRlX2NhdF9yZWxheF9vbl9vdXRkb29yX2dyb3VuZF82ODkyNTMzLm1wNC9maWxlIixudWxsLFtdXQ

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

142bd0549a442560a04bf359fada39e2933aea7c949d434a4902e3e7e06e43ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MUCRQKs0X2SDZTiBa3IX4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-MUCRQKs0X2SDZTiBa3IX4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVwy3NKtSpzh5HSOuq5kx6Xg4Lbvy0RZ-9IxXsEjL8EKVzR2az9gU8KfMRc2HL9WgUX3PfqdhVRiJ5-UgzKuNqNfyMIyNWZ0rUGFrnSEq2hvtZooVYth5WRsPav1oIIBAD55wEnupRRLW9V8mMDHdoaVpxS2rRIqX1Ada96bo2ZWONp6bM35qFVUGam Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 86ms
85ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVwy3NKtSpzh5HSOuq5kx6Xg4Lbvy0RZ-9IxXsEjL8EKVzR2az9gU8KfMRc2HL9WgUX3PfqdhVRiJ5-UgzKuNqNfyMIyNWZ0rUGFrnSEq2hvtZooVYth5WRsPav1oIIBAD55wEnupRRLW9V8mMDHdoaVpxS2rRIqX1Ada96bo2ZWONp6bM35qFVUGam?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzgsNjQwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDYsMTAsOV0sbnVsbCwyLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9iN3VuZWo4cDN0eXNtMjgvY3V0ZV9jYXRfcmVsYXhfb25fb3V0ZG9vcl9ncm91bmRfNjg5MjUzMy5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fe00e681adfd8a212cb5f90e3205ef350ab21f502ce2cabd1db0317d1793a11

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rj-azgi3x4EZVfSXyQP4cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Rj-azgi3x4EZVfSXyQP4cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022051101.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 291ms
290ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127621
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 22:58:01 GMT

GET
H2 200 AGSKWxXtFsV1i49-O9pzkbwE7qk46fVb-vXuGZpU4BlbBsAif0fzj29bNOJVOoei8gJzXck-OjM_leyOTq3wBd1Sgz85PYk_WkL9V0Qly7j0LndAyEMBL-YknbgKd1yCukCbEZftLpJW9abFNOQtgZE3TXKJiwGZ-hK4RT0rvE_DC5lqQwNeX80tztJBVZVU Show response
fundingchoicesmessages.google.com/f/ 22 KB
9 KB 91ms
90ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXtFsV1i49-O9pzkbwE7qk46fVb-vXuGZpU4BlbBsAif0fzj29bNOJVOoei8gJzXck-OjM_leyOTq3wBd1Sgz85PYk_WkL9V0Qly7j0LndAyEMBL-YknbgKd1yCukCbEZftLpJW9abFNOQtgZE3TXKJiwGZ-hK4RT0rvE_DC5lqQwNeX80tztJBVZVU?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHA6Ly8xMDMuMTM2LjQzLjQyL354bWVkaWFmaXJlLyIsbnVsbCxbXV0

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9a5e1e28bd2b5dd6d8f054ff8327082cebccad14696f2b25257100a12a21002

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qOzwljotYwge8IirGlMgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-1qOzwljotYwge8IirGlMgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVzszxZckVyNOuI1QjbAc3Z_C5FLBMelW5rBP4j6RMtatm0KtAisUzxjDCn3RjWsjGs2NGaoHnCMmO3Dg-I4ZUQwO5wzk-ybYrWhPcGdT0EYGRFYPpFseDxgg4FL2W3rTBFSSH2yjCJ8ZXdBwG7vupcTcD9wC80McK9XbIigf8B9VmyRI6ygA-3UHp- Show response
fundingchoicesmessages.google.com/f/ 22 KB
9 KB 79ms
78ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVzszxZckVyNOuI1QjbAc3Z_C5FLBMelW5rBP4j6RMtatm0KtAisUzxjDCn3RjWsjGs2NGaoHnCMmO3Dg-I4ZUQwO5wzk-ybYrWhPcGdT0EYGRFYPpFseDxgg4FL2W3rTBFSSH2yjCJ8ZXdBwG7vupcTcD9wC80McK9XbIigf8B9VmyRI6ygA-3UHp-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9a5e1e28bd2b5dd6d8f054ff8327082cebccad14696f2b25257100a12a21002

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xPLb14JAWu8iRJs8J1N22A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-xPLb14JAWu8iRJs8J1N22A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfqTwPw6pto53ylsvwQV-kvv4fa6Xw/ 222 KB
76 KB 318ms
256ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfqTwPw6pto53ylsvwQV-kvv4fa6Xw/m=el_main

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9309123f2f619d3ff749e60744bf2ca8c6dab1e8a5f04193bf95343481a9bc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77525
x-xss-protection: 0
last-modified: Tue, 10 May 2022 23:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 22:58:01 GMT

GET
H2 200 AGSKWxWhqzBYk2BIjB37-W2g8LzVKsoBlzRw9_hbeF3Ll8M3QrIY3c8JQLJxDUbuuspYPoSXvwzik4oChzfFtf4aD3phkI_ITwzN35R7zfCMxvfdTrBC98NlZPmNC8bAceUBc2g5Nt4aVYmrzNeQpVkWATP71QJ8SM9q-6SNA8h_bf0NlIlvwaXAuMfczgZW Show response
fundingchoicesmessages.google.com/f/ 22 KB
9 KB 73ms
72ms Script
application/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhqzBYk2BIjB37-W2g8LzVKsoBlzRw9_hbeF3Ll8M3QrIY3c8JQLJxDUbuuspYPoSXvwzik4oChzfFtf4aD3phkI_ITwzN35R7zfCMxvfdTrBC98NlZPmNC8bAceUBc2g5Nt4aVYmrzNeQpVkWATP71QJ8SM9q-6SNA8h_bf0NlIlvwaXAuMfczgZW?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjExLDczMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9a5e1e28bd2b5dd6d8f054ff8327082cebccad14696f2b25257100a12a21002

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zkt3CkFKpEoBmT3xfmVAEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zkt3CkFKpEoBmT3xfmVAEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1023 B 99ms
33ms Image
image/png 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:19:57 GMT
x-content-type-options: nosniff
age: 27484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Nov 2024 15:19:57 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 65ms
64ms Script
text/javascript 2607:f8b0:4004:c1b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googHeadTranslate

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2eaccda7b281d79a8bdf4e191afb15ef95a5ba2d82bba99a5b381e7e9f2c198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fb-login.png
news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/ 30 KB
31 KB 108ms
108ms Image
image/png 2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/fb-login.png
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feda321bb681dc8593f1cc761778fe3b2ba6447399d3a152cf3c65917df6b147

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 09:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88BN29hRuNa0pSUbnfBLkOKq1mZnM5cFgn89VRqwBCfeWeqcDr7wHVM6JfoZ1n9IwYyDuq8cU64crFGCEoDXYn11%2BR8QS0qr99Vxwc3y63LppJj6JFBKUW7cueZgfXKbuD%2B5db%2BNtKvLjNvM%2F%2BKsEjhVTIOMteqa1mu1eVvFC%2BVl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8241e5d3cee84bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 31218

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 14 KB
15 KB 98ms
32ms Image
image/jpeg 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTPziTImggDacoac2FhB8i6xivwre1nMVCaBUpzrXDhqfZDAd_3ejFMLPZN&s=10

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15794fe40d6d8aca71e7aff46a28e70a0ac0235fa59aef65dc620cd9ef0bf90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 21:20:12 GMT
x-content-type-options: nosniff
age: 5868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14338
x-xss-protection: 0
last-modified: Fri, 02 Oct 2020 02:28:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 09 Nov 2024 21:20:12 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 354ms
290ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Origin: https://news2023mdhw8447.viip-ky270.biz.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2021.12.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8241e5d7c94e4bc9-BUF

GET
H2 525 pxusr.gif
c.aaxads.com/ 0
0 145ms
70ms Image
text/html 2606:4700:10::ac43:4e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.aaxads.com/pxusr.gif
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET pxext.gif
www.aaxdetect.com/ 0
0

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 74ms
32ms Image
image/png 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:55:47 GMT
x-content-type-options: nosniff
age: 223334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Nov 2024 08:55:47 GMT

GET
H2 200 slim.js Show response
cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/ 178 KB
42 KB 97ms
31ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/slim.js

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 22:58:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 43151
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42436
x-served-by: cache-fra-eddf8230134-FRA, cache-nyc-kteb1890024-NYC
x-jsd-version-type: branch
etag: W/"2c68c-0mnOY3Agc98IzSXRzjVvoPyAYF4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Tag.engine Show response
otnolatrnup.com/ 2 KB
2 KB 191ms
190ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.engine?time=600&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=74525&ver=async&referrerUrl=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2F&fingerPrint=123&abr=false&stdTime=-600&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2Fvhsfhqpdhdsih6%2F&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67c2ecb3d37164b6dcd39e18afbd46aa6857e9c0fcc9e3a0bdddd4402d28a9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: private, no-transform
cf-ray: 8241e5d679434bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 404 translateelement.css
translate.googleapis.com/translate_static/css/ 0
0 34ms
33ms Stylesheet
text/html 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 103ms
45ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
server: cloudflare
age: 3067
etag: W/"5813cfb2-d1d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a436a9-YYZ

GET
H2 200 twitter.svg
static.mediafire.com/images/icons/svg_light/ 949 B
827 B 108ms
51ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/twitter.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 12930
etag: W/"62deda56-3b5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a636a9-YYZ

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_light/ 401 B
589 B 122ms
64ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/facebook.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11081
etag: W/"62deda56-191"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d708c936a9-YYZ

GET
H2 200 usa.svg
www.mediafire.com/images/flags_svg/ 1 KB
744 B 111ms
52ms Image
image/svg+xml 104.16.114.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/flags_svg/usa.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.114.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1751
etag: W/"62deda56-5c7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6ef5e3972-YYZ

GET
H2 200 arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
537 B 113ms
55ms Image
image/svg+xml 104.16.114.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.114.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2940
etag: W/"62deda56-13b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6ef5f3972-YYZ

GET
H2 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 121ms
64ms Image
image/png 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2676
etag: "62deda56-750"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8241e5d708c736a9-YYZ
content-length: 1872
expires: Sun, 10 Dec 2023 20:56:48 GMT

GET
H2 200 download.svg
static.mediafire.com/images/icons/svg_light/ 348 B
648 B 98ms
40ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/download.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1148
etag: W/"62deda56-15c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a236a9-YYZ

GET
H2 200 link.svg
static.mediafire.com/images/icons/svg_dark/ 375 B
529 B 103ms
46ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/link.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 6851
etag: W/"62deda56-177"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8aa36a9-YYZ

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_dark/ 389 B
562 B 116ms
58ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/facebook.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 25
etag: W/"62deda56-185"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d708c236a9-YYZ

GET
H2 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
712 B 121ms
63ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1148
etag: W/"62deda56-2e1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a836a9-YYZ

GET
H2 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
443 B 112ms
55ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1045
etag: W/"62deda56-c7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d708c536a9-YYZ

GET
H2 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 131ms
73ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2676
etag: W/"62deda56-23ce2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e89d36a9-YYZ

GET
H2 200 continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
16 KB 110ms
52ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 451
etag: W/"62deda56-aae3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a036a9-YYZ

GET
H2 200 idn.svg
www.mediafire.com/images/flags_svg/ 238 B
584 B 109ms
51ms Image
image/svg+xml 104.16.114.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/flags_svg/idn.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.114.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 4963
etag: W/"62deda56-ee"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6ef5b3972-YYZ

GET
H2 200 flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
476 B 104ms
46ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1564
etag: W/"62deda56-ea"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d6e8a736a9-YYZ

GET
H3 404 ser.php Show response
news2023mdhw8447.viip-ky270.biz.id/ Frame 2100 16 B
458 B 93ms
93ms Document
text/html 2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2023mdhw8447.viip-ky270.biz.id/ser.php
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8241e5d69f0e4bd8-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:58:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3Hd5zPDtPz0GQBMqPM2gt6sAu7BXTQEqYE%2FfXl7w5ZVhoqkik1%2FwOIoH8hVWyD3z3ChGsSl%2F3ljGfDHlY7mREaFKii3Nia9wSJKcynDyR1YSnqVTj%2FIB%2Frroy8PGWqmCxZBXF0JrI6pQR%2BVgt2caHcJ%2F%2Bp17RWo0mwpT5Y3gugc"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
685 B 48ms
48ms Image
image/png 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 3215
etag: "62deda56-247"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8241e5d7692736a9-YYZ
content-length: 583
expires: Sun, 10 Dec 2023 18:26:49 GMT

GET
H2 200 container.html Show response
85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E2A2 6 KB
3 KB 104ms
33ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Sat, 09 Nov 2024 22:58:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B10 829 B
1 KB 114ms
48ms Document
text/html 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45ad6c6af92c2d7c9ea4ba1aaae8781661f45e8f18d6f556463ae90233d91102

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9-3DMPo6LKHd3bwJmivaVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9-3DMPo6LKHd3bwJmivaVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Fri, 10 Nov 2023 22:58:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 404 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame 25A6 0
412 B 120ms
46ms Document
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame FC79 34 KB
12 KB 227ms
99ms Document
text/html 23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d0c97ea7b19ca5e3bbeb84856a219dca9add04e88ecd570c9d481a794a288e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 11557
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Sun, 12 Nov 2023 22:58:01 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

pd Show response
jp-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

1 KB
993 B

48ms
47ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 33e05de910675337f8063968cff537b5bcd0c5da6ea0e981d839a2c3699e1888

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 661
content-type: text/html
date: Fri, 10 Nov 2023 22:58:01 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 10 Nov 2023 22:58:01 GMT
location: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F9DD 16 KB
6 KB 132ms
45ms Document
text/html 23.220.109.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.220.109.13 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-109-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=17932
content-encoding: gzip
content-length: 5636
content-type: text/html
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Sat, 11 Nov 2023 03:56:53 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 mf_round.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 1 KB
1 KB 66ms
66ms Image
image/svg+xml 104.16.113.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/mf_round.svg
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.113.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 12393
etag: W/"62deda56-5b1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 8241e5d708ca36a9-YYZ

POST
H2 200 / Show response
api.amplitude.com/ 7 B
227 B 272ms
92ms XHR
text/html 34.210.198.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.198.39 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-198-39.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-654eb579-2b050b741acbd8af0ae9e2bb
content-length: 7

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 41ms
40ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30102c49eff2bae16d09af2917d260af07b81b84508c844dd055610cd84892eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64579
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ 427 KB
134 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65280
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136817
x-xss-protection: 0
server: cafe
etag: 14142176788290477171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 04:50:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
93 B 111ms
48ms XHR
application/json 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=news2023mdhw8447.viip-ky270.biz.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

471074e52bcfefd4e27c5ee23a1f5c51182826c9404577e585f6ba224724d5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
expires: Fri, 10 Nov 2023 22:58:01 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58294/ Frame 4AF7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448&verify=true

0
121 B

43ms
42ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448&verify=true

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=b808f514-ddef-003f-051a-df1116140448&verify=true
date: Fri, 10 Nov 2023 22:58:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 4AF7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
https://id.rlcdn.com/464246.gif?partner_uid=c30a09fb-c8c2-0c16-0944-9ee8b82c91f9
https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYzMwYTA5ZmItYzhjMi0wYzE2LTA5NDQtOWVlOGI4MmM5MWY5EAAaDQj56rqqBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406&expected_cookie=890fc654-53a1-4c5d-918e-04adfad33702

0
140 B

127ms
127ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406&expected_cookie=890fc654-53a1-4c5d-918e-04adfad33702
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C7C425C82E3D4924A8CF61328726956A Ref B: NYCEDGE1412 Ref C: 2023-11-10T22:58:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJ1ECiK1pYI6Nf9B6ANw==

Redirect headers

date: Fri, 10 Nov 2023 22:58:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 06348786815D4855B823A0A66C15CB3B Ref B: NYCEDGE1412 Ref C: 2023-11-10T22:58:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=6d7e58e41b312c5878dc1dde97fadd4b80f4cf9e214dd42d39557090ad901c00791426b5417dce21&rand=05200406&expected_cookie=890fc654-53a1-4c5d-918e-04adfad33702
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJ1ECfzWw5sq6rGBwNtg==

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7573772419155461810

43 B
61 B

48ms
47ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072399&val=7573772419155461810
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
an-x-request-uuid: be855e90-4f37-4689-a629-cc8e7ba96fd2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://us-u.openx.net/w/1.0/sd?id=537072399&val=7573772419155461810
x-proxy-origin: 96.9.249.42; 96.9.249.42; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4438925548502429712&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

48ms
47ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4438925548502429712&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=4438925548502429712&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZU61eQAC3paUYwAj
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZU61eQAC3paUYwAj&_test=ZU61eQAC3paUYwAj

43 B
61 B

51ms
51ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZU61eQAC3paUYwAj&_test=ZU61eQAC3paUYwAj
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yyz4526-YYZ
pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1699657082.780488,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZU61eQAC3paUYwAj&_test=ZU61eQAC3paUYwAj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 020b10d9-9529-a83f-67ea-08ee7ee03d68
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4AF7 43 B
604 B 99ms
35ms Image
image/gif 2600:1f18:4e9:5a02:8e29:49f3:45a1:3923
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/020b10d9-9529-a83f-67ea-08ee7ee03d68?gdpr=0

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:8e29:49f3:45a1:3923 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4AF7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1&dcc=t

43 B
855 B

70ms
69ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1&dcc=t

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4S0TH1ZV18W8PEZCENM6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 23SB5TZFEV578DRWAMBE
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ce1a0ae0-192f-818c-9633-9c8ce9843bc1&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0&gdpr_consent=

43 B
62 B

89ms
89ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=96cc769d-0585-3a76-563d-1e1b81b7f021&gdpr=0&gdpr_consent=
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Kestrel
content-length: 335

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4AF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx&google_tc=

170 B
243 B

43ms
41ms

Image
image/png

172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx&google_tc=

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmFhM2E1NTctY2NmMi02NGQyLTQzZGQtNDRhMjRiNTUzZTQx&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4AF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQb43VrJGzHZCOBX7QpoZI&google_cver=1

43 B
61 B

45ms
44ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQb43VrJGzHZCOBX7QpoZI&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGQb43VrJGzHZCOBX7QpoZI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/4545/ 55 KB
14 KB 120ms
43ms Script
application/json 18.160.46.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/4545/cc_af.js
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-85.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a1ca667f8be1d9635b262dc3b15aeecc9d61e0fc2457a1f95ccf6d0bc25a37a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:07:37 GMT
content-encoding: gzip
via: 1.1 e14296585c8339d0a32f7c1d34fc00f2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 20:56:51 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 53425
x-amz-server-side-encryption: AES256
etag: W/"a4ff03e3d8274ebe2833a0a33a541e12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=86400
x-amz-cf-id: 0CYIfjowXyAIVBjAVMtUrCX7InVsCZm_vrtSypRUjIz2ztvvpuJtGg==

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/ 22 KB
4 KB 34ms
32ms Stylesheet
text/css 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.ufOQqicvD9U.O/am=CAM/d=1/rs=AN8SPfoeOOFCEIgPkmMy5SpiydqdLrbrfQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 08:42:10 GMT

GET
H3 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.ufOQqicvD9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoTLWg8APHHWKjvcZAWQqH0gssE4g/ 228 KB
81 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.ufOQqicvD9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoTLWg8APHHWKjvcZAWQqH0gssE4g/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.ufOQqicvD9U.O/am=CAM/d=1/rs=AN8SPfoeOOFCEIgPkmMy5SpiydqdLrbrfQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 19:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82441
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 00:23:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 19:27:57 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame FC79 61 B
301 B 102ms
34ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 457262
expires: 60

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 8923
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Drkt%26refUrl%3D%26vid%3D965708170834265868166346830...
https://contextual.media.net/cksync.html?cs=8&vsid=3426586816634683000V10&type=rkt&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=968062843147396471

227 B
650 B

91ms
91ms

Document
text/html

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3426586816634683000V10&type=rkt&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=968062843147396471

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 227
content-type: text/html;charset=UTF-8
date: Fri, 10 Nov 2023 22:58:01 GMT
expires: Fri, 10 Nov 2023 22:58:01 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Fri, 10 Nov 2023 22:58:01 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3426586816634683000V10&type=rkt&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=968062843147396471
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=4ba687e3-5353-4a19-8851-d824f780868b

53 B
464 B

149ms
149ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=4ba687e3-5353-4a19-8851-d824f780868b

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-151
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=son&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=4ba687e3-5353-4a19-8851-d824f780868b
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame FC79
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNjU4NjgxNjYzNDY4MzAwMFYxMA%3D%3D&google_sc=1
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyNjU4NjgxNjYzNDY4MzAwMFYxMA%3D%3D&google_sc=1&google_tc=
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHCe0pSYQayr5qMS29FpJ3g&google_cver=1

53 B
618 B

209ms
72ms

Image
image/gif

23.56.220.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHCe0pSYQayr5qMS29FpJ3g&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.56.220.66 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-220-66.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:02 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Fri, 10 Nov 2023 22:58:02 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHCe0pSYQayr5qMS29FpJ3g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Ddxu%26refUrl%3D%26vid%3D96570817083426586816634...
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3426586816634683000V10%26type%3Ddxu%26refUrl%3D%26vid%3D96570817083426586...
https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=dxu&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=UBy3zX5U1R1ArT5

53 B
451 B

95ms
95ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=dxu&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=UBy3zX5U1R1ArT5

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:02 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-031604a5df646009c@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=8&vsid=3426586816634683000V10&type=dxu&refUrl=&vid=96570817083426586816634683000V10&axid_e=&ovsid=UBy3zX5U1R1ArT5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a31c56d-ac84-43c1-8c1a-d10c89926bcf&gdpr=0&gdpr_consent=&us_privacy=

53 B
614 B

154ms
153ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a31c56d-ac84-43c1-8c1a-d10c89926bcf&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a31c56d-ac84-43c1-8c1a-d10c89926bcf&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 869793
content-length: 0
expires: Fri, 10 Nov 2023 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=medianet&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=medianet&gdpr=0&user_id=nvkWPMr5FTiF_ENqna0PbJ77RGCFrUFhmvlBL51h
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08fbd87c-6a17-4f25-912b-99623af0f654&gdpr=0&gdpr_consent=&gdpr_pd=

53 B
464 B

108ms
107ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08fbd87c-6a17-4f25-912b-99623af0f654&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:02 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08fbd87c-6a17-4f25-912b-99623af0f654&gdpr=0&gdpr_consent=&gdpr_pd=
Date: Fri, 10 Nov 2023 22:58:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=4Ddq_wnEpK02-uci6aGs

53 B
453 B

110ms
109ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=4Ddq_wnEpK02-uci6aGs

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:01 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:01 GMT
Content-Type: text/html; charset=utf-8
Location: https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=4Ddq_wnEpK02-uci6aGs
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 111
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3426586816634683000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3426586816634683000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=c14d07bd-6099-4494-9671-c4b7a792dc40&cs=1

53 B
464 B

75ms
75ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=c14d07bd-6099-4494-9671-c4b7a792dc40&cs=1

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:01 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=c14d07bd-6099-4494-9671-c4b7a792dc40&cs=1
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame FC79
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6

53 B
629 B

193ms
67ms

Image
image/gif

23.56.220.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.56.220.66 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-220-66.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Nov 2023 22:58:02 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 53
x-mnet-hl2: E
Expires: Fri, 10 Nov 2023 22:58:02 GMT

Redirect headers

location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6
date: Fri, 10 Nov 2023 22:58:01 GMT
server: Kestrel
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame FC79
Redirect Chain

https://creativecdn.com/cm-notify?pi=medianet
https://creativecdn.com/cm-notify?pi=medianet&tc=1
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=m6q14B64N65Vzf09FySd&pi=medianet&tc=1

53 B
455 B

78ms
77ms

Image
image/gif

23.202.152.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=m6q14B64N65Vzf09FySd&pi=medianet&tc=1

Requested by

Protocol

Server

23.202.152.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-152-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 10 Nov 2023 22:58:02 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=m6q14B64N65Vzf09FySd&pi=medianet&tc=1
pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT, Fri, 10 Nov 2023 22:58:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 41F3 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 97ms
32ms Image
image/svg+xml 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 04:39:40 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 35ms
35ms Image
image/png 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
x-content-type-options: nosniff
age: 2241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Nov 2024 22:20:40 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F9DD 2 KB
3 KB 97ms
30ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30529715&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f74a96f92e16dd881bfedf24301ab750dd3ef825b3b09b5ee54a16fdef0486c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:58:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect
analytics.google.com/g/ 0
268 B 98ms
39ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je3b81v887485693z86304663&_p=1699657080908&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=1000g&cid=197047835.1699657082&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699657081&sct=1&seg=0&dl=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2Fvhsfhqpdhdsih6%2F&dr=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2F&dt=Nama%20File.zip&en=page_view&_fv=1&_nsi=1&_ss=1&up.page_url=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2Fvhsfhqpdhdsih6%2F&tfd=1511
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news2023mdhw8447.viip-ky270.biz.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
268 B 105ms
40ms Ping
text/plain 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K68XP6D85D&cid=197047835.1699657082&gtm=45je3b81v887485693z86304663&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news2023mdhw8447.viip-ky270.biz.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
221 B 42ms
41ms XHR
text/plain 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=877371602&t=pageview&_s=1&dl=https%3A%2F%2Fnews2023mdhw8447.viip-ky270.biz.id%2Fvhsfhqpdhdsih6%2F&ul=en-us&de=UTF-8&dt=Nama%20File.zip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABEAAAACAAI~&jid=612187169&gjid=1428607881&cid=197047835.1699657082&tid=UA-829541-1&_gid=70889477.1699657082&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&tcfd=1000g&cd1=unregistered&cd7=legacy&cd3=video&cd4=4&cd5=mp4&cd8=%2F20%2F50%2F100%2F&jsscut=1&z=796134175

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news2023mdhw8447.viip-ky270.biz.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c08::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 22:46:12 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 710
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 11 Nov 2023 00:46:12 GMT

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame 67B7 43 B
855 B 48ms
48ms Document
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 Nov 2023 22:58:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3G059B6RH4CMN8V40TA2

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3178
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS3cwN0tuV3NBQUJLSExjd0dMZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://sync.technoratimedia.com/services?uid=AABKw07KnWsAABKHLcwGLg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?ev=AABKw07KnWsAABKHLcwGLg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKw07KnWsAABKHLcwGLg&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partneruserid=AABKw07KnWsAABKHLcwGLg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6104686414190543603&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKw07KnWsAABKHLcwGLg&gdpr=0&gdpr_consent=

42 B
279 B

27ms
26ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKw07KnWsAABKHLcwGLg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 10 Nov 2023 22:58:03 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKw07KnWsAABKHLcwGLg&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AF51
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7573772419155461810&gdpr=0&gdpr_consent=

42 B
447 B

85ms
30ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7573772419155461810&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: f2b5b7be-c01f-462c-a02a-b81e027bc8bd
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 22:58:02 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7573772419155461810&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 96.9.249.42; 96.9.249.42; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-InYa_xzROW8fr4P8Ha6ag%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

40ms
40ms

Image
text/html

23.220.109.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 23.220.109.13 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-109-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:02 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=17931
accept-ranges: bytes
content-length: 5636
expires: Sat, 11 Nov 2023 03:56:53 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame F9DD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%2C%2C

95 B
124 B

54ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%2C%2C

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&ttd_puid=6355890e-a7e2-4481-b87f-6d4f5489c5fb%2C%2C
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Kestrel
content-length: 359

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame F9DD 0
0 106ms
33ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&rnd=RND
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame F9DD
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

50ms
50ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Nov 2023 22:58:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 10 Nov 2023 22:58:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjg4OUQ4NkItRkM3My00NEU1LUJDN0UtQkUwRkYwNzZCQTZB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

81ms
26ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENF6ZskpRjGHPLP3t3hF1BY&google_cver=1

42 B
347 B

82ms
27ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENF6ZskpRjGHPLP3t3hF1BY&google_cver=1
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENF6ZskpRjGHPLP3t3hF1BY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3DDA4D46A8E94AF38B9C84F95A8C8761

42 B
403 B

27ms
27ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3DDA4D46A8E94AF38B9C84F95A8C8761
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Fri, 10 Nov 2023 22:58:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3DDA4D46A8E94AF38B9C84F95A8C8761
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 09 Nov 2023 22:58:02 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&gdpr=0&gdpr_consent=

42 B
392 B

93ms
31ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&gdpr=0&gdpr_consent=
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 14:48:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=00534eb6-18b8-48c4-9e2c-b79cb9b000a6&gdpr=0&gdpr_consent=
date: Fri, 10 Nov 2023 22:58:02 GMT
server: Kestrel
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y7MQ3ZhE2uVAaPSesa8YFX1hQXWg0UA-~A&gdpr=0

0
260 B

98ms
30ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y7MQ3ZhE2uVAaPSesa8YFX1hQXWg0UA-~A&gdpr=0
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y7MQ3ZhE2uVAaPSesa8YFX1hQXWg0UA-~A&gdpr=0
date: Fri, 10 Nov 2023 22:58:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 F889D86B-FC73-44E5-BC7E-BE0FF076BA6A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F9DD 43 B
602 B 35ms
34ms Image
image/gif 2600:1f18:4e9:5a02:8e29:49f3:45a1:3923
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F889D86B-FC73-44E5-BC7E-BE0FF076BA6A?gdpr=0&gdpr_consent=

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:8e29:49f3:45a1:3923 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:58:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F9DD
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=56060bc0fd821305&is_secure=true&networkId=17100&version=1&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF_4JAmyAEbQN9vsTlAAAAAAA&expiration=1699743482&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&...

42 B
295 B

31ms
31ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF_4JAmyAEbQN9vsTlAAAAAAA&expiration=1699743482&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 10 Nov 2023 22:58:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAF_4JAmyAEbQN9vsTlAAAAAAA&expiration=1699743482&nuid=F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 50ms
41ms XHR
text/plain 2607:f8b0:4004:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=197047835.1699657082&jid=612187169&gjid=1428607881&_gid=70889477.1699657082&_u=aADAAUAAEAAAACAAI~&z=322388421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Nov 2023 22:58:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news2023mdhw8447.viip-ky270.biz.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 44ms
43ms Image
image/gif 2607:f8b0:4004:c08::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=197047835.1699657082&jid=612187169&_u=aADAAUAAEAAAACAAI~&z=2024585341

Requested by

Host: news2023mdhw8447.viip-ky270.biz.id
URL: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news2023mdhw8447.viip-ky270.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/ Frame 60E6
Redirect Chain

https://bcp.crwdcntrl.net/5/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr

2 KB
2 KB

76ms
75ms

Document
text/html

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/4545/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c865ec5ea692b3a536e2fd07fe78196b86aeb781f965f5dc516ca4c85322aa7f

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 1631
content-type: text/html;charset=utf-8
date: Fri, 10 Nov 2023 22:58:03 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.54.145

Redirect headers

cache-control: no-cache
content-length: 0
date: Fri, 10 Nov 2023 22:58:03 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.10.189

POST
H3 200 rum Show response
news2023mdhw8447.viip-ky270.biz.id/cdn-cgi/ 0
72 B 38ms
31ms XHR
text/plain 2606:4700:3032::6815:55da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news2023mdhw8447.viip-ky270.biz.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:55da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Fri, 10 Nov 2023 22:58:03 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8241e5e5782e4bd8-BUF
x-frame-options: DENY

GET
H2 200 5907
tags.bluekai.com/site/ Frame 60E6 62 B
453 B 303ms
219ms Image
image/gif 23.220.136.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=7b1271ba603394c4b253dc3b6055e0f0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.136.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-136-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 10 Nov 2023 22:58:04 GMT
content-length: 62
content-type: image/gif

GET
H2

200

tpid=004194d26861113397c8db50e2950c64
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 60E6
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=004194d26861113397c8db50e2950c64

49 B
265 B

54ms
54ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=004194d26861113397c8db50e2950c64
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.166
content-length: 49
expires: 0

Redirect headers

date: Fri, 10 Nov 2023 22:58:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s4a-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=004194d26861113397c8db50e2950c64
access-control-allow-origin: *
cache-control: no-store
cf-ray: 8241e5e72d65a1ed-YYZ
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 60E6 170 B
188 B 42ms
40ms Image
image/png 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=YTFmMmM1MWVkYjJkN2IzZGFkZmM1Yjk3ZGE5ZGQ4Yg&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 60E6 170 B
188 B 43ms
41ms Image
image/png 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTFmMmM1MWVkYjJkN2IzZGFkZmM1Yjk3ZGE5ZGQ4Yg&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4438925548502429712/ Frame 60E6
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a1f2c51edb2d7b3dadfc5b97da9dd8b/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4438925548502429712/gdpr=0

49 B
265 B

45ms
45ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4438925548502429712/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.55.137
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4438925548502429712/gdpr=0
pragma: no-cache
date: Fri, 10 Nov 2023 22:58:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 60E6
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-sw63LT5E2pxK3WJpNYfDgrSIMhzDgGfn7fg-~A&gdpr=0

49 B
265 B

47ms
46ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-sw63LT5E2pxK3WJpNYfDgrSIMhzDgGfn7fg-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.12.233
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-sw63LT5E2pxK3WJpNYfDgrSIMhzDgGfn7fg-~A&gdpr=0
date: Fri, 10 Nov 2023 22:58:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rand=395099796
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7573772419155461810/gdpr=0/ Frame 60E6
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=395099796
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7573772419155461810/gdpr=0/rand=395099796

49 B
265 B

64ms
45ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7573772419155461810/gdpr=0/rand=395099796
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.199
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:03 GMT
an-x-request-uuid: 0e2808bd-2a23-4fc6-8acc-5c8881519a56
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=7573772419155461810/gdpr=0/rand=395099796
x-proxy-origin: 96.9.249.42; 96.9.249.42; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=45c2cc7c-011e-4cff-a37e-58570a2fa683-654eb57c-5553/ Frame 60E6
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=45c2cc7c-011e-4cff-a37e-58570a2fa683-654eb57c-5553/gdpr=0

49 B
264 B

43ms
43ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=45c2cc7c-011e-4cff-a37e-58570a2fa683-654eb57c-5553/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.6.89
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:03 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=45c2cc7c-011e-4cff-a37e-58570a2fa683-654eb57c-5553/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 60E6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=

49 B
264 B

44ms
44ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.48.65
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=
Date: Fri, 10 Nov 2023 22:58:04 GMT
Connection: keep-alive
Content-Length: 165
Content-Type: text/html; charset=utf-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6/gdpr=0/ Frame 60E6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6/gdpr=0/gdpr_consent=

49 B
264 B

61ms
55ms

Image
image/gif

107.22.34.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=4545/rand=778597816/pv=y/adv=%23OpR%2342598%23Referral%20Site%20%3A%20news2023mdhw8447.viip-ky270.biz.id/rt=ifr
Protocol: H2
Server: 107.22.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-34-250.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 22:58:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.46
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=00534eb6-18b8-48c4-9e2c-b79cb9b000a6/gdpr=0/gdpr_consent=
date: Fri, 10 Nov 2023 22:58:03 GMT
server: Kestrel
content-length: 249

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F9DD 0
129 B 32ms
31ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:45:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.aaxdetect.com
URL: https://www.aaxdetect.com/pxext.gif

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

148 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news2023mdhw8447.viip-ky270.biz.id/vhsfhqpdhdsih6	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
otnolatrnup.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
otnolatrnup.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
otnolatrnup.com/	1969-12-31 23:59:59	Name: ISSH Value: 6F37A2
otnolatrnup.com/	1969-12-31 23:59:59	Name: VMI Value:
otnolatrnup.com/	1970-01-21 01:43:37	Name: CHN Value: #[]
otnolatrnup.com/	1970-01-21 01:43:37	Name: MSSH Value: #{}
otnolatrnup.com/	1970-01-21 01:43:37	Name: MSRH Value: #{}
otnolatrnup.com/	1970-01-21 01:43:37	Name: ILP Value: {"Profile":{"Audiences":{"Audience":[],"ThirdPartyAudience":[]}},"CreatedDate":"2023-11-10T22:58:01.2095177Z"}
otnolatrnup.com/	1970-01-21 01:43:37	Name: ILPLU Value: #11/10/2023 10:58:01 PM
otnolatrnup.com/	1970-01-21 01:43:37	Name: ILEALC Value: #11/10/2023 10:58:01 PM
otnolatrnup.com/	1970-01-20 16:07:51	Name: ILMPF Value: #True
otnolatrnup.com/	1970-01-21 01:43:37	Name: IPMPLU Value: #
otnolatrnup.com/	1970-01-21 01:43:37	Name: IPMUID Value: #
otnolatrnup.com/	1970-01-21 01:43:37	Name: BSWUID Value: #
otnolatrnup.com/	1970-01-21 01:43:37	Name: IBL Value: #[]
otnolatrnup.com/	1970-01-21 01:43:37	Name: IUID Value: b2a2f4d0-bba8-41e2-ad17-4198cb1321ac
.viip-ky270.biz.id/	1970-01-21 00:53:13	Name: amp_28916b Value: pxwE_dqQ5qs_KrnhhaNCJW...1hetn9okh.1hetn9oki.0.1.1
.mediafire.com/	1970-01-20 16:07:38	Name: __cf_bm Value: SelwLnXCBl4wHnSvGh8ChF3oX5n4dFqgmlYvxyGowKU-1699657081-0-AbvrjIrsKqbi6wb4ISoLe+DSaF7F+YrEFuuIlUtpUltQzJp2H6tssrLzMTut486z2J+zGEeWUCxUJvOBj8Tbi18=
.openx.net/	1970-01-21 00:53:13	Name: i Value: 456049c4-ac02-0581-0ceb-d6f3e590c3dc\|1699657081
otnolatrnup.com/	1970-01-21 01:43:37	Name: ISH Value: #{"101":[{"SId":"6F37A2","D":"23/11/10T14:58:1"},{"SId":"6F37A2","D":"23/11/10T14:58:1"}]}
otnolatrnup.com/	1970-01-21 01:43:37	Name: ISH_Q Value: #[101,101]
.openx.net/	1970-01-20 16:29:13	Name: pd Value: v2\|1699657081\|vMbwgag2gKhEvPkWgyiK
.media.net/	1970-01-21 00:53:13	Name: visitor-id Value: 3426586816634683000V10
.everesttech.net/	1970-01-21 00:53:13	Name: everest_g_v2 Value: g_surferid~ZU61eQAC3paUYwAj
.yahoo.com/	1970-01-21 00:53:34	Name: A3 Value: d=AQABBHm1TmUCEMqpNNMyOU2gW0MIhhTRqOQFEgEBAQEGUGVYZdw10iMA_eMAAA&S=AQAAAuAy1IXqg9kGp9Uqd6k1-e0
.adnxs.com/	1970-01-20 18:17:13	Name: uuid2 Value: 7573772419155461810
.rfihub.com/	1970-01-21 01:29:13	Name: rud Value: H4sIAAAAAAAA_-MSsjSzMDAzsjAxNjQxN7Y0MzE3FOIz1C0KKi6KD6vKKssuSAcAQPn9gyQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzMDAzsjAxNjQxN7Y0MzE3FOIz1C0KKi6KD6vKKssuSAcAQPn9gyQAAAA
.criteo.com/	1970-01-21 01:29:13	Name: uid Value: 1a31c56d-ac84-43c1-8c1a-d10c89926bcf
.go.sonobi.com/	1970-01-20 16:50:49	Name: __uis Value: 4ba687e3-5353-4a19-8851-d824f780868b
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86151\|ZU61f
.adsrvr.org/	1970-01-21 00:54:39	Name: TDID Value: 00534eb6-18b8-48c4-9e2c-b79cb9b000a6
.turn.com/	1970-01-20 20:26:49	Name: uid Value: 4438925548502429712
.zemanta.com/	1970-01-21 00:53:13	Name: zuid Value: 4Ddq_wnEpK02-uci6aGs
.rlcdn.com/	1970-01-21 00:53:13	Name: rlas3 Value: +p4V01xUE1hJ/DAIngNW7qSqmW26tzTALV1YVNoayEk=
.bidswitch.net/	1970-01-21 00:53:13	Name: tuuid Value: 08fbd87c-6a17-4f25-912b-99623af0f654
.bidswitch.net/	1970-01-21 00:53:13	Name: c Value: 1699657081
.bidswitch.net/	1970-01-21 00:53:13	Name: tuuid_lu Value: 1699657081
.mfadsrvr.com/	1970-01-21 01:43:37	Name: tuuid Value: c14d07bd-6099-4494-9671-c4b7a792dc40
.mfadsrvr.com/	1970-01-21 01:43:37	Name: c Value: 1699657081
.mfadsrvr.com/	1970-01-21 01:43:37	Name: tuuid_lu Value: 1699657081
.doubleclick.net/	1970-01-21 01:43:37	Name: IDE Value: AHWqTUkBLK-trZZoLrEgfEMjZYli4Yb1Y-07b6xRnvCp1jqs-ZG4BIGnvMnd4wfi00Y
.w55c.net/	1970-01-21 01:37:51	Name: wfivefivec Value: UBy3zX5U1R1ArT5
.amazon-adsystem.com/	1970-01-20 21:44:34	Name: ad-id Value: AzVCa52IJ06htvm4q-Sby-A
.amazon-adsystem.com/	1970-01-21 01:43:37	Name: ad-privacy Value: 0
.mfadsrvr.com/	1970-01-21 01:43:37	Name: ssh Value: !medianet,1699657081
.rlcdn.com/	1970-01-20 17:34:01	Name: pxrc Value: CPnquqoGEgUI6AcQABIFCOhHEAA=
.media.net/	1970-01-21 00:51:46	Name: data-rk Value: 968062843147396471~~8
.w55c.net/	1970-01-20 16:50:49	Name: matchmedianet Value: 5
.media.net/	1970-01-20 16:50:49	Name: data-c Value: 1a31c56d-ac84-43c1-8c1a-d10c89926bcf~~1
.media.net/	1970-01-20 16:50:49	Name: data-c-ts Value: 1699657081
.media.net/	1970-01-20 16:47:56	Name: data-so Value: 4ba687e3-5353-4a19-8851-d824f780868b~~8
.media.net/	1970-01-21 00:53:13	Name: data-ze Value: 4Ddq_wnEpK02-uci6aGs~~1
.media.net/	1970-01-21 00:53:13	Name: data-mf Value: c14d07bd-6099-4494-9671-c4b7a792dc40~~1
.openx.net/	1970-01-20 16:29:13	Name: univ_id Value: 537072971\|00534eb6-18b8-48c4-9e2c-b79cb9b000a6\|1699657081911591
.quantserve.com/	1970-01-20 18:17:13	Name: d Value: EHABDQGyKv7KwQA
.quantserve.com/	1970-01-21 01:37:51	Name: mc Value: 654eb57a-0a35a-567f9-ac825
.media.net/	1970-01-20 16:27:46	Name: data-g Value: CAESEHCe0pSYQayr5qMS29FpJ3g~~8
.pippio.com/	1970-01-21 00:53:13	Name: did Value: U1w9nVZnClJnWGBH
.pippio.com/	1970-01-21 00:53:13	Name: didts Value: 1699657082
.pippio.com/	1970-01-20 17:34:01	Name: nnls Value:
.pippio.com/	1970-01-20 17:34:01	Name: pxrc Value: CPrquqoGEgYIgr0rEAA=
.media.net/	1970-01-21 00:51:46	Name: data-xu Value: UBy3zX5U1R1ArT5~~8
.media.net/	1970-01-20 16:27:46	Name: data-ttd Value: 00534eb6-18b8-48c4-9e2c-b79cb9b000a6~~1
.creativecdn.com/	1970-01-21 00:53:13	Name: u Value: m6q14B64N65Vzf09FySd
.creativecdn.com/	1970-01-21 00:53:13	Name: ts Value: 1699657082
.media.net/	1970-01-21 00:51:46	Name: data-bs Value: 08fbd87c-6a17-4f25-912b-99623af0f654~~1
.viip-ky270.biz.id/	1970-01-21 01:43:37	Name: _ga_K68XP6D85D Value: GS1.1.1699657081.1.0.1699657081.60.0.0
.viip-ky270.biz.id/	1970-01-21 01:43:37	Name: _ga Value: GA1.3.197047835.1699657082
.viip-ky270.biz.id/	1970-01-20 16:09:03	Name: _gid Value: GA1.3.70889477.1699657082
.viip-ky270.biz.id/	1970-01-20 16:07:37	Name: _gat_gtag_UA_829541_1 Value: 1
.media.net/	1970-01-21 00:53:13	Name: data-rbh Value: m6q14B64N65Vzf09FySd~~1
.pubmatic.com/	1970-01-21 00:53:13	Name: KADUSERCOOKIE Value: F889D86B-FC73-44E5-BC7E-BE0FF076BA6A
.pubmatic.com/	1970-01-20 18:17:13	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 16:09:03	Name: pi Value: 158936:2
.pubmatic.com/	1970-01-20 18:17:13	Name: DPSync3 Value: 1700784000%3A263_201%7C1699660800%3A248%7C1700179200%3A265
.pubmatic.com/	1970-01-20 18:17:13	Name: SyncRTB3 Value: 1700179200%3A15_223%7C1700784000%3A220_21_250_71_13_54_166_3
.linkedin.com/	1970-01-20 18:17:13	Name: li_sugr Value: 890fc654-53a1-4c5d-918e-04adfad33702
.linkedin.com/	1970-01-21 00:53:13	Name: bcookie Value: "v=2&d708735d-e5f5-4a08-8d65-4ed62de1ea0b"
.linkedin.com/	1970-01-20 16:09:03	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3095:u=1:x=1:i=1699657082:t=1699743482:v=2:sig=AQHNFd7tkkVpNVr9rBf9txb7qbLGUzhr"
.tapad.com/	1970-01-20 17:34:01	Name: TapAd_TS Value: 1699657082353
.tapad.com/	1970-01-20 17:34:01	Name: TapAd_DID Value: 6355890e-a7e2-4481-b87f-6d4f5489c5fb
.simpli.fi/	1970-01-21 00:54:39	Name: suid Value: 3DDA4D46A8E94AF38B9C84F95A8C8761
.pubmatic.com/	1970-01-20 18:17:13	Name: KRTBCOOKIE_80 Value: 22987-CAESENF6ZskpRjGHPLP3t3hF1BY&KRTB&23025-CAESENF6ZskpRjGHPLP3t3hF1BY&KRTB&23386-CAESENF6ZskpRjGHPLP3t3hF1BY
.3lift.com/	1970-01-20 18:17:13	Name: tluid Value: 4026702659116821159421
.pubmatic.com/	1970-01-20 16:50:49	Name: KRTBCOOKIE_148 Value: 19421-uid:3DDA4D46A8E94AF38B9C84F95A8C8761&KRTB&23486-uid:3DDA4D46A8E94AF38B9C84F95A8C8761&KRTB&23489-uid:3DDA4D46A8E94AF38B9C84F95A8C8761&KRTB&23539-uid:3DDA4D46A8E94AF38B9C84F95A8C8761
.pubmatic.com/	1970-01-20 18:17:13	Name: KRTBCOOKIE_57 Value: 22776-7573772419155461810&KRTB&23339-7573772419155461810
.pubmatic.com/	1970-01-20 18:17:13	Name: KRTBCOOKIE_377 Value: 6810-00534eb6-18b8-48c4-9e2c-b79cb9b000a6&KRTB&22918-00534eb6-18b8-48c4-9e2c-b79cb9b000a6&KRTB&22926-00534eb6-18b8-48c4-9e2c-b79cb9b000a6&KRTB&23031-00534eb6-18b8-48c4-9e2c-b79cb9b000a6
.tapad.com/	1970-01-20 17:34:01	Name: TapAd_3WAY_SYNCS Value: 1!7558
.bidr.io/	1970-01-21 01:36:07	Name: bito Value: AABKw07KnWsAABKHLcwGLg
.bidr.io/	1970-01-21 01:36:07	Name: bitoIsSecure Value: ok
.dotomi.com/	1970-01-20 16:07:37	Name: DotomiTest Value: 56060bc0fd821305
.pubmatic.com/	1970-01-20 18:17:13	Name: KRTBCOOKIE_32 Value: 11175-AAAF_4JAmyAEbQN9vsTlAAAAAAA&KRTB&22713-AAAF_4JAmyAEbQN9vsTlAAAAAAA&KRTB&22715-AAAF_4JAmyAEbQN9vsTlAAAAAAA&KRTB&23519-AAAF_4JAmyAEbQN9vsTlAAAAAAA
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_16 Value: 1543803565212
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_37 Value: dead61bc-78a4-30d5-80da-28d40350beb8
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_44 Value: LOT7M0E4-1E-A6XO
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_45 Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_46 Value: 933969323214082473
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_48 Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_49 Value: AAAGdGSgu6XOxQMiRSjXAAAAAAA
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_50 Value: c2ef14c1-edaf-4140-9823-e9045e583f3f
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_61 Value: 212340805736899
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_62 Value: 3426581256634286000V10
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_64 Value: 3x1JjnAKeiNWL3nriBeJD922v3etLDfM
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_7 Value: 23510390-1c83-49f8-8c37-6da9f5bbaf6b
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_70 Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_73 Value: AABKw07KnWsAABKHLcwGLg
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_76 Value: RX-53bd76bb-1a49-470d-b65e-9dffdc32dd97-005
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_77 Value: FZTdFMoEh4t3aD55ZViFNKbRrX9oUr1-RXF4fDjKMjY
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_79 Value: 559af555-9c97-44ae-bfe1-490800ac6a58
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_80 Value: y-u_ZJNLJE2uH4HWd8zbGFONxV8kAu85nF~A
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_82 Value: ZU6zTaqFS2.mKDJ88F7YjAAA&3622
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_83 Value: XDRyPC3y39Ya
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_88 Value: 1730828658607102484124
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uidp_90 Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/	1970-01-20 16:11:56	Name: tads_uidp_91 Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uid Value: F90811F7D6314A85920B1BF54471AE23
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_uid_cd Value: 20231009004227+0000
.technoratimedia.com/	1970-01-21 01:43:37	Name: tads_zora Value: 2
.technoratimedia.com/	1970-01-20 16:09:03	Name: envelope_liveramp.com Value: 1693142250488
.contextweb.com/	1970-01-21 00:46:01	Name: V Value: 0qh6k4aKLJtQ
.contextweb.com/	1970-01-21 00:53:13	Name: pb_rtb_ev Value: 3-1nx5\|7dN.0.AABKw07KnWsAABKHLcwGLg
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 26d6c3520643ae2f
.smartadserver.com/	1970-01-21 01:37:51	Name: pid Value: 6104686414190543603
.smartadserver.com/	1970-01-21 01:37:51	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:54:39	Name: csync Value: 127:AABKw07KnWsAABKHLcwGLg
.pubmatic.com/	1970-01-20 18:17:13	Name: KRTBCOOKIE_699 Value: 22727-AABKw07KnWsAABKHLcwGLg
.pubmatic.com/	1970-01-20 16:50:49	Name: PugT Value: 1699657083
.crwdcntrl.net/	1970-01-20 22:36:22	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 22:36:22	Name: _cc_id Value: a1f2c51edb2d7b3dadfc5b97da9dd8b
.crwdcntrl.net/	1970-01-20 22:36:25	Name: _cc_cc Value: "ACZ4XmOQTzRMM0o2NUxNSTJKMU8yTklMSUs2TbI0T0m0TEmxSGIAglS%2FrdUgGgJ4L516xMZ4UJnhPyMjw70PljBm%2B7qn3DD2uaOHmGHsHxunsMDYu%2FddFoCxPzTch7O%2FPt5sBBM%2FvHgOXP3vmQeYYOLbu7VgzHdLEEoa%2FmvChAEyWED6"
.crwdcntrl.net/	1970-01-20 22:36:25	Name: _cc_aud Value: "ABR4XmNgYGBI9dtaDaQggJmBgWsGmHm5C0zNWggkAGAPBSE%3D"
.adsrvr.org/	1970-01-21 00:54:39	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiw2e7k0JKxPBAFEhQKBXRhcGFkEgsIkKqm5tCSsTwQBRgBIAEoAjILCMLciKLnkrE8EAU4AVoGbG90YW1lYAI.
.analytics.yahoo.com/	1970-01-21 00:53:13	Name: IDSYNC Value: "18za~2eza:18z8~2eza:19bk~2eza"
.sitescout.com/	1970-01-21 00:53:13	Name: ssi Value: 45c2cc7c-011e-4cff-a37e-58570a2fa683#1699657084049
.truoptik.com/	1970-01-21 00:53:13	Name: to_master_s Value: 004194d26861113397c8db50e2950c64
.truoptik.com/	1970-01-21 00:53:13	Name: to_version_s Value: b2
.sitescout.com/	1970-01-20 16:50:49	Name: _ssuma Value: eyI3IjoxNjk5NjU3MDg0MDg3fQ
sync.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
sync.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id-v2 Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id-v2 Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
sync.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id-v3 Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCD86rqqBjABOgRzygDyQgRVlCUX.iX92pa%2FEB5HAQzxPJsQqP3XxumH23HwZ9ERe61ydg2Y
.srv.stackadapt.com/	1970-01-21 00:53:13	Name: sa-user-id-v3 Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCD86rqqBjABOgRzygDyQgRVlCUX.iX92pa%2FEB5HAQzxPJsQqP3XxumH23HwZ9ERe61ydg2Y
.bluekai.com/	1970-01-20 20:29:41	Name: bku Value: Whz99c0NEZP2QXyI
.bluekai.com/	1970-01-20 20:29:41	Name: bkpa Value: KJy9BQeJd02pSUHknpD81ezdqsk+SUx21Yjoje6lRMW0BpaiRERy1p18Bs16RM/N1tHM1t/t1eDNjEOZ1919L0GwnQ==
.pubmatic.com/	1970-01-20 16:50:49	Name: SPugT Value: 1699627540

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://translate.googleapis.com/translate_static/css/translateelement.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adservice.google.com.au/adsid/integrator.js?domain=www.mediafire.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c.aaxads.com/pxusr.gif Message: Failed to load resource: the server responded with a status of 525 ()
network	error	URL: https://www.aaxdetect.com/pxext.gif Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://translate.googleapis.com/translate_static/css/translateelement.css Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: about:srcdoc Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:srcdoc Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://news2023mdhw8447.viip-ky270.biz.id/js/prebid5.17.0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news2023mdhw8447.viip-ky270.biz.id/ser.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20F889D86B-FC73-44E5-BC7E-BE0FF076BA6A&rnd=RND Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.google.com
api.amplitude.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.aaxads.com
cdn.amplitude.com
cdn.jsdelivr.net
cdn.otnolatrnup.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
creativecdn.com
cs.media.net
d.turn.com
dis.criteo.com
dmp.truoptik.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jp-u.openx.net
match.adsrvr.org
match.prod.bidr.io
news2023mdhw8447.viip-ky270.biz.id
otnolatrnup.com
p.rfihub.com
pippio.com
pixel-sync.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.cloudflareinsights.com
static.mediafire.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tags.bluekai.com
tags.crwdcntrl.net
translate.google.com
translate.googleapis.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mediafire.com
x.bidswitch.net
www.aaxdetect.com
104.16.113.74
104.16.114.74
104.17.215.204
107.178.254.65
107.22.34.250
151.101.130.49
162.248.18.37
172.253.62.157
18.160.46.85
185.184.8.90
198.148.27.131
199.38.167.131
2001:4860:4802:34::181
207.198.113.93
216.22.16.56
23.202.152.28
23.220.109.13
23.220.136.230
23.56.220.66
2600:1f18:4e9:5a02:8e29:49f3:45a1:3923
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:4bd8
2606:4700:10::ac43:4e7
2606:4700:3032::6815:55da
2606:4700::6810:3965
2606:4700::6813:d625
2606:4700::6813:d725
2606:ae80:1451:24::760
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::67
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::8a
2607:f8b0:4004:c1d::64
2607:f8b0:4004:c1f::9b
2607:f8b0:4004:c1f::9c
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a04:4e42:400::485
34.111.113.62
34.150.170.96
34.200.65.202
34.210.198.39
35.190.60.146
35.207.24.140
35.211.178.172
35.244.159.8
35.71.131.137
40.76.134.238
52.223.22.214
52.46.128.147
52.85.150.185
54.157.181.245
54.165.78.186
54.205.157.40
64.202.112.223
68.67.160.114
69.166.1.35
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
110e8dc5261fe7b5d2554ae1e9c0fce9cc4a4e6da9f1e4d3b224d73899ae6588
112f08b87c5353387baf521c2a1a779e8c58a20e7c839d246e7443d73f8aeeb8
142bd0549a442560a04bf359fada39e2933aea7c949d434a4902e3e7e06e43ac
15794fe40d6d8aca71e7aff46a28e70a0ac0235fa59aef65dc620cd9ef0bf90e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067
1cd217a21553137aeacaa6e36a35ed416d65de9c36460ee691a3931e1fc17122
1fe00e681adfd8a212cb5f90e3205ef350ab21f502ce2cabd1db0317d1793a11
23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30102c49eff2bae16d09af2917d260af07b81b84508c844dd055610cd84892eb
30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
33e05de910675337f8063968cff537b5bcd0c5da6ea0e981d839a2c3699e1888
3bbf6cce8b320aa357a0e3cf835f8468abc126fab9cc87e6d6719f1413f11cad
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
45ad6c6af92c2d7c9ea4ba1aaae8781661f45e8f18d6f556463ae90233d91102
471074e52bcfefd4e27c5ee23a1f5c51182826c9404577e585f6ba224724d5bd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63bc88bdf5fed9118229c6f0a7f30683f1657e67f9b76bfa41d57f09f21bf5e4
6ffd580e41cb41bce6c987a46e5161debab35ee3774a66ec45805f7752629236
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1
7df954c3aa9deca5c357e6ef2cfff004d3ded663813119e7d21df55b65a24264
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
8a1ca667f8be1d9635b262dc3b15aeecc9d61e0fc2457a1f95ccf6d0bc25a37a
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c
8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5
9309123f2f619d3ff749e60744bf2ca8c6dab1e8a5f04193bf95343481a9bc43
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b70393fc58e8325e777e1739f40088a1210a931291cdce250a2eade1326e5f6a
b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705
b7f2badd2e97b0aa9ab0b197e33a3f93e8600831537817283d67b7f6eba566fa
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c60fb9b724b984008465c7c64fdd479d6d3e424c88811a967b59640947de38b6
c865ec5ea692b3a536e2fd07fe78196b86aeb781f965f5dc516ca4c85322aa7f
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
d0c97ea7b19ca5e3bbeb84856a219dca9add04e88ecd570c9d481a794a288e68
d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6
d9a5e1e28bd2b5dd6d8f054ff8327082cebccad14696f2b25257100a12a21002
dda4e88d19b47a0ea8710990fc11d58ff446e9006e284202f738f2004c2459da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c9e6f20408074510f325c8df4025b37de77e46be1d40c646b60693822fa07
e47abe2beeae2d47e8e0bea79521d71fc658d4bd3b17cec7752e0178109cfb47
ede061a5e1cd56329cd9288e8bac4865e0e356600be79172622e17f66c655d7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f
f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64
f2eaccda7b281d79a8bdf4e191afb15ef95a5ba2d82bba99a5b381e7e9f2c198
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f67c2ecb3d37164b6dcd39e18afbd46aa6857e9c0fcc9e3a0bdddd4402d28a9a
f74a96f92e16dd881bfedf24301ab750dd3ef825b3b09b5ee54a16fdef0486c6
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
feda321bb681dc8593f1cc761778fe3b2ba6447399d3a152cf3c65917df6b147

news2023mdhw8447.viip-ky270.biz.id Open in urlscan Pro 2606:4700:3032::6815:55da Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

71 %HTTPS

42 %IPv6

52 Domains

78 Subdomains

48 IPs

3 Countries

1504 kBTransfer

4299 kBSize

148 Cookies

11 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news2023mdhw8447.viip-ky270.biz.id Open in urlscan Pro
2606:4700:3032::6815:55da Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

71 %
HTTPS

42 %
IPv6

52
Domains

78
Subdomains

48
IPs

3
Countries

1504 kB
Transfer

4299 kB
Size

148
Cookies

130 HTTP transactions
1 data transactions