Submitted URL: http://inewsntt.id/
Effective URL: https://ntt.inews.id/?utm_source=inewsntt
Submission: On October 29 via api from US — Scanned from NL

Summary

This website contacted 60 IPs in 8 countries across 43 domains to perform 316 HTTP transactions. The main IP is 2600:9000:214f:d800:1:b1a4:2f40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ntt.inews.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.
This is the only time ntt.inews.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2600:9000:214... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
30 2600:9000:214... 16509 (AMAZON-02)
43 2600:9000:205... 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 2 2a03:2880:f24... 32934 (FACEBOOK)
1 5 99.86.4.2 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
2 216.139.248.131 32400 (HWSERVICE...)
12 142.250.185.98 15169 (GOOGLE)
13 2600:9000:211... 16509 (AMAZON-02)
1 104.244.42.8 13414 (TWITTER)
12 2001:4860:480... 15169 (GOOGLE)
1 23.35.236.201 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 64.185.181.185 40009 (BITGRAVITY)
3 2600:9000:205... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
12 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
5 2a02:2638::21 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a02:2638:1::8 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
1 99.80.121.57 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
2 79.133.177.232 24429 (TAOBAO Zh...)
14 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 202.147.193.157 17670 (MNCKABELM...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 13.32.27.98 16509 (AMAZON-02)
3 108.156.60.100 16509 (AMAZON-02)
3 18.116.181.226 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 79.133.177.229 24429 (TAOBAO Zh...)
316 60
Apex Domain
Subdomains
Transfer
73 inews.co.id
static.inews.co.id — Cisco Umbrella Rank: 434494
img.inews.co.id — Cisco Umbrella Rank: 126613
959 KB
37 googlesyndication.com
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com
320 KB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
csm.eu.criteo.net — Cisco Umbrella Rank: 8826
pix.eu.criteo.net — Cisco Umbrella Rank: 8729
303 KB
18 okezone.com
sindikasi.okezone.com — Cisco Umbrella Rank: 157871
cdn.okezone.com — Cisco Umbrella Rank: 152333
img.okezone.com — Cisco Umbrella Rank: 113046
470 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
327 KB
17 inews.id
ntt.inews.id
sindikasi.inews.id — Cisco Umbrella Rank: 549902
72 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2835
124 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 71
www.google.com — Cisco Umbrella Rank: 2
2 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 383
218 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 408
mug.criteo.com — Cisco Umbrella Rank: 3300
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 14119
ads.eu.criteo.com — Cisco Umbrella Rank: 8689
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10655
73 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
467 KB
6 mncnow.id
static.mncnow.id — Cisco Umbrella Rank: 183958
228 KB
6 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 11001
certify.alexametrics.com — Cisco Umbrella Rank: 6007
8 KB
6 indozone.news
statics.indozone.news — Cisco Umbrella Rank: 336654
377 KB
6 visionplus.id
www.visionplus.id — Cisco Umbrella Rank: 166871
cluster-images.visionplus.id — Cisco Umbrella Rank: 205443
69 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 150
5 KB
4 rctiplus.com
www.rctiplus.com — Cisco Umbrella Rank: 144558
analytics.rctiplus.com — Cisco Umbrella Rank: 205233
gamesx.rctiplus.com — Cisco Umbrella Rank: 205111
9 KB
4 google.nl
adservice.google.nl — Cisco Umbrella Rank: 15036
www.google.nl — Cisco Umbrella Rank: 9384
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
168 KB
3 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
142 B
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 759
syndication.twitter.com — Cisco Umbrella Rank: 1109
133 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 763
40 KB
2 gstatic.com
fonts.gstatic.com
26 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
ajax.googleapis.com — Cisco Umbrella Rank: 293
32 KB
2 affinitymatrix.com
cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 42324
121 KB
2 affinity.com
hbs.ph.affinity.com — Cisco Umbrella Rank: 45601
20 KB
2 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1239
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 967
6 KB
1 rctiplus.id
static.rctiplus.id — Cisco Umbrella Rank: 163210
11 KB
1 mnctrijaya.com
www.mnctrijaya.com — Cisco Umbrella Rank: 244441
147 KB
1 idxchannel.com
img.idxchannel.com — Cisco Umbrella Rank: 176272
15 KB
1 sportstars.id
img.sportstars.id — Cisco Umbrella Rank: 182733
84 KB
1 celebrities.id
img.celebrities.id — Cisco Umbrella Rank: 181671
30 KB
1 buddyku.id
i.buddyku.id — Cisco Umbrella Rank: 255837
408 KB
1 sindonews.net
pict.sindonews.net — Cisco Umbrella Rank: 36604
31 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
388 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1463
336 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 484
622 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 208
5 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
97 KB
1 inewsntt.id
inewsntt.id
710 B
0 rlcdn.com Failed
api.rlcdn.com Failed
316 43
Domain Requested by
43 img.inews.co.id ntt.inews.id
static.inews.co.id
30 static.inews.co.id ntt.inews.id
static.inews.co.id
21 tpc.googlesyndication.com ntt.inews.id
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
14 cdn.okezone.com sindikasi.okezone.com
cdn.okezone.com
13 sindikasi.inews.id static.inews.co.id
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 static.criteo.net ads.eu.criteo.com
12 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ntt.inews.id
www.visionplus.id
11 pix.eu.criteo.net ads.eu.criteo.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 www.google.com 2 redirects ntt.inews.id
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
9 www.googletagmanager.com ntt.inews.id
www.googletagmanager.com
www.rctiplus.com
www.visionplus.id
gamesx.rctiplus.com
6 static.mncnow.id www.visionplus.id
6 statics.indozone.news www.rctiplus.com
5 www.visionplus.id static.inews.co.id
www.visionplus.id
5 csm.eu.criteo.net ads.eu.criteo.com
5 sb.scorecardresearch.com 1 redirects ntt.inews.id
www.visionplus.id
4 stats.g.doubleclick.net www.google-analytics.com
4 www.googletagservices.com ntt.inews.id
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 ntt.inews.id static.inews.co.id
3 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.rctiplus.com
gamesx.rctiplus.com
certify-js.alexametrics.com
3 certify.alexametrics.com www.rctiplus.com
gamesx.rctiplus.com
www.visionplus.id
3 certify-js.alexametrics.com ntt.inews.id
www.visionplus.id
3 sindikasi.okezone.com static.inews.co.id
3 d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 gamesx.rctiplus.com ntt.inews.id
static.cloudflareinsights.com
2 unpkg.com 1 redirects sindikasi.okezone.com
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net ntt.inews.id
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com ntt.inews.id
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
2 rtb.nl.eu.criteo.com ntt.inews.id
2 cdn4-hbs.affinitymatrix.com hbs.ph.affinity.com
2 www.google.nl ntt.inews.id
2 mug.criteo.com ntt.inews.id
2 gum.criteo.com 1 redirects
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.nl securepubads.g.doubleclick.net
2 hbs.ph.affinity.com ntt.inews.id
cdn4-hbs.affinitymatrix.com
2 www.instagram.com 1 redirects ntt.inews.id
2 platform.twitter.com ntt.inews.id
platform.twitter.com
1 4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cluster-images.visionplus.id www.visionplus.id
1 static.cloudflareinsights.com gamesx.rctiplus.com
1 ajax.googleapis.com www.visionplus.id
1 analytics.rctiplus.com www.rctiplus.com
1 static.rctiplus.id www.rctiplus.com
1 www.mnctrijaya.com sindikasi.okezone.com
1 img.idxchannel.com sindikasi.okezone.com
1 img.sportstars.id sindikasi.okezone.com
1 img.celebrities.id sindikasi.okezone.com
1 i.buddyku.id sindikasi.okezone.com
1 img.okezone.com sindikasi.okezone.com
1 pict.sindonews.net sindikasi.okezone.com
1 www.rctiplus.com static.inews.co.id
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 cdn.jsdelivr.net cdn4-hbs.affinitymatrix.com
1 fonts.googleapis.com cdnjs.cloudflare.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 region1.google-analytics.com www.googletagmanager.com
1 ads.pubmatic.com ntt.inews.id
1 syndication.twitter.com platform.twitter.com
1 inewsntt.id 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
316 67

This site contains links to these domains. Also see Links.

Domain
www.inews.id
aceh.inews.id
sumut.inews.id
sumsel.inews.id
jabar.inews.id
jateng.inews.id
yogya.inews.id
jatim.inews.id
bali.inews.id
kalbar.inews.id
sulsel.inews.id
babel.inews.id
regional.inews.id
lampung.inews.id
maluku.inews.id
papua.inews.id
sumbar.inews.id
ntb.inews.id
sulut.inews.id
kalteng.inews.id
kalsel.inews.id
kaltim.inews.id
tv.inews.id
www.okezone.com
www.idxchannel.com
www.celebrities.id
www.buddyku.com
www.sindonews.com
www.sportstars.id
koran-sindo.com
www.rctiplus.com
motionpay.id
aladinmall.misteraladin.com
www.roov.id
emshop.id
www.visionplus.id
www.mnc-insurance.com
www.motiontrade.id
motionbanking.id
www.misteraladin.com
acehutara.inews.id
asahanraya.inews.id
batam.inews.id
bengkuluutara.inews.id
deliraya.inews.id
dumai.inews.id
jambi.inews.id
kutaraja.inews.id
lamsel.inews.id
lintasbabel.inews.id
lhokseumawe.inews.id
madina.inews.id
medan.inews.id
palembang.inews.id
pekanbaru.inews.id
portalaceh.inews.id
pringsewu.inews.id
riau.inews.id
siantar.inews.id
waykanan.inews.id
badung.inews.id
bandungraya.inews.id
banten.inews.id
batu.inews.id
bekasi.inews.id
blitar.inews.id
bogor.inews.id
bojonegoro.inews.id
bondowoso.inews.id
boyolali.inews.id
brebes.inews.id
ciamisraya.inews.id
cianjur.inews.id
cilacap.inews.id
cilegon.inews.id
cirebon.inews.id
demak.inews.id
depok.inews.id
garut.inews.id
gresik.inews.id
indramayu.inews.id
jatenginfo.inews.id
jember.inews.id
joglosemar.inews.id
karanganyar.inews.id
karawang.inews.id
kediri.inews.id
kuningan.inews.id
lamongan.inews.id
madiun.inews.id
malang.inews.id
mojokerto.inews.id
muria.inews.id
ngawi.inews.id
pandeglang.inews.id
pangandaran.inews.id
pantura.inews.id
pasuruan.inews.id
pemalang.inews.id
ponorogo.inews.id
probolinggo.inews.id
purwakarta.inews.id
purwokerto.inews.id
salatiga.inews.id
semarang.inews.id
serpong.inews.id
sidoarjo.inews.id
soloraya.inews.id
sragen.inews.id
subang.inews.id
sukabumi.inews.id
surabaya.inews.id
tangsel.inews.id
tasikmalaya.inews.id
tegal.inews.id
temanggung.inews.id
tuban.inews.id
tulungagung.inews.id
baritoinfo.inews.id
balikpapan.inews.id
kobar.inews.id
kutai.inews.id
samarinda.inews.id
celebes.inews.id
kendari.inews.id
lutra.inews.id
manado.inews.id
palopo.inews.id
palu.inews.id
parepare.inews.id
polman.inews.id
toraja.inews.id
sorongraya.inews.id
alor.inews.id
belu.inews.id
bima.inews.id
flores.inews.id
lombok.inews.id
mataram.inews.id
sumba.inews.id
ternate.inews.id
ttu.inews.id
kemkes.go.id
www.jobsmnc.co.id
www.mncgroup.com
www.mncpeduli.org
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
Subject Issuer Validity Valid
*.inews.id
Sectigo RSA Domain Validation Secure Server CA
2021-12-22 -
2022-12-22
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.inews.co.id
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-06-28
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-06 -
2023-11-06
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.ph.affinity.com
Go Daddy Secure Certificate Authority - G2
2022-04-08 -
2023-05-10
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-01 -
2023-10-01
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.google.nl
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.affinitymatrix.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.okezone.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-30 -
2023-09-30
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-10 -
2023-01-10
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-14 -
2023-01-13
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-27 -
2022-12-29
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-21 -
2022-11-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.rctiplus.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-08-24 -
2023-08-24
a year crt.sh
*.sindonews.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-02-27 -
2023-03-30
a year crt.sh
*.buddyku.id
Sectigo RSA Domain Validation Secure Server CA
2022-08-22 -
2023-09-02
a year crt.sh
*.celebrities.id
Sectigo RSA Domain Validation Secure Server CA
2022-02-27 -
2023-02-27
a year crt.sh
*.sportstars.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-04-28 -
2023-04-28
a year crt.sh
*.idxchannel.com
AlphaSSL CA - SHA256 - G2
2022-06-08 -
2023-07-10
a year crt.sh
mnctrijaya.com
Amazon
2022-10-11 -
2023-11-10
a year crt.sh
*.visionplus.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-11-30 -
2022-11-29
a year crt.sh
*.rctiplus.id
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-08-29 -
2023-08-29
a year crt.sh
certify-js.alexametrics.com
Amazon
2022-05-30 -
2023-06-27
a year crt.sh
certify.alexametrics.com
Amazon
2022-05-30 -
2023-06-28
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2022-09-12 -
2023-10-11
a year crt.sh
*.mncnow.id
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-11-19 -
2022-11-18
a year crt.sh

This page contains 20 frames:

Primary Page: https://ntt.inews.id/?utm_source=inewsntt
Frame ID: C1F9FA2A4640ECFD21A7267F818D96F6
Requests: 129 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Frame ID: 0DC6F9480E934FC2532C6BABFBC2D12D
Requests: 2 HTTP requests in this frame

Frame: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA35C94F98F04AEE12ABCE22D9151CCB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: F8CDC97EB30FB6E1D3F956782ED321B4
Requests: 12 HTTP requests in this frame

Frame: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29043E27B0C689E22140E931EDE0F0A8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 98AAC1737BD5958F27151A7F4EA566AF
Requests: 13 HTTP requests in this frame

Frame: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7E1746F484642150D24DDD173ED2CCC8
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CifdTQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTeAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI6C__rNZna58M9GAJL4Yf_Ih5JiVpT5v2wQVOUFybg36tDjVhFkyOAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=zIzUaZzwnhQ&uach_m=[UACH]&cid=CAQSPwDq26N9dN1NNo1nZfHK4gEPciv5cShcuwBQIguzynaaIHRKi7OJ-iLj-Wq7lCzgxwBVbg0cmqtLi_EfWsq3PxgBIBM
Frame ID: 2BF0439C1AA2AC00B0349A9DB039CF35
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: EF6A40090140DC4DD1CAAFB3AB0FB818
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: 3B0E113F5DDB1362A6C90B35B1FA448B
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C23FA898DAA131146E566D90BC652F9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FFC88CC6F490AC1801F5984A3291BB2
Requests: 2 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Frame ID: 4B632308AE994846BFD964E62192F41D
Requests: 23 HTTP requests in this frame

Frame: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Frame ID: F6B984E19C9C647503FD1499C6B37B54
Requests: 15 HTTP requests in this frame

Frame: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Frame ID: E4A0AED50CC24500DA29BECEF0F1D8BC
Requests: 40 HTTP requests in this frame

Frame: https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Frame ID: D97456D6D517D92AEE8638DFE34E0ABA
Requests: 9 HTTP requests in this frame

Frame: https://4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BBE1E9FD8B5C15D2B1C37820D1E40108
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvAbVK_8jXdENckpKwjIffcgQ0Vwk-Y0RjoAspjTGLKVDpilG6O08g7QeDl3Bq-afLbCtfA3v-QTR4OjM8i5zSC3h5MZXhcb7hOqpvlSm7Oik_P8iJPp9EoFlJeBh-4yGPDK-cMJn0ftzBGlgIL1f9Fo3r9DMeYr6fMrec_CQ4tgsIFudbN1lUuZDWKE_sF8pMLe_yfA3cyoc0RcQXgQ4SauguRS2M4u2T776_1lALsdqDa2j9cFSLhuXGOU4QIpXxmH45FzN-KsB43GKUMbqj__StFr2QMhkDwByQ-bZRhNGlL-URBGjnGdGYQb47w4d8LE65DnpjnohFp1YXJw&sai=AMfl-YTbLK6Ah9_2FwpBfmvesejiX_EQerI_ejxfdwghD3VzInrEhUGL2QlyhTnAPJRVQABySvLC5_KiD8IVMR_WFAVX6t5vG733HXAfT6wk&sig=Cg0ArKJSzOU29POt4-6SEAE&uach_m=[UACH]&adurl=
Frame ID: 878BD8D7763AEE08084FD871A2D045DF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66F4467C642EBDF4A592455B34BCB291
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E8787D4696B4C8BDE39776574F44147
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Berita NTT Terbaru Terkini - iNews Portal

Page URL History Show full URLs

  1. http://inewsntt.id/ HTTP 301
    https://ntt.inews.id/?utm_source=inewsntt Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

316
Requests

97 %
HTTPS

72 %
IPv6

43
Domains

67
Subdomains

60
IPs

8
Countries

5414 kB
Transfer

10160 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://inewsntt.id/ HTTP 301
    https://ntt.inews.id/?utm_source=inewsntt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 55
  • https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
Request Chain 70
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6mRhRHxDaGlXREJmK1JlOEF0M3F6MzRDVS9NcGJmSFB0SmNHdFo2Vk1PYURMekNUNDVVWitXU2RnRCtycmlqMzA3WUM4NWxRVmRPTUZ3NkZhMUhmeVF2YXdmbFl2QzJrdkFVTGl6cExqYzh2Tzl1Y0d5OG44M0Q0QTZuWUFaMWxLY3l0QlNDcXlZL0hGVmNXdkpZN2JrcVl5NWtIcHduWEdSSld3SWoxT1BvTUhqYmsvaDQ3a09rNmFDUEt6ZmtCQkYvcmZSc1Q1VFBhalYyOERzVjRtMDA5amhCZmFiQVQzQ2RQUEl2Q3ptZGl5bHJnPXw&cppv=2
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 237
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

316 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ntt.inews.id/
Redirect Chain
  • http://inewsntt.id/
  • https://ntt.inews.id/?utm_source=inewsntt
107 KB
14 KB
Document
General
Full URL
https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3c663a7c68483722dd841b8a6aed8b2e41fb1678863490a9ffbd5e5ce809032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 08:07:30 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-id
ugTpqNmVv5iK5NQcBeA00zlKe-fXdF8NYgnOuSef_yQklcY2vx_lYw==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
761a6afa9f8c0bba-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 29 Oct 2022 08:07:29 GMT
Expires
Sat, 29 Oct 2022 09:07:29 GMT
Location
https://ntt.inews.id?utm_source=inewsntt
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW2iWxET3GaKs6m%2FNMWum1ItOuRrdO5hnaWgUUYrI0NxDah6y6s5AVgiPxb5WjDbq4nvjbAMSB%2BxnTqC6ogdJbdzDV1ZXYMSFJeQWRCsngF%2BScBS8NIEF19TfMV7Dh3EW6GrPItIfAe6ig%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/
80 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cc4f71a61eaf27f7bf71e09195170d1970d1a5534a6fd3520cfa7fd96678243
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27393
x-xss-protection
0
server
sffe
etag
"1377 / 371 of 1000 / last-modified: 1666994710"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Oct 2022 08:07:31 GMT
mix-desk-v2.min.css
static.inews.co.id/css/
369 KB
52 KB
Stylesheet
General
Full URL
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:11 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 08:42:18 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885680
etag
W/"632193ea-5c365"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
aMQnl_aSHbpezVmdWvnzQPek-TIoqlz2HV-fyG9CIYIIez2QLTzA6w==
expires
Wed, 21 Sep 2022 08:46:11 GMT
3kolom.css
static.inews.co.id/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://static.inews.co.id/css/3kolom.css?v=72
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:11 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jun 2022 04:07:08 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885680
etag
W/"62b92cec-7eb6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
-inX8Edj65mHD2uWt116fzb-i5XqAokI3EDuA56TrPoxc2d-HMR7kw==
expires
Wed, 21 Sep 2022 08:46:11 GMT
daerah.min.css
static.inews.co.id/css/
940 B
791 B
Stylesheet
General
Full URL
https://static.inews.co.id/css/daerah.min.css?v=72
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 03:41:29 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
2867162
etag
W/"61778473-3ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
ExRoEYfh-mOokvXmQrCvvSmciKIEPmGU_6LEyRFGmy5ml--TbLhaSA==
expires
Mon, 03 Oct 2022 03:41:29 GMT
auto-complete.min.css
static.inews.co.id/css/
533 B
710 B
Stylesheet
General
Full URL
https://static.inews.co.id/css/auto-complete.min.css?v=72
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:11 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:48 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885680
etag
W/"61778478-215"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
5Q4x8GfxMgSAakL7aVAD0C2FX1704Q9pxLXZQRcGsjv1DlovFGRdyw==
expires
Wed, 21 Sep 2022 08:46:11 GMT
sticky_navbar.min.css
static.inews.co.id/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://static.inews.co.id/css/sticky_navbar.min.css?v=72
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:11 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885680
etag
W/"61778473-ac7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
CS4DEIF2jaIhJ4e0OEaccwUh-WcBWwqC0iWylkUvzt2N9rYy9fbXqA==
expires
Wed, 21 Sep 2022 08:46:11 GMT
swiper-bundle.min.css
static.inews.co.id/js/swiper/
15 KB
5 KB
Stylesheet
General
Full URL
https://static.inews.co.id/js/swiper/swiper-bundle.min.css
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 08:17:54 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Wed, 13 Apr 2022 08:03:41 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
9848977
etag
W/"625683dd-3b4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
dpNQNELJ4cw_cGFhv7Sc_HL1_5fd2ls8nE7e4wgScQeGW99Egi_R6A==
expires
Thu, 14 Jul 2022 08:17:54 GMT
logoinews.png
img.inews.co.id/media/100/files/inews_new/2018/10/11/
3 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/100/files/inews_new/2018/10/11/logoinews.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
4454
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-VWlNbXjsGs"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315357843
content-length
3338
x-amz-cf-id
K1SW5GN-cqRqwsk35iVLa4lfbwFqPXI7HYaN57H24wRNJ-LblFCf9w==
expires
Mon, 25 Oct 2032 19:05:39 GMT
iNews@2x.png
static.inews.co.id/img/
1 KB
2 KB
Image
General
Full URL
https://static.inews.co.id/img/iNews@2x.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 06:36:08 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
6831083
etag
"61778473-5f8"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1528
x-amz-cf-id
z8ooqFgbWDk8_bBsJL7tOHWdBbU1PuD2piGCJgRB62L6pY2ZTCs66g==
expires
Thu, 18 Aug 2022 06:36:08 GMT
icon-inews-tv.gif
img.inews.co.id/files/img/
49 KB
49 KB
Image
General
Full URL
https://img.inews.co.id/files/img/icon-inews-tv.gif
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
44756
x-cache
Hit from cloudfront
content-length
49785
server
nginx
etag
"5b6a89ce-c279"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iLxjFyyhBjo_LWu4Z2yBhFtWxV8-QKkl8M26aRDVCD9y_nVB-vY70g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
right-menu.svg
static.inews.co.id/img/
420 B
732 B
Image
General
Full URL
https://static.inews.co.id/img/right-menu.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 01:37:22 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
4429808
x-cache
Hit from cloudfront
last-modified
Thu, 01 Sep 2022 15:07:39 GMT
server
nginx
etag
W/"6310cabb-1a4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SGsI1CS150WJft1gdyRgabKTdEcgIyZPEx4yTWvpjoNJvld8n0ZelQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
network.png
static.inews.co.id/img/
550 B
934 B
Image
General
Full URL
https://static.inews.co.id/img/network.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 07:01:17 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:07:42 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
2855174
etag
"6310cabe-226"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
550
x-amz-cf-id
tq3xHdACmI-ys5jjbVqls-rS-u-OTvegUE8Nzn58u2DimVpY0TfFQA==
expires
Mon, 03 Oct 2022 07:01:17 GMT
ntt.png
img.inews.co.id/media/600/files/img/
0
0
Image
General
Full URL
https://img.inews.co.id/media/600/files/img/ntt.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

close-red.png
static.inews.co.id/img/
421 B
805 B
Image
General
Full URL
https://static.inews.co.id/img/close-red.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 23:30:45 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:07:39 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
4955806
etag
"6310cabb-1a5"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
421
x-amz-cf-id
oV8Wft9-wlCaiW_O4eLGTksquJxdslhg7qSnkIBBoMnV8pqCaRoihw==
expires
Thu, 08 Sep 2022 23:30:45 GMT
pencoblosan.jpg
img.inews.co.id/media/600/files/inews_new/2020/11/19/
28 KB
28 KB
Image
General
Full URL
https://img.inews.co.id/media/600/files/inews_new/2020/11/19/pencoblosan.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Thu, 19 Nov 2020 02:37:43 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fb5da77-173f8"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
28395
x-amz-cf-id
DLUFFl4ndCE9E-RyNgKA84z2-dG-vbFVZFNxBCA_7pDSAVzgKGfKwg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/04/
21 KB
21 KB
Image
General
Full URL
https://img.inews.co.id/media/600/files/inews_new/2020/12/04/lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 01:40:15 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc9937f-101e9"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
21234
x-amz-cf-id
HJWKuG-_EV75s9lA4fbRKn7Lucsmg_VYTumH7sQWyVYTKedpco1lPw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
doni_monardo.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/
48 KB
49 KB
Image
General
Full URL
https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 04:33:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc71934-2db2f"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
49223
x-amz-cf-id
sREP9Lc-6FY6BTkF5epK41WZAS6Htkue_dNCRW7bYdRnTcNW8eJRKg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
doni_monardo_di_ntt.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/
20 KB
20 KB
Image
General
Full URL
https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo_di_ntt.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Tue, 01 Dec 2020 18:49:59 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc69057-11fd1"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
20070
x-amz-cf-id
70hFT2In4ujnBKyMYYJaffJQcVrFbneBZ43V_22BfFUyuOMWl7vmsA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
pos_pantau_gunung_ile_ape.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/01/
14 KB
14 KB
Image
General
Full URL
https://img.inews.co.id/media/600/files/inews_new/2020/12/01/pos_pantau_gunung_ile_ape.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Tue, 01 Dec 2020 00:39:50 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc590d6-ae85"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
14100
x-amz-cf-id
EMAl-5EzrrnoHhjFq8Sjj59ZRcp6ZuP2T1t8M-Im6Agje9kWBctUxw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
imageload.png
img.inews.co.id/media/250/files/inews_new/
2 KB
3 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/imageload.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
5557
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-M5eBqsrbNV"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315357474
content-length
2479
x-amz-cf-id
noqH7vR_lfVegXEz7Ehs_KkuGk9zsVrDgjNXZnO9hxjnDKRM1Tv8XA==
expires
Mon, 25 Oct 2032 18:59:30 GMT
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 08:07:31 GMT
Content-Encoding
gzip
Age
66
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29223
x-amzn-internal-status
304
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (amb/6B95)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB
Script
General
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Server
2a03:2880:f245:e0:face:b00c:0:4420 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 19:38:05 GMT
content-encoding
br
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843

Redirect headers

date
Sat, 29 Oct 2022 08:07:31 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
nao
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=86400
content-length
0
auto-complete.min.js
static.inews.co.id/js/
5 KB
2 KB
Script
General
Full URL
https://static.inews.co.id/js/auto-complete.min.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 06:53:12 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
4324459
etag
W/"61778473-1462"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
8YKHzrkG_kSQ5j8Ip8dZB_b7WEYqP4uXXzIetR2FxKkxZTZHYPowLQ==
expires
Fri, 16 Sep 2022 06:53:12 GMT
mix-desk.min.js
static.inews.co.id/js/
228 KB
68 KB
Script
General
Full URL
https://static.inews.co.id/js/mix-desk.min.js?v=4
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:11 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885680
etag
W/"61778473-390af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
8gntWApnP3WFIc7q0lOlUw_wJbIPFz8ORKLJSbfdJnKbzD0U_aie-A==
expires
Wed, 21 Sep 2022 08:46:11 GMT
script-v2.js
static.inews.co.id/js/
4 KB
2 KB
Script
General
Full URL
https://static.inews.co.id/js/script-v2.js?v=4
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:46:12 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:07:42 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3885679
etag
W/"6310cabe-e6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
V0Hbj_9hMsBSWCLZSVemaUrbrWgiBOEZTQo1uWLT4M55yq_nat63vw==
expires
Wed, 21 Sep 2022 08:46:12 GMT
lazy.js
static.inews.co.id/js/
4 KB
2 KB
Script
General
Full URL
https://static.inews.co.id/js/lazy.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 00:52:16 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
5469315
etag
W/"61778473-e1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
KxuI0XG2DwAm1VeyTd14T_4tY4o0l6Fq7dowdyARMqCu4DGu_ejX3A==
expires
Sat, 03 Sep 2022 00:52:16 GMT
crypto-js.min.js
static.inews.co.id/js/
47 KB
17 KB
Script
General
Full URL
https://static.inews.co.id/js/crypto-js.min.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 15:13:41 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jun 2022 04:07:11 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
10688030
etag
W/"62b92cef-bcbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
kDvYRO1K7ZUJRjkj0fbCf-JtBsVWW1EsQILZ_dHZJUuhUgSli-9tJg==
expires
Mon, 04 Jul 2022 15:13:41 GMT
swiper-bundle.min.js
static.inews.co.id/js/swiper/
132 KB
37 KB
Script
General
Full URL
https://static.inews.co.id/js/swiper/swiper-bundle.min.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 08:17:55 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Wed, 13 Apr 2022 08:03:47 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
9848976
etag
W/"625683e3-20eb2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
7iUqsnVBp2nXW0tzbVGnTWN6IAXCCRKxY-yGej9y5bmZoZOAYGVIlQ==
expires
Thu, 14 Jul 2022 08:17:55 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:16:04 GMT
content-encoding
gzip
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
13898
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
oJ63NsRB9vN0jcSx53RHksMtqpwETPc3ZyZ4F9zeBKvrmJrWfNQQqg==
gtm.js
www.googletagmanager.com/
171 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcd284c04cfa73be86d88ef2d5e94f9b03f30d3b3a54aef0f23df7db9f564131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59566
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
hbs.ph.affinity.com/v5/inews.id/
3 KB
2 KB
Script
General
Full URL
https://hbs.ph.affinity.com/v5/inews.id/index.php?t=2998
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-131.aus.us.siteprotect.com
Software
nginx / PHP/7.3.6
Resource Hash
dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 08:07:31 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.3.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/Javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
Expires
Sun, 29 Oct 2023 08:07:31 GMT
chevron-down.svg
static.inews.co.id/img/
212 B
743 B
Image
General
Full URL
https://static.inews.co.id/img/chevron-down.svg
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 19:02:34 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3416697
x-cache
Hit from cloudfront
content-length
212
last-modified
Tue, 26 Jul 2022 07:32:36 GMT
server
nginx
etag
"62df9894-d4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
8fhy3XgTtaBEqg5cw5FtnFpcRAfJ6HLZ1Eds915RwEpRcWPxFWVxog==
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-live.svg
static.inews.co.id/img/
2 KB
1 KB
Image
General
Full URL
https://static.inews.co.id/img/icon-live.svg
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:35:06 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3385944
x-cache
Hit from cloudfront
last-modified
Thu, 01 Sep 2022 15:07:42 GMT
server
nginx
etag
W/"6310cabe-8a1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5LvvnPGj1fjkUOKls5upsr3jRLWkcUCDHTN3twhWcGg9JaodNhcM9Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
glyphicons-halflings-regular.woff2
static.inews.co.id/fonts/
18 KB
18 KB
Font
General
Full URL
https://static.inews.co.id/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin
https://ntt.inews.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
44756
etag
"61778473-466c"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
18028
x-amz-cf-id
JYyblEtf_sspp6IHKB07qGutpAGrtcsQEh99hwtKEQH4C8uXhOA6PA==
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/
378 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:48:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130606
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:35:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 15:48:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
374 B
801 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntt.inews.id
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
x-xss-protection
0
expires
Sat, 29 Oct 2022 08:07:31 GMT
ntt
ntt.inews.id/getstreaming/desktop/
0
1 KB
XHR
General
Full URL
https://ntt.inews.id/getstreaming/desktop/ntt
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
br
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA53-C1
x-content-type-options
nosniff
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-amz-cf-id
zqMeF7QaF9K9w-nlt0K_WxSCUMQ1W03JXBe2UG0e-_Nf12ddtk3vPw==
x-xss-protection
1; mode=block
editor_choice
sindikasi.inews.id/widget/desktop/
17 KB
18 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/editor_choice?id=ntt&div=sideLeft0&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
83bc7f39d7324eaeff30ed92ba481e3e7df76caf527c64ad75ad382695537cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
Y_PLzWsKQnjzIrHEKjYkWU7UUd888ATugfvJByWa-F_1DI1PAHP4Fg==
x-xss-protection
1; mode=block
popular_news
sindikasi.inews.id/widget/desktop/
0
394 B
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/popular_news?id=ntt&div=sideLeft1&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
9_t5cAULRiTpaTMNoxsXzSctRkVuJD7ESIES1Voq_NaVmeSHdSzS4g==
x-xss-protection
1; mode=block
popular_topics
sindikasi.inews.id/widget/desktop/
2 KB
2 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/popular_topics?id=ntt&div=sideLeft2&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e92bc51e1e95183013312de1d86bdd4d90eeb1e89cb1d74ebf6f81c439dd5c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
e0Jw1_157bxM95khpON-G0o7ANy5WF-cm1r2rBKKuqzfqWdPDOpcSA==
x-xss-protection
1; mode=block
banner-right
sindikasi.inews.id/widget/desktop/
0
395 B
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/banner-right?id=ntt&div=sideRight1&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
PvjzfIUvjRt32XzYOj2IyxBL0eun3f8bNvlJ0qQvpGhLe65H753KUQ==
x-xss-protection
1; mode=block
streaming
sindikasi.inews.id/widget/desktop/
384 B
787 B
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/streaming?id=ntt&div=sideRight2&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
8od3TTnA_f53vsmJBpU5M29YPJj2hmk1OrpCRN9IHadmW_1_FoqN2w==
x-xss-protection
1; mode=block
korona
sindikasi.inews.id/widget/desktop/
10 KB
10 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/korona?id=ntt&div=sideRight3&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
25a7c90dad907b924c8fc5d7818883958f27f252aeea7a890637e128878ff5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
lJVibYj8KrWwyek9LkmOQahn8MH65fF3xc_wXo8QW3qB4auTHTaZ_Q==
x-xss-protection
1; mode=block
side_video
sindikasi.inews.id/widget/desktop/
10 KB
11 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/side_video?id=ntt&div=sideRight4&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
lM1dlUfxFLz360UlI_f0L_gZ4OFJke9EQQcxOwhCi90ULx4RFfeKhQ==
x-xss-protection
1; mode=block
side_photo
sindikasi.inews.id/widget/desktop/
181 B
584 B
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/side_photo?id=ntt&div=sideRight5&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
vpWJJWX7CMn3503UnHtKoKjjk3PgzYUKRopER0YarIgWbm_iWH61GA==
x-xss-protection
1; mode=block
mncportal
sindikasi.inews.id/widget/desktop/
502 B
905 B
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/mncportal?id=ntt&div=sideRight6&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
8S4r2iAzWHbQC2iDVGtGLxiRyZJTP9z_059xGDWJ7zgXxir1Z2HHpA==
x-xss-protection
1; mode=block
rctiplus
sindikasi.inews.id/widget/desktop/
785 B
1 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/rctiplus?id=ntt&div=sideRight7&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
MKN7Sf2AbLUVzVY32IABf8izvOX66nq1uRkawQdabS52WGEfzvcjTg==
x-xss-protection
1; mode=block
visionplus
sindikasi.inews.id/widget/desktop/
756 B
1 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/visionplus?id=ntt&div=sideRight8&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
NA95pjKcqlOtV1cO7nszbA_Qp7UfR6XlShBQBUVLS-iJgD47E_vukQ==
x-xss-protection
1; mode=block
article
sindikasi.inews.id/widget/desktop/
4 KB
5 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/article?id=ntt&div=sideRight9&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
PQ1HZIfZmiiib8Y_yayU8IPVzowvYyzD1wLEYa84j_KDao-VESK0yA==
x-xss-protection
1; mode=block
social_media
sindikasi.inews.id/widget/desktop/
4 KB
4 KB
XHR
General
Full URL
https://sindikasi.inews.id/widget/desktop/social_media?id=ntt&div=sideRight10&slug=ntt&subslug=&type=&source=region
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-amz-cf-id
MhPFN3r8aWBp7_9gZgERyGZkp68h8nochj5iLAAYC8XajOBJ33Gl4w==
x-xss-protection
1; mode=block
slick.woff
static.inews.co.id/plugins/slick/fonts/
1 KB
2 KB
Font
General
Full URL
https://static.inews.co.id/plugins/slick/fonts/slick.woff
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin
https://ntt.inews.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:49 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
44756
etag
"61778479-564"
x-cache
Hit from cloudfront
content-type
font/woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
1380
x-amz-cf-id
SPe8itbHq7bC7NNscNgBQOV9G9Ifj9v64U-3iJR7ow2ly-KCZ_vpUw==
ajax-loader.gif
static.inews.co.id/plugins/slick/
4 KB
4 KB
Image
General
Full URL
https://static.inews.co.id/plugins/slick/ajax-loader.gif
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 10:02:25 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:43 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
5781906
etag
"61778473-1052"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4178
x-amz-cf-id
DjstjvojViawfHpbx58rysmy352IOVq-NOuTV6ggZA32zZm9vIE0MQ==
expires
Tue, 30 Aug 2022 10:02:25 GMT
load-aiml
ntt.inews.id/
3 KB
1 KB
XHR
General
Full URL
https://ntt.inews.id/load-aiml
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
br
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Dx8D75aA5mzC686HnqOGVLSGZyVRVtr4LX_8nChNDNo_9aG4RZmQmg==
6.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/
8 KB
9 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/05/6.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sat, 05 Dec 2020 07:42:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fcb39e1-9930"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
8477
x-amz-cf-id
1nDrDUVK8J1nTvCH4scRb-_LYj9PceUEuHZy0sao_eQJfc-s_0mY2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
3.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/
6 KB
7 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/05/3.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sat, 05 Dec 2020 05:55:47 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fcb20e3-4f7e"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
6337
x-amz-cf-id
ROxwHs2GU22jYKAYT7KiSCfqa4UmSuLE4J5gtcDJWxCdVzPfBgmoAQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terki...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terk...
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
0soXTpUNS0paSauQwyNFHmaqzqcfYq-jFO-CykhnZQJmFaFOm-rqXQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030851524&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
date
Sat, 29 Oct 2022 08:07:31 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
sbOuCL-lopbt0Xa2UUd-C5vBbF7XyRmcuOZnzLmzafCDK06KOtbmLg==
x-cache
Miss from cloudfront
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 0DC6
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBE) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
768208
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 08:07:31 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BBE)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 0DC6
851 B
676 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=e364c21ac88e88d5ee3db387aa88ec82a10bcbc2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-response-time
104
date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sat, 29 Oct 2022 08:07:31 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f92be6e6cff7a81b
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
fed1b71e70d6e76b8028bf9d6e7713f2bae2d5f011b08cd8244bc17e575ed9a9
content-length
355
optimize.js
www.google-analytics.com/gtm/
114 KB
44 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-59VRJBF
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06d5e900c5685575b0e48fcafe8796d9bd867da00b908577056cd2b4861193d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45159
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 08:07:31 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 06:36:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5437
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 08:36:54 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159495/4556/
319 KB
97 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:39:04 GMT
server
Apache
etag
"10a1a71-4fddc-5cf4f03122543"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=93711
accept-ranges
bytes
content-length
99148
expires
Sun, 30 Oct 2022 10:09:22 GMT
js
www.googletagmanager.com/gtag/
214 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6ce4760ee91e00f1abf903178f6b224c36384ff941e7071fb114b4883d30630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 08:07:31 GMT
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=ntt.inews.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntt.inews.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
135 KB
28 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3830572277654302&correlator=992695453785536&eid=31069103&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fifs&iu_parts=7108725%2CHome-TopLeaderboard%2CDesktop-Home-Billboard%2CDesktop-Home-Rectangle1%2CDesktop-Home-BottomBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x90%2C300x250%2C970x90&ifi=1&adks=3239413752%2C3215994126%2C4046664198%2C1852379673&sfv=1-0-38&prev_scp=Room%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional&sc=1&cookie_enabled=1&abxe=1&dt=1667030851685&lmt=1667030851&dlt=1667030851169&idt=486&adxs=591%2C436%2C1084%2C315&adys=65%2C242%2C374%2C1062&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&frm=20&vis=1&psz=757x5%7C1106x132%7C254x18%7C970x-1&msz=728x5%7C728x90%7C250x0%7C970x-1&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0&ga_vid=1056399923.1667030852&ga_sid=1667030852&ga_hid=1353557204&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1da9e1e28bad9f2fad31f35e469fd526f703fea04594baea1cdac45ee1ba82b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28919
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntt.inews.id
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA35
6 KB
4 KB
Document
General
Full URL
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:31 GMT
expires
Sun, 29 Oct 2023 08:07:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1353557204&t=pageview&_s=1&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&ul=en-us&de=UTF-8&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChACEABRAAAACAEK~&jid=394762455&gjid=334438338&cid=1056399923.1667030852&tid=UA-109056487-1&_gid=1725991004.1667030852&_r=1&gtm=2wgaq05W2Q4KP&cd1=null&cd2=null&cd3=0&cd4=Non%20AMP%20Page&cd5=GTM-5W2Q4KP&cd6=1667030851635.wg3qp57i&cd8=2022-10-29T08%3A07%3A31.635%2B00%3A00&cd9=null&cd10=null&cd11=null&cd12=null&cd13=null&cd14=null&cd15=null&cd16=null&cd17=null&cd25=gtm.js&cd7=1056399923.1667030852&z=1164350948
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1353557204&t=pageview&_s=1&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&ul=en-us&de=UTF-8&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACEABRAAAACAEK~&jid=1705950224&gjid=332494983&cid=1056399923.1667030852&tid=UA-109056487-4&_gid=1725991004.1667030852&_r=1&gtm=2wgaq05W2Q4KP&z=1411680986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
345 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-10CQL436CK&gtm=2oeaq0&_p=1353557204&cid=1056399923.1667030852&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667030851&sct=1&seg=0&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ntt.inews.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 29 Oct 2022 08:07:30 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
476481
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=6mRhRHxDaGlXREJmK1JlOEF0M3F6MzRDVS9NcGJmSFB0SmNHdFo2Vk1PYURMekNUNDVVWitXU2RnRCtycmlqMzA3WUM4NWxRVmRPTUZ3NkZhMUhmeVF2YXdmbFl2QzJrdkFVTGl6cExqYzh2Tzl1Y0d5OG44M0Q0QTZuWU...
351 B
645 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=6mRhRHxDaGlXREJmK1JlOEF0M3F6MzRDVS9NcGJmSFB0SmNHdFo2Vk1PYURMekNUNDVVWitXU2RnRCtycmlqMzA3WUM4NWxRVmRPTUZ3NkZhMUhmeVF2YXdmbFl2QzJrdkFVTGl6cExqYzh2Tzl1Y0d5OG44M0Q0QTZuWUFaMWxLY3l0QlNDcXlZL0hGVmNXdkpZN2JrcVl5NWtIcHduWEdSSld3SWoxT1BvTUhqYmsvaDQ3a09rNmFDUEt6ZmtCQkYvcmZSc1Q1VFBhalYyOERzVjRtMDA5amhCZmFiQVQzQ2RQUEl2Q3ptZGl5bHJnPXw&cppv=2
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e953ab8e286f44014b6ecd81336c603f999410ed6891baf8d499c6f17f01947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1058911
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=6mRhRHxDaGlXREJmK1JlOEF0M3F6MzRDVS9NcGJmSFB0SmNHdFo2Vk1PYURMekNUNDVVWitXU2RnRCtycmlqMzA3WUM4NWxRVmRPTUZ3NkZhMUhmeVF2YXdmbFl2QzJrdkFVTGl6cExqYzh2Tzl1Y0d5OG44M0Q0QTZuWUFaMWxLY3l0QlNDcXlZL0hGVmNXdkpZN2JrcVl5NWtIcHduWEdSSld3SWoxT1BvTUhqYmsvaDQ3a09rNmFDUEt6ZmtCQkYvcmZSc1Q1VFBhalYyOERzVjRtMDA5amhCZmFiQVQzQ2RQUEl2Q3ptZGl5bHJnPXw&cppv=2
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
489839
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/
4 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-1&cid=1056399923.1667030852&jid=394762455&gjid=334438338&_gid=1725991004.1667030852&_u=aChACEAARAAAACAEK~&z=1493152696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 08:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-4&cid=1056399923.1667030852&jid=1705950224&gjid=332494983&_gid=1725991004.1667030852&_u=aCjACEABRAAAACAEK~&z=1124314730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 08:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1056399923.1667030852&jid=394762455&_u=aChACEAARAAAACAEK~&z=902142973
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1056399923.1667030852&jid=394762455&_u=aChACEAARAAAACAEK~&z=902142973
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1056399923.1667030852&jid=1705950224&_u=aCjACEABRAAAACAEK~&z=977512661
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/
42 B
501 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1056399923.1667030852&jid=1705950224&_u=aCjACEABRAAAACAEK~&z=977512661
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2.js
cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/
62 KB
23 KB
Script
General
Full URL
https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Requested by
Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/inews.id/index.php?t=2998
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b-d.bitgravity.com
Software
v/6.5.0/6.5.14/vp0ams1-www / PHP/7.3.6
Resource Hash
657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-version
9
date
Mon, 03 Oct 2022 14:40:06 GMT
content-encoding
gzip
server
v/6.5.0/6.5.14/vp0ams1-www
age
2224657
x-tata-request-id
40ef9b4127f3fbd5b9d29827f0034d0a, 40ef9b4127f3fbd5b9d29827f0034d0a
x-powered-by
PHP/7.3.6
vary
Accept-Encoding
x-cache
HIT,vp0ams1
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22673
expires
Sun, 29 Oct 2023 08:07:32 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=6mRhRHxDaGlXREJmK1JlOEF0M3F6MzRDVS9NcGJmSFB0SmNHdFo2Vk1PYURMekNUNDVVWitXU2RnRCtycmlqMzA3WUM4NWxRVmRPTUZ3NkZhMUhmeVF2YXdmbFl2QzJrdkFVTGl6cExqYzh2Tzl1Y0d5OG44M0Q0QTZuWUFaMWxLY3l0QlNDcXlZL0hGVmNXdkpZN2JrcVl5NWtIcHduWEdSSld3SWoxT1BvTUhqYmsvaDQ3a09rNmFDUEt6ZmtCQkYvcmZSc1Q1VFBhalYyOERzVjRtMDA5amhCZmFiQVQzQ2RQUEl2Q3ptZGl5bHJnPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 29 Oct 2022 08:07:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
540077
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
live.jpg
img.inews.co.id/files/img/
41 KB
41 KB
Image
General
Full URL
https://img.inews.co.id/files/img/live.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:35 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
173991
x-amz-cf-pop
FRA6-C1
age
44757
x-cache
Hit from cloudfront
content-length
41749
server
nginx
etag
W/"PSA-aj-fewYzPc9mg"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357471
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1FRsgNTBqUmasOMSETHozZeloW74tIBxmZkHTJWauuUuKM9rRHQjYg==
expires
Mon, 25 Oct 2032 18:59:27 GMT
widgetrctiplus
sindikasi.okezone.com/widget/iframe/
171 B
443 B
XHR
General
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetrctiplus
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
9c292021acd59afe773a1e20511239c9f14fcaa44593113ead31e2534e6a1e3d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
server
Apache/2.4.9 (Unix)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
171
x-amz-cf-id
49KiDi2zzCP78OMISOY_LxbaxvreqGIxdCZnywDY9Ru9HUQfcPff7g==
widgetvisionplus
sindikasi.okezone.com/widget/iframe/
96 B
365 B
XHR
General
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetvisionplus
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
server
Apache/2.4.9 (Unix)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
96
x-amz-cf-id
tKRiyimlyMovRFJ04pJwObdaGn25KfgMEA34FvQ2HCoQ5IgE848aXw==
harryanto_aryodiguno_perindo_ist.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/19/
3 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/09/19/harryanto_aryodiguno_perindo_ist.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
3914
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-2s3pZjIaxZ"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357563
content-length
3516
x-amz-cf-id
dzRoeeN0Gfj_UYoY9jH-LuTS2mRugazrlA2bj4a--DK1EIkNdZdDBQ==
expires
Mon, 25 Oct 2032 19:01:00 GMT
yadi_hendriana_mpi.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/18/
3 KB
3 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/09/18/yadi_hendriana_mpi.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
3471
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-nZVaeBqKeq"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357669
content-length
3060
x-amz-cf-id
H1S4JYHrwxW5m3qQspTOirpce8Z6Y9AH9Rl1ljLqg4cmnt4iafKSCQ==
expires
Mon, 25 Oct 2032 19:02:46 GMT
agus_kristiyanto_dokpri.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/10/
8 KB
8 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/09/10/agus_kristiyanto_dokpri.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
8661
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-PDqmdSBvED"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357543
content-length
8228
x-amz-cf-id
UcStmgfJ2TBtQLF13ZR2TjzMLhSOc0namymn6Vh-iLUGAzAqfEKnPw==
expires
Mon, 25 Oct 2032 19:00:40 GMT
fontawesome-webfont.woff2
static.inews.co.id/fonts/
75 KB
76 KB
Font
General
Full URL
https://static.inews.co.id/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin
https://ntt.inews.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:48 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
44756
etag
"61778478-12d68"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
6iUYpL36pP8QdgiczFFk64TziomDGFwXBYH8Ywze-ZX3kttV-3OCcw==
open-sans.bold.ttf
static.inews.co.id/fonts/
219 KB
220 KB
Font
General
Full URL
https://static.inews.co.id/fonts/open-sans.bold.ttf
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Request headers

Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin
https://ntt.inews.id
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
last-modified
Tue, 26 Oct 2021 04:30:48 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
44756
etag
"61778478-36d50"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
224592
x-amz-cf-id
B72tx7Zq7Xq_TnegNNDhTNfuZN9bVr1x5Y2lGAdk0d5CBEHru2f8Jg==
create-geolocation
ntt.inews.id/
160 B
600 B
XHR
General
Full URL
https://ntt.inews.id/create-geolocation?geolocation=false&latitude=&longitude=&action=created
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:d800:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6eb601de98ce4c6b6b3c261c9ef690f5e7d0f1748e6604fed3122ae6efd51296

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
br
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache, private
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ySXmIoDqqQIL3BoVGIWGn04oMrT2K-PX_o5kZe6nyDPqwLPGKeLVHw==
IG.svg
static.inews.co.id/img/
3 KB
2 KB
Image
General
Full URL
https://static.inews.co.id/img/IG.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:21 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885730
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:21 GMT
server
nginx
etag
W/"632193ed-d09"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xdPebONBkOd6hfUv2IMyjZ9YOaJ78rddXGM1Iocm1d-Clc7e3MRoig==
expires
Thu, 31 Dec 2037 23:55:55 GMT
FB.svg
static.inews.co.id/img/
795 B
983 B
Image
General
Full URL
https://static.inews.co.id/img/FB.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:21 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885731
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:18 GMT
server
nginx
etag
W/"632193ea-31b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-YzftMKa135D-l4cRYNpk6AXltS6BvXX-8oUDsq7cteGpf7eAqBZCw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
TWITTER.svg
static.inews.co.id/img/
1 KB
1 KB
Image
General
Full URL
https://static.inews.co.id/img/TWITTER.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:22 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885730
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:18 GMT
server
nginx
etag
W/"632193ea-5ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ws2TtbiKF0vKIXTV2Y96OuAl_LggNUX1S2Cl_JKg1y-puseVlvk4lQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
YT.svg
static.inews.co.id/img/
1 KB
1 KB
Image
General
Full URL
https://static.inews.co.id/img/YT.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:22 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885730
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:21 GMT
server
nginx
etag
W/"632193ed-4be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4gtbqS0N7ON0v3GfOMIIbpkWOT6_1SP-qOfNv1IzPQ0WmaK46YabUQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
TIKTOK.svg
static.inews.co.id/img/
2 KB
1 KB
Image
General
Full URL
https://static.inews.co.id/img/TIKTOK.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:22 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885730
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:18 GMT
server
nginx
etag
W/"632193ea-787"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YSShZaPIro8hwkq0Y-Lh7gkgD-Bq7Jrl8KQNAxoAo0-yBtqO1r9cqg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mnc-portal-2.svg
static.inews.co.id/img/
11 KB
5 KB
Image
General
Full URL
https://static.inews.co.id/img/mnc-portal-2.svg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:22 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3885730
x-cache
Hit from cloudfront
last-modified
Wed, 14 Sep 2022 08:42:21 GMT
server
nginx
etag
W/"632193ed-2ddb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
a0rkl8mluytJlrcY7XWQyJVvcemiL9RTmGJn4BQUBVVqli9RIOkdmQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-sq-top.png
static.inews.co.id/img/
1 KB
2 KB
Image
General
Full URL
https://static.inews.co.id/img/footer-sq-top.png
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 15:12:19 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:07:42 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
4985713
etag
"6310cabe-54f"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1359
x-amz-cf-id
IOuAKcFqISW2VwOrvwZfxbfOjS_oWXtZCy4kzZIoIAAMJyHG9eyI7w==
expires
Thu, 08 Sep 2022 15:12:19 GMT
affhb.data.js.php
hbs.ph.affinity.com/v5/hvr_man_inews.id/
53 KB
18 KB
Script
General
Full URL
https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=2998
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-131.aus.us.siteprotect.com
Software
nginx / PHP/7.3.6
Resource Hash
cce982e6b94d79448f7cdd9922a3c7dcc8a2decb276fafbe3c299e08d2d25cd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 08:07:32 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.3.6
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/Javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Connection
close
Expires
Sun, 29 Oct 2023 08:07:32 GMT
vidicon_play_image.png
img.inews.co.id/files/inews_new/2019/01/09/
3 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/files/inews_new/2019/01/09/vidicon_play_image.png
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static.inews.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
5410
x-amz-cf-pop
FRA6-C1
age
44756
x-cache
Hit from cloudfront
content-length
3253
server
nginx
etag
W/"PSA-aj-SlCzXrTPH6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315357660
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
y_a6K5DxqqXCnfCK4Ri7dD4u7yvE_HY7K1-VRVAZclDCDMjmbmMZEA==
expires
Mon, 25 Oct 2032 19:02:37 GMT
imageload.png
img.inews.co.id/media/400/files/
4 KB
5 KB
Image
General
Full URL
https://img.inews.co.id/media/400/files/imageload.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"60c3deb8-229c"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
4318
x-amz-cf-id
BnSJ8tdJgg9PmYNyoT8JjFLe324RqWyHN8nVHh_oGJDfYjLJ0OU3JA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
imageload.png
img.inews.co.id/media/150/files/
512 B
879 B
Image
General
Full URL
https://img.inews.co.id/media/150/files/imageload.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e5ba3f57c4b22922d41bed7f247fbfcd228bb7a8fbc575a0872114a1807d54db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
1392
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-klL7SA0ER0"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315354442
content-length
512
x-amz-cf-id
DbBSt-UHzq4v-B9csVcLcMabqad-FvGZ55Ay_SrjcS2eGkHKPFodaQ==
expires
Mon, 25 Oct 2032 18:08:59 GMT
korban_tersambar_petir.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/
6 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/03/korban_tersambar_petir.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Thu, 03 Dec 2020 04:50:24 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc86e90-1210a"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
5991
x-amz-cf-id
19OL5VWOUNlaMpIMLmtMsPwUd0_Gk3YwQ3vReyt84eOStKjcxnRj9g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
tes_swab.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/
8 KB
9 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/03/tes_swab.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Thu, 03 Dec 2020 03:06:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc85650-1a958"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
8566
x-amz-cf-id
yzDDrHwgXlxKW8omJUabVqKJDTQ1jPCp78dXr3CQwEqmYBWj9p0Ptw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/02/
6 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/02/20.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 09:10:44 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc75a14-5afd"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
5996
x-amz-cf-id
VnZjHK0xgoc7riieS7-PFcByv1DN896tb5iicViFX0k5rqtoFyTs5w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lokasi_dapur_umum_pengungsian.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/02/
7 KB
7 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/02/lokasi_dapur_umum_pengungsian.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 06:33:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc73542-13841"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
6681
x-amz-cf-id
5MVks66k9lp8laazC8-KFQJis2SUH4bG7WtU1MTtdwRMoXfBCMNPQg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/01/
4 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/12/01/ili_lewotolok.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Nov 2020 17:20:33 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc529e1-b572"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
3839
x-amz-cf-id
he7QPG_sApDsp37qSBbyx8UE5xbMc-0GXuX8nKVSo5-wfrnIzyMGQA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/
8 KB
9 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 09:44:52 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc36d94-2f50f"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
8527
x-amz-cf-id
5zbSWn-MWUkUudxejerJ3DtRVPqT5umf83dXHAMptXB3XQk43AP5uw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/
7 KB
8 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/29/20.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 08:22:03 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc35a2b-5c56"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
7615
x-amz-cf-id
ZkGLxRE1Z12c_NayOCLLGbgjTb8cdQiI0NPKj2HhkCKQjPUnTHKx0Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
19.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/
6 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/29/19.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 08:00:35 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc35523-7d43"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
5700
x-amz-cf-id
MAoT7YbcHWdyrj2QCGg9hSQjb6pVUM702Zvo4ov2uqsPISe31_1GxQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
17.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/
4 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/29/17.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 07:41:39 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc350b3-3540"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
4004
x-amz-cf-id
iSPYvjpzGCyGOxMW25J5GJI0mBu5hUW0worO9TWgzbw7eUTJTSVr6Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gunung_ili_lewotolok_erupsi.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/
8 KB
8 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok_erupsi.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 04:28:47 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc3237f-13199"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
7736
x-amz-cf-id
rcVIHiq4NVLnd60oljeS2KCOtln0nlCcxRShx6rmqJUdprM5B4mPfQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/27/
4 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/27/gunung_ili_lewotolok.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Fri, 27 Nov 2020 00:55:01 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc04e65-f536"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
4199
x-amz-cf-id
esSNU9BIJbMSkEjFrVYC1J0TpfybCwTfOfSFY9txsmsZHxcaHOigaw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
aktivis_mahasiswa_di_kabupaten_sikka.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/26/
12 KB
12 KB
Image
General
Full URL
https://img.inews.co.id/media/250/files/inews_new/2020/11/26/aktivis_mahasiswa_di_kabupaten_sikka.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Thu, 26 Nov 2020 05:31:05 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fbf3d99-3220b"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
11814
x-amz-cf-id
5ZjgETwOPPiFKDtbvvntLGwbmSIN1l0Cfup7X2nPo1uplI5boV-Sgg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
6.JPG
img.inews.co.id/media/400/files/inews_new/2020/12/05/
16 KB
16 KB
Image
General
Full URL
https://img.inews.co.id/media/400/files/inews_new/2020/12/05/6.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sat, 05 Dec 2020 07:42:25 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fcb39e1-9930"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
15944
x-amz-cf-id
T1sZwasA5swLM1zeKtU3M5Uwf7GE2OhMObmYsPs-dM5Cq2Sa3a7gBg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
3.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/05/
3 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2020/12/05/3.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sat, 05 Dec 2020 05:55:47 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fcb20e3-4f7e"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
3405
x-amz-cf-id
sJRfs-80UzcXPdYajedUfn9IPGmumvczUxUSYbf05svfokKQXexaFg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/02/
3 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2020/12/02/20.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 02 Dec 2020 09:10:44 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc75a14-5afd"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
3348
x-amz-cf-id
ZkU8aNziaNd5jd9fDXQ2UH32A5NVOkBAn5yhSM5-INOf2NqkSzKo1Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
20.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/
4 KB
4 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2020/11/29/20.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 08:22:03 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc35a2b-5c56"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
3872
x-amz-cf-id
aabPm-Ttd-BCR5xN49EvEPtllLpq3cb5DIwnsKErZ6o2QxBmjP3YTA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
19.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/
3 KB
3 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2020/11/29/19.JPG
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Nov 2020 08:00:35 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5fc35523-7d43"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
2972
x-amz-cf-id
hWoLhAQxnEZ5NNUAkC95Lad_5Y6Ao2thHdwYvMmS2lc74YJqFQwESA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
covid_xbb.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/24/
7 KB
7 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/10/24/covid_xbb.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
399df4ffb74468b7e1771d90241c65fa17b40df94a37414a4c86ef1a189048a7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
7148
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-lKmi-b6psc"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357946
content-length
6721
x-amz-cf-id
JJzA8EI2reqVmLevJyiI9biOhA0YwY6g0r_ZJRhFyzkw2EJW_iCD7Q==
expires
Mon, 25 Oct 2032 19:07:23 GMT
nakes_lampung.jpg
img.inews.co.id/media/200/files/inews_new/2021/08/31/
5 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2021/08/31/nakes_lampung.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
97cae52e82c98d08065ab910fab3cca6312087b28166c64e4f4835047764bdd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
5778
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-pXl1kU8VCe"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315358464
content-length
5398
x-amz-cf-id
4cNxZskd0tvU-WuLWOjOiWiFKJ753276QF2KsJe8s81dAAavKzlFRA==
expires
Mon, 25 Oct 2032 19:16:01 GMT
27_marinir_covid__5_.jpg
img.inews.co.id/media/200/files/inews_new/2020/04/27/
6 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2020/04/27/27_marinir_covid__5_.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
64d315994da14bb2f433e0abf69714d6ec19be4a4a21e702d51c6586fb10fce3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Mon, 27 Apr 2020 10:31:39 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"5ea6b48b-14774"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
6100
x-amz-cf-id
6NGVU0YXbQRPUJNzm8wCpFonz1-xvme6e-xrK3nFmIBkrkfpklUsbg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
covid_19.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/13/
5 KB
5 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/10/13/covid_19.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d94a580a9519b03cb06fa57722ac3f0b81ac6326e3fbc64a2145dd85a0191eb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
5620
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-hOPeQBN2qY"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357928
content-length
5252
x-amz-cf-id
EpGYEozv-1yvxKqgF_bkYkOXqGQvS-GeHl4YJtVLWYmKQfXrJsx_gA==
expires
Mon, 25 Oct 2032 19:07:05 GMT
covid.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/09/
6 KB
6 KB
Image
General
Full URL
https://img.inews.co.id/media/200/files/inews_new/2022/10/09/covid.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7a9fccc53c5bbfb0423017d4e08833868354aa92e33b3f7c88f9b1e586de35c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
6160
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-3U_Ng3Bz8M"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315358964
content-length
5774
x-amz-cf-id
mYPT9kkr0qTj4YxEUm1dk9H8sWwt_iEnhlHooNvx9uNXfUicReS75Q==
expires
Mon, 25 Oct 2032 19:24:21 GMT
IMG_20221028_215446.jpg
img.inews.co.id/media/150/files/inews_new/2022/10/28/
4 KB
5 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2022/10/28/IMG_20221028_215446.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a1b5849b2b7261637d488dade2254dd3cd72460a42115f20a05ac2c2d91d6bd5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"635bed58-196d2"
vary
User-Agent
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, s-maxage=10
content-length
4471
x-amz-cf-id
-yiM4PPiKG_84NbP9TPP3AKJiirYGDqd_M22XRHYz0_4gqrxRH4JBA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
johanis_tanak_kpk__1_.jpg
img.inews.co.id/media/150/files/inews_new/2022/09/29/
4 KB
5 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2022/09/29/johanis_tanak_kpk__1_.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8eec4c634ff559c18a211db765d67d4a3a99f7423aea7ca2e2566bebc9f43b73

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
4657
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-AdBvkAy5QU"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315356561
content-length
4273
x-amz-cf-id
_uXkYD8YrbxOWNz9dpEHOU4P2gG46lRi1Py-X2g4RE1TBgQqzfJ2sA==
expires
Mon, 25 Oct 2032 18:44:18 GMT
kfc_dan_mcd.jpg
img.inews.co.id/media/150/files/inews_new/2022/10/28/
3 KB
3 KB
Image
General
Full URL
https://img.inews.co.id/media/150/files/inews_new/2022/10/28/kfc_dan_mcd.jpg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7a00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
12c3cd78874d03008bd2d81d65b41c683e18dca113e63e38cf690e97033f7087

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:36 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-original-content-length
3471
server
nginx
x-amz-cf-pop
FRA6-C1
age
44756
etag
W/"PSA-aj-2zMyX4CNmo"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315357476
content-length
3045
x-amz-cf-id
snW5n_ZbjCHc8hLGonxeexw1uHCGlwPT8v7t5y-9qT7j9tYTqZFyzA==
expires
Mon, 25 Oct 2032 18:59:33 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame F8CD
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame F8CD
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 14:34:38 GMT
age
408774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 14:34:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame F8CD
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame F8CD
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame F8CD
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
truncated
/ Frame F8CD
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0416e608f97f9b7f285fdd202934b097ce44f03f9dd1059d25d373d1c994defe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
container.html
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2904
6 KB
3 KB
Document
General
Full URL
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:31 GMT
expires
Sun, 29 Oct 2023 08:07:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 98AA
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 98AA
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 14:34:38 GMT
age
408774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 14:34:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 98AA
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 98AA
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 98AA
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
399490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
truncated
/ Frame 98AA
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9220ec8cd29c7b8335c3bcb2dbc06fa1507a6baaffe440efde003b1c093bfddd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
4008787501618200299
tpc.googlesyndication.com/simgad/ Frame F8CD
30 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4008787501618200299?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKP4S_Oy3AvEVCg3d2VCdAo1SEng
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
939ead4c334285d5c6145a2dee956e5c9ef0b802651cb3396d4aed07b5d41303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 05:09:11 GMT
x-content-type-options
nosniff
age
10701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30901
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:38:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Oct 2023 05:09:11 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CD
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:48:22 GMT
x-content-type-options
nosniff
server
cafe
age
58750
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Sat, 29 Oct 2022 15:48:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F8CD
344 B
402 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:10:05 GMT
x-content-type-options
nosniff
server
cafe
age
14247
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 30 Oct 2022 04:10:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F8CD
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFRF4Q99cY8naNYy99u8PqdeN6AaLwKfnbOawxv7XENzZHhABIKWTtB1gkYSghYwYoAGJpP-qKMgBAuACAKgDAcgDCKoE3QFP0Dhun6tiOA-1P-kMXLmXJkxYIA5H75hIklR8lLA4GyIeXQx0OrIAJfqlDJVtZ9heVnf8koWy3-Yhl2Of9tzUHysGouxRlH_xKjk9tLEvwvAPFUZZAExjbdwYqLiFvTZ3M95omgxCNlwujnWCBFcnb97kYjtq9wiRcgUj3AljQdTEHTBds4KFqObsCpfuDvLZoga_vtGwzhLMu9HRw-1gNSverisBxUvTJuqUXGs-8Bp3ZOheaGQ0KPVfgdliMr3iC_4FKK5FiaH2oPA23RBgb9fwMGSDZbz3HSqjk8AE1b3gl_QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4ncz4oDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5bQE0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTgzMDc1OTgyMDgwMTY2MTkYvZwU&sigh=YXm5ZdJduuI&uach_m=[UACH]
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

2875060370433697680
tpc.googlesyndication.com/simgad/ Frame 98AA
99 KB
99 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2875060370433697680?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnBfQ8PQSpiLm2S5pyESwOtY-PydA
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1769a8f2cbf5d3ba25c4ed2830ce5b2aa3781f2a6ed7e1ad55788f08bd2bb190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:44:25 GMT
x-content-type-options
nosniff
age
66187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101210
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 10:38:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 28 Oct 2023 13:44:25 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 98AA
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:48:22 GMT
x-content-type-options
nosniff
server
cafe
age
58750
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
expires
Sat, 29 Oct 2022 15:48:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 98AA
344 B
807 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:10:05 GMT
x-content-type-options
nosniff
server
cafe
age
14247
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 30 Oct 2022 04:10:05 GMT
l
www.google.com/ads/measurement/ Frame 98AA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7EPl5g6P_W6_z6Pzulrmic_7y3SJoibpJFendXQUeffvXhotxRKew_kBt9PvDjomkh_3yTBbClIX4mHxmBjY8oDKMbg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 98AA
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0nonQ99cY8vaNYy99u8PqdeN6Ab42buHbOPmj9W7ENzZHhABIKWTtB1gkYSghYwYoAGcr_uoAsgBAuACAKgDAcgDCKoE5QFP0F7jucCd2HaSLW5ti3qbsZNyBvwQQg5jr9YUJB29pLY7TUdMmWUl4H8VgjMVW10L_jysBGoXvjrPgOorHp58SbL8U3Tfe3UPzi3mJuQ135x-48SzpQ1JFxqQqBVmF1hTA8eYsyoX_5mHVXxEONGoOKkD9RJe8qRXLxySN_dvZ5qvkfAHFiXC3DGS1VLDeeZbpuxXw1jpRtEyhPrM1qggLQRHz_RytZrte4AOPIusGTk3GavmlFVl0sRPIPqHxt5YG9T6Zcmk3pm66YvlD4FuG-7OcjhyxhvZq94GAJ37o72BVY75wAS5h_DcmATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC_sArSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=C2g77vWbER4&uach_m=[UACH]
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

container.html
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7E17
6 KB
3 KB
Document
General
Full URL
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:31 GMT
expires
Sun, 29 Oct 2023 08:07:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2BF0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CifdTQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTeAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI6C__rNZna58M9GAJL4Yf_Ih5JiVpT5v2wQVOUFybg36tDjVhFkyOAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=zIzUaZzwnhQ&uach_m=[UACH]&cid=CAQSPwDq26N9dN1NNo1nZfHK4gEPciv5cShcuwBQIguzynaaIHRKi7OJ-iLj-Wq7lCzgxwBVbg0cmqtLi_EfWsq3PxgBIBM
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2BF0
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kuOtFPBB2AVanYNiAgIAAACsaFIRWScdY4bvUw0QQ99cY83SKjgQg7pIRLbYABIAAA&wp=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
142347
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame EF6A
52 KB
20 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ab12671bc53e258dfd70e2b9e9a9399435a2fb435ac4a563a9e82c4d0743bc62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:31 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gxG_PgCNm_D14Fe4gv8ODt_ZUfcACJZov39yp6hBVoUAe-iVCRF5ZYMDeZx7OMGH7dIMggdefxrC7s3vNKXRjytlI8zXns4EFlPjsVw0uugCmZWeX8kGxN8Fuv3dbq8PxO2eiopZnrAek8iIi3T9j9l_PMzDR2vLWUA06eyA6I6c4SeBXQsADTIwIokzzVqkCiVk6_qKHxoxiFDsT72QluItkikHaSZY5v8fteexf3vK9XAUrJS_O_rcCl2xcHEdzO-UJg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5426799
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2BF0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
72577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 2BF0
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
49512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
l
www.google.com/ads/measurement/ Frame 2BF0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhYzruyJXlPAmujTKi-w1OoYLjznhcNKyzZErVZgZp2GNqyVGlMULqDFGAXcjuDCeiDTj_yPC4VahUPOKszKuALml1Sg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2BF0
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 03:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 03:07:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BF0
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 08:07:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7E17
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_eQKQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1kgaZq7ue0_CqrlQn9kkbITRRtWkJ4JpBVWE7a6DV2Zqx4IsXFZyR-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgzMDc1OTgyMDgwMTY2MTkYvZwU&sigh=B0uvC1pNh-s&uach_m=[UACH]&cid=CAQSPwDq26N9dN1NNo1nZfHK4gEPciv5cShcuwBQIguzynaaIHRKi7OJ-iLj-Wq7lCzgxwBVbg0cmqtLi_EfWsq3PxgBIBM
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7E17
0
0
Fetch
General
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ksr2DvrMCcoHWp2DYgICAAAArGhSEVknHWOG71MNEEPfXGPJ3g-NBI8ra5uChQASAAA&wp=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
246507
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3B0E
165 KB
51 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8bd3e7aa12fabe17eaf829bac89e815ad15c5e2a730376ff4fe68d53a4bcb537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=V9F9YwCNm_D14Fe4TElrfiL1M0EzUdfWLwVG5yV53MuZGTP9gAbVy6T5lv7VxlC5eKT7fN50NWtsAZLBOCty7-AAVHPNd6NCXAcjm5jFJpsDD7jDicWD0_07-RD1iFGVYhf_Tme4gicFKOcXeNC1PcnjZbskKDHt3O8wmv8Sbr_7mvxP_IL9Jx3_o8B_W-o96clXOcnYFcTQM7SpANq3nlRM2IftlUAMy2KoVsK4xOJRFBBCzVw5tNjlUFni4jATnK_DWA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
91511971
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7E17
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
72577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7E17
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
49512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
l
www.google.com/ads/measurement/ Frame 7E17
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1jsr5BFvC-XHjYzoL8x4jV4vRi-JBRxYiXE9Y7bwbz_ut0gsG-qMgtC4x2C9VrJcQL-PgK0BqDZcAmLKFLtO8C9sH6g
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7E17
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 03:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 03:07:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E17
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
URL: https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 08:07:32 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame EF6A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame EF6A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EF6A
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 24 Oct 2023 08:07:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EF6A
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 24 Oct 2023 08:07:32 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame EF6A
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=i3G9A2H6WEaEzlApExi3_Ms0q0s0LBNMS0IzkpqvQCiYkylc8fj88BH8sKY3SsOuHf5zSQNDbn4Wej0bBOMqV8bRIsOD17AKsx9OtqSl8GGta5SXzg9rQyVSXrxpzSFw4Oov_NVtrMduZk94mW7W8CQ40zkTpPkmgKLiT3zRoCeSXBymdWypNLE4u-nFn2nu7lYexu3hRv0I5pgwGrMEkXAbQLrAQxyUH6aml5RXBEtjezYXmugwV6g5E9tRTIpIy2UdTKNfkArVxBls2sd4PDQKuia7_1eKR5Ct4VvPGOIRZ9NCrj50e269G7kuP4tHZFjvvuqzW7muy6iBMft9UzcYKBDgvaS1HtS1i3fmAX5WIKQ_u9e7Cw_BFhB2ZDu9boBWj0sHaXJrAHx8Fv697htL2bhCQ-XDQSfcCU79TGcpdbTb
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1585986
expires
Mon, 26 Jul 1997 05:00:00 GMT
b4881a07fa9a4555bf42225e00ef4b64_image_ad_728x90.png
static.criteo.net/design/dt/2413/221014/ Frame EF6A
31 KB
31 KB
Image
General
Full URL
https://static.criteo.net/design/dt/2413/221014/b4881a07fa9a4555bf42225e00ef4b64_image_ad_728x90.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6d1c29dc9d38f999ae4c2cda3884effa8e17b0bb80054fb30cdc1e50908671f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Oct 2022 12:13:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63495250-7a85"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
31365
expires
Tue, 24 Oct 2023 08:07:32 GMT
truncated
/ Frame 2BF0
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
652c8f0343aec1affba448ff7bf69ad1de65a37b6013066f58575d766ba91edb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7E17
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9203f46cc5c2225bf217c554db122d14db6a1a33509b77fce9d95cfda2ae686b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame EF6A
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gxG_PgCNm_D14Fe4gv8ODt_ZUfcACJZov39yp6hBVoUAe-iVCRF5ZYMDeZx7OMGH7dIMggdefxrC7s3vNKXRjytlI8zXns4EFlPjsVw0uugCmZWeX8kGxN8Fuv3dbq8PxO2eiopZnrAek8iIi3T9j9l_PMzDR2vLWUA06eyA6I6c4SeBXQsADTIwIokzzVqkCiVk6_qKHxoxiFDsT72QluItkikHaSZY5v8fteexf3vK9XAUrJS_O_rcCl2xcHEdzO-UJg&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame EF6A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F8CD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 98AA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

date
Sat, 29 Oct 2022 08:07:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3B0E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 3B0E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3B0E
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 24 Oct 2023 08:07:32 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3B0E
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 24 Oct 2023 08:07:32 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3B0E
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ANCFLlrCfbje8BygJf0suVSkT4GfVUIfSMX-lOcGYuw2yuORukiK1CsFtXoZBMlPBYm9YFI1H2RWuqquNc9hi8GTrgC11OqLr6cRfL_5lqdW-HYBD8xnoUG5cq4kbt3edFyoI9LbPi5rObsrYCPB_8GJzJEoo5VdbHxP6QU6Djnd0F3ZfYSo6cwLCBMr5JKiHdFoMhbXH_YW71sAkKqqMoYAGncyrIsYZin4x0wk_73ihJJ9nI-UGvvKlj15qw2VFP6JFG_6aVAe7xjMj5eGD4afzESiQ2SMxYF1ZDHI3wZDxLTCQnXZ3S5-FmnZXJrq3beB5rq7LPqvEp829HpsXq03WbJgrGvrgqAWfJM-xN0TnXg8VQNqtzh5-mu00jVUw8B5YLT0zk_-XZX-Jvso5ByggKmqT-YYLc7KkSTWllOJUF87
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3119533
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3B0E
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
37107
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbpQkxsxWUoulBAH8ysgOhn5YRm7QLnvUW%2FjlDEgzetBoXAGE0MiNfuaqK6jke9BusmId%2BoSoa1asQtNTL1gregQgT9PtHjkOvFCoxaGTUGg5ofh%2FEZNOgh%2BYmHBeqF1o%2Fq5gI2%2FDhAPVl2EJ7v6VVJF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
761a6b0eaadc0bb4-AMS
expires
Thu, 19 Oct 2023 08:07:32 GMT
animejs.js
static.criteo.net/animejs/ Frame 3B0E
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
8 KB
8 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F210216%2Fdd3a924a66b4466696587ee88716c34b_logo_n_horizontal_2.png&v=3&w=256&s=U-ExOxmXB-bnfq_00bOl4HN2
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e85839289d5f6329c7233cd33a93ee054935bcdff7285e739b49b392decabd02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28579718
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8311
expires
Mon, 25 Sep 2023 02:56:11 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
13 KB
14 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F5WVCzyPTobV0xSRrHQaSVT%2Fcd22412bb48078bb2ca1cb1f599990fd%2Fkranten.png&v=3&w=400&s=XgQSMioL86vbN3J8LZom7oAB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
be23725c0bc44744f3cb4cb0dd193e5d02b8953e1e141c0fb3b20ceb05f237cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28938172
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13572
expires
Fri, 29 Sep 2023 06:30:25 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
12 KB
13 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F7rnMxv817yhOcloEx5F9iv%2F41a62640fe6a528f55ba1affaa4204a7%2F48-80_10degrees.jpg&v=3&w=400&s=mrPkk45pgn1SiuZ80gFJPyH4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
aab98033c7e75895e1e2ac649cf03b5f5d4d81489e0269116024ff1726c3a262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29552598
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12642
expires
Fri, 06 Oct 2023 09:10:51 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
8 KB
8 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F76KWB9ubVDCBlDivuf8CNv%2Ffde0793c3f08a28fe384cd49b226367a%2F4_5x2-promofestival.png&v=3&w=400&s=nyPLrFysqqLsiGWwwSkdVLPQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
92e1aeeead621f3c3d80c6dbfc82a163aa5f5ff01d9f1453592d955c9bcf292d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29279245
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8346
expires
Tue, 03 Oct 2023 05:14:58 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
7 KB
7 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F6bjSyiLcJPkRf6B52KmyZU%2Fc3354c1b82733af651447e9474faf309%2FPlaid-featured.jpg&v=3&w=400&s=osNZO1JPdfkvBKWDwwbxswFx&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
67f7aefd6a29b8d3db7fa4ec0999b3919a88252b738dffac9d403365ae56fd86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31099831
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7244
expires
Tue, 24 Oct 2023 06:58:04 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
14 KB
15 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2FfsAaRFyQexNwBm0gHCdoU%2F3da04821fdd3df0f105754d1aa607fa2%2FStickers-op-rol-featured_algemeen.jpg&v=3&w=400&s=MBzISrPfScZc9nyt9_CPS5i7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
b456dfad452a3a867c7164de88cde35b22eca71b1f412f3c1c3ec31bbc6227e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30063274
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14746
expires
Thu, 12 Oct 2023 07:02:06 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
13 KB
13 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F71NyjHpGsJGfLOfbpcNnB0%2F50b4657096a726a5bca005449743ebc0%2FScarf-Stretch-Fleece-featured.jpg&v=3&w=400&s=K9sXVYFHMI0D7xsSUE47P8Ul&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
22b93ff5cd82f9672dbdf4807e811abb9dbfca3e67346d9d2bd3b088ff5c4cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29717719
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13426
expires
Sun, 08 Oct 2023 07:02:52 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
5 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F5G80SpdnfLvHyq6qrcFqwa%2Fde9a3b28a3026d1a152c5ce461658bdf%2FLuifel.png&v=3&w=400&s=b0w7U2Wl-Ii2mWTVBKe0LUGW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
653495662f9dba415d1f5263554c2fe752b0c1bb427271ce7ea77c0eb631746c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29264699
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4906
expires
Tue, 03 Oct 2023 01:12:32 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
23 KB
24 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F0EENrJglSGiLS9I3lqcOq%2F4f76439f14ae4bcfa47bab92822ba1d3%2Finlegvel-swingboard.jpg&v=3&w=400&s=FgWZ9SX1MJq3YDbiWjMYdwh7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
575110d3e1cf42a596deb7175d71b07a8d951461dfd279df8f2dc3b07d61afcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28770550
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23996
expires
Wed, 27 Sep 2023 07:56:43 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
43 KB
43 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=80316&q=80&r=0&u=https%3A%2F%2Fimages.ctfassets.net%2F46m72ccr1qqx%2F6G5YUnvUqW2WiASS64qgGy%2F2f128e57da8682226b4d43f5e87ca6b3%2Fpresentatie-accessoires.png&v=3&w=400&s=oFwuN5eBcLQvl1S8RLPy8ISz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ec10fe85b10a44f96483c146e2d6a86d3a76092197ead00c969f2b28f5e4ca91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29372390
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44187
expires
Wed, 04 Oct 2023 07:07:23 GMT
img
pix.eu.criteo.net/img/ Frame 3B0E
105 KB
105 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=80316&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F80316%2F220330%2Ff8504c0ad5184ec88301d97172527f70_img_horizontal_1.png&v=3&w=1200&s=IwiHv2j2nd3gwZtsbYS1moc7
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28763277
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
107222
expires
Wed, 27 Sep 2023 05:55:30 GMT
all
csm.eu.criteo.net/ Frame 3B0E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=V9F9YwCNm_D14Fe4TElrfiL1M0EzUdfWLwVG5yV53MuZGTP9gAbVy6T5lv7VxlC5eKT7fN50NWtsAZLBOCty7-AAVHPNd6NCXAcjm5jFJpsDD7jDicWD0_07-RD1iFGVYhf_Tme4gicFKOcXeNC1PcnjZbskKDHt3O8wmv8Sbr_7mvxP_IL9Jx3_o8B_W-o96clXOcnYFcTQM7SpANq3nlRM2IftlUAMy2KoVsK4xOJRFBBCzVw5tNjlUFni4jATnK_DWA&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 08:07:32 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame 3B0E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Oct 2023 08:07:32 GMT
prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/
315 KB
99 KB
Script
General
Full URL
https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Requested by
Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=2998
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b-d.bitgravity.com
Software
v/6.5.0/6.5.14/vp0ams1-www /
Resource Hash
8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-version
9
date
Mon, 03 Oct 2022 14:30:44 GMT
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 10:07:43 GMT
server
v/6.5.0/6.5.14/vp0ams1-www
age
2224655
x-tata-request-id
7c486b3a27cd20de5ca1fa1947c8b83e, 7c486b3a27cd20de5ca1fa1947c8b83e
vary
Accept-Encoding
x-cache
HIT,vp0ams1
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
100556
expires
Sun, 29 Oct 2023 08:07:32 GMT
css
fonts.googleapis.com/ Frame 3B0E
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2540509a5d6cbd7c0a12c0924e157f3df2b01e2e7011b0bb061b2f10600e8698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 08:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:09:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Oct 2022 08:07:33 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221029
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e667c6605e929d7ea78be2628f5bab68b49068479bfb0c60660be3a7b3d3dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 08:07:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18387
x-jsd-version
1.0.1506
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4552-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"664-Pvt1QvLtt88LPBfvGhSf5O3mvrk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrdzQ8BulXbdstlxTYKn4GOMP0BJW6m2BogiFb1D9drb6ptLW40elMgL9l1owf368k8btw5dFBIJeAX4IS%2B2Vm13NG7V7glau6wdCFhQ2Fvx0zTjO2eTOQ9tYGJGXay2wjresUdbwpvIeIN70K4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
761a6b101e7cb7d0-AMS
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 3B0E
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 17:47:57 GMT
x-content-type-options
nosniff
age
397176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 17:47:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2c4426138b2e8146506072742da93df24ef9b21913076906becd1db50108fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11191
x-xss-protection
0
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 3B0E
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 16:22:46 GMT
x-content-type-options
nosniff
age
402287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 16:22:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 08:07:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C23F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
42499
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9FFC
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11c9a5799ba21879c76a3864f8365937cf3c2ec8cc0223cc595e8b444f9ed13a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_GvKxOWXXtaC1eXQ5QV_MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_GvKxOWXXtaC1eXQ5QV_MQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:33 GMT
expires
Sat, 29 Oct 2022 08:07:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
pagead2.googlesyndication.com/bg/ Frame C23F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16118
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:17:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9FFC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=3830572277654302&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

all
csm.eu.criteo.net/ Frame EF6A
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gxG_PgCNm_D14Fe4gv8ODt_ZUfcACJZov39yp6hBVoUAe-iVCRF5ZYMDeZx7OMGH7dIMggdefxrC7s3vNKXRjytlI8zXns4EFlPjsVw0uugCmZWeX8kGxN8Fuv3dbq8PxO2eiopZnrAek8iIi3T9j9l_PMzDR2vLWUA06eyA6I6c4SeBXQsADTIwIokzzVqkCiVk6_qKHxoxiFDsT72QluItkikHaSZY5v8fteexf3vK9XAUrJS_O_rcCl2xcHEdzO-UJg&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 08:07:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame C23F
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?qNXLXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
628.json
id5-sync.com/g/v2/
216 B
622 B
XHR
General
Full URL
https://id5-sync.com/g/v2/628.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
1238832e1e82c1913c7d8303664ddb5f37d78b30e2b657b88ca41334261a39b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntt.inews.id
date
Sat, 29 Oct 2022 08:07:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

id
id.crwdcntrl.net/
63 B
336 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.121.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-121-57.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
22068e7c540f855f8f3bdd278a567a9f5d5bafd745e80af54e76343639a64473

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ntt.inews.id
cache-control
no-cache
x-server
10.45.24.222
access-control-allow-credentials
true
content-length
63
expires
0
rid
match.adsrvr.org/track/
63 B
388 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f23a95a9884d41519be01fd8896bbd3393a4ab605a159d517af10d56520d9de1

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 08:07:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ntt.inews.id
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 28 Nov 2022 08:07:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2BF0
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnIG_g4Tr0rVrgPECRkS9Tf47XxkhY3UK71T8N9-kiu5BsOUhiWjAFCJVFZQTXWc2k-Lg0S09FkDpo2KTf_C3cfFQ&sig=Cg0ArKJSzG_K-wiO5dvPEAE&id=lidar2&mcvt=1000&p=242,436,332,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3215994126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667030852548&rpt=372&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8CD
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOKgA1AAQHcvwDof3Mt-_XbPC_pAmUIytthw5KPFAz0celsFOdhyxZUGPbF_8Yb_FdfR6T4FRblfSm3RQ-mnemwc07TgP7tgMc6zxVcAwuZypj_yk1q6f1xGZGXfx1Aj8ZJ9cwDWQ&sai=AMfl-YSXFYhjdrGTx73WEk41HF6PYJjuCusjscIla9xJPmILh0TMDIlI26t0WZR9nrur3jA70vflycLhRv8NTiC7iG592uMsaJLYVsG1lTLPqdHsPpfEiJHmG3xNw2emAyY79kM&sig=Cg0ArKJSzIchFTajcHDxEAE&id=ampim&o=591,65&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=510&tls=1513&g=100&h=100&tt=1513&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7E17
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUP5qfP-Km-C151fl07X1f3Zs8W5uFpN1qdCWrB1akQksUtzezTMpRsnYh6bMzySbrq2nXam3yRgRyQtuLgLXuBpA&sig=Cg0ArKJSzOHjjs86n_zDEAE&id=lidar2&mcvt=1000&p=1083,315,1173,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1852379673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667030852458&rpt=486&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 98AA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv0P7VrlErhCU4w2gdmMULCwrRSzyKKZ6oHWszfJnlBrcmzWTv_cOlH2u3ko_xbX4Sfd1gcuDOcdINMKfZkAmywdJ08-G5vhl6huEPIh70sm_HbPckg3OpLCHzRBqCn7pqZjhvUpw2Ems5duo1QKnB5-tIN6rqYON9CQ&sai=AMfl-YSjrt2QO_7TAcwK1UJootsUs1s7uuMOAoAIrDw3rJJg2paxdLN8AnaiuqZ0b5K7FUvqDn8E-QbiPp26j1pB3y_BC0HXwc5J7ubsRWw2jgIJfe7jRtu--QXZQGYv2uBl4lQ&sig=Cg0ArKJSzHjTUfp2296kEAE&id=ampim&o=1084,374&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=552&tls=1552&g=100&h=100&tt=1552&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ntt.inews.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 3B0E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=V9F9YwCNm_D14Fe4TElrfiL1M0EzUdfWLwVG5yV53MuZGTP9gAbVy6T5lv7VxlC5eKT7fN50NWtsAZLBOCty7-AAVHPNd6NCXAcjm5jFJpsDD7jDicWD0_07-RD1iFGVYhf_Tme4gicFKOcXeNC1PcnjZbskKDHt3O8wmv8Sbr_7mvxP_IL9Jx3_o8B_W-o96clXOcnYFcTQM7SpANq3nlRM2IftlUAMy2KoVsK4xOJRFBBCzVw5tNjlUFni4jATnK_DWA&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUwH_Z6MAANrqWILm6JMg_9NU8gOsg&u=%7Cwm6%2Fypeq%2BL7bu%2FE0RX68h1rdukcVKOTe30O2%2BcM9Vz8%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTtTvagHBkv2RzSuoD2WZmjkjnteRogl7inaGFM-__0Sl8UKQle-0huCEnkoOX1RkQ3DaJ65tXQ8xFKQHUPp9tzIgIw3EvUvhAn3A7kznghZ5rwqh4g0xJM5SrOXVwRlUguV-RlkjukKkHWEr9y6AgRRzebQs3IL_TuZNmyr5EZq-wfNUoyD7tEw9puSyNbIUi_nDM7OsuPfQqc5LHv64Fd9i4Cu0vF1itM5w48bwS7DEEzkVTsUlyAWwPTAwCtkznYPC7EpOwpLm0QOQpkguFtdIX-4nqtiVpEnIBBsq4EikCSMJKrWhuzd4A50SVR-VvZIPV0gWRYASRGKbM-lYnU-Tj-tM2HDqXdoUE_dcaJuO7UR4iI808W9reEsuy3fIlwtUtZfooPhtyZu_cOhfy_rugmjj1v0rZC6BIKXzwOlmVLYCqom_UG4yaylxd9ZPWAp-s6wzj75-PDvLb859v_CzPcF4Z3NftBVAMng94osDI2tdTxMfjivkkD1EtgUkc_QumT62cC_5PGbs5paFl-OivE7NnMzWcMg7G-Ey-_4uAcCyUoUyC9g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3PDnQ99cY8zaNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgTkAU_QrGCy_zU3SwyZwW8f7seTjQhQPCEeC-ln35k4UUwsXBPFhavwg0TaOj84Iv9yOjp-u4sSD3GBrBpy9ZN7yluHEnkczcSlpNkKrDB3aU9UEAe3ZqMERKMd91nS5mMCbCBUqMQqnJyxl8FWfYEyTChv_xDri-I5KaGVmfa17rvHaRZxS93ybR9l-8rOG3aSX_KTffx1BUrt3OSjPtRjFugJz7s41mvWtN_JTK9uSMH6JSY-x8xVt5vz1khYZI98_MBeuQbMi3r0USIpT8GukYhHHdcwJZMlpdl065qp9tJh-DToo-AEAYAGg7Oa0bezy6bkAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2tY6C-SeTYNS3gwegO1lWR8TDfig%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 08:07:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=3830572277654302&bg=!d3SldDDNAAZPh4lnb4c7ACkAdvg8Wp9oLH7PnIbZ7133hd57MDSLamYJK9QT09VqltC6iv-lzNNsYQIAAABHUgAAAAJoAQeZAp1DDgubJRFNrRdNAh1U0koW66oNURR3pxsQIbTEK-C8p8D6BGaKuHU9_nckdUYyDLAu5NffPDHd1bWfmWOFultvZTMiydk2qOOcaciWOKOVg3dBM_gsapTPaWzXzyvjwV1Ex7D4bDGZA2F_x_mTCgkmljn8Szb31e-KRk3tLSZhex74dz2LQnkO6TaNDWrk7GTx7lpBNdKRO43RZBt6mxNtgQpVppkdwcdXtyW7mU0HERm-w2WjTSRw81vP8dFEVluOW2MRpvwNWiXflFfyc5RbAe8Q-f4QqZAVgQxPkIVbr0YaHNeH94ese1X8kNTDZJDX78cKS1ZjnlBXfr33wmxaViNmcuDJ3WtZnjrqr4CUIS_eQOM0h45RSkzq7JSYRwbrgEHC8XxD6btT749r09JY9g3IVM3Hh7MOuUOgmm1JdFXDuDDEFr0qYbZpBM5pEa6qkK0RK5CFLndEBVhTRyfoAP0xC98-7h63uYs4B_EyJ3jSbna01P6XMm3yaVq_KLMkayDiZRuLhw_Id-u7Pec9Mr5Eqw_6Bh6AIn3rNXatLdQ4EWGb9FJXRodziOl_xSt5L_rXO_nLAW2LX3tRnqMXUi691LprYRVpXV9e73x6fpUJTicoGaI7pM2P6IvnXSGRe5KkrYxUIzvpmoWT2r_KlH_UAcf0NYmISF4jdXgi8dakfaHyLx0cz7InXRiZS-yIsbX7-EsBEHM0DZ7dabBUbaluDLj8ubz7cvc2eHWByBqJzQgtw0U-8L0liyOF0FJ8_ycwLtNY8RhcMZ12P0HQ5B2WU1ZJc1OF02LohzkbnVTd2QPKjAwPRVNWfVQdstCAtwzoX2DiV13LNru8Y2LlB3qgJFykf1-4gYjHn1XxShNxzEXTBhREH9ro5v4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

vertikal
sindikasi.okezone.com/widget/portal/inews/ Frame 4B63
10 KB
10 KB
Document
General
Full URL
https://sindikasi.okezone.com/widget/portal/inews/vertikal
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.9 (Unix) /
Resource Hash
871928124c98ed7bd63e9a5a1d80c530343b3478bd92372d2a3320351ca44bc9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 08:07:35 GMT
server
Apache/2.4.9 (Unix)
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-id
aDIqwKwZL-wZiSHTMjKJngEd5tz0MkKdE6niFUwvp17Gwe161GJPYA==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan
www.rctiplus.com/life/3068169/ Frame F6B9
13 KB
5 KB
Document
General
Full URL
https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.232 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / Dark Phoenix
Resource Hash
4baceec8a9dce4ad13b5dbaf2963ddf2f466e8bf8ce436e60b9515e97b3efc73

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1667030856
Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 08:07:36 GMT
EagleId
4f85b19d16670308556734652e
Server
Tengine
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
Via
cache23.l2de2[428,428,200-0,M], cache10.l2de2[429,0], cache2.de3[430,430,200-0,M], cache9.de3[431,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Powered-By
Dark Phoenix
X-Robots-Tag
noindex
X-Swift-CacheTime
0
X-Swift-SaveTime
Sat, 29 Oct 2022 08:07:36 GMT
styles.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/ Frame 4B63
36 KB
2 KB
Stylesheet
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
37497
x-amz-cf-pop
FRA56-C1
age
44757
x-cache
Hit from cloudfront
content-length
1761
server
nginx/1.20.1
etag
W/"PSA-aj-8uD94D-oYB"
vary
Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=158987
x-amz-cf-id
2MVHL2-TGMpDLk7Wl1pIcluKbiWpKPfGjAb4vbV2Vn69rgyr2C7ihg==
expires
Sun, 30 Oct 2022 15:51:27 GMT
all.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/ Frame 4B63
58 KB
13 KB
Stylesheet
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/all.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
73625
x-amz-cf-pop
FRA56-C1
age
44757
x-cache
Hit from cloudfront
content-length
12604
server
nginx/1.20.1
etag
W/"PSA-aj-3fi2KfM5qy"
vary
Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2494335
x-amz-cf-id
88bnHeL_dkVQGKjqB6LumpDeQ24KDE0H6ELQsAGOKyuk-6bDu6Ug6w==
expires
Sat, 26 Nov 2022 16:33:55 GMT
demokrat-intens-komunikasikan-koalisi-dengan-nasdempks-di-pilpres-2024-kvj.jpg
pict.sindonews.net/dyn/620/pena/news/2022/10/29/12/926409/ Frame 4B63
31 KB
31 KB
Image
General
Full URL
https://pict.sindonews.net/dyn/620/pena/news/2022/10/29/12/926409/demokrat-intens-komunikasikan-koalisi-dengan-nasdempks-di-pilpres-2024-kvj.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6a00:1f:4c6b:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1115cc530a4d36e5c02657ad36265099d2c5bcbb0e700ee98dba99ca1f5b11bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Oct 2022 08:02:57 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Sat, 29 Oct 2022 08:01:13 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
279
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
content-length
31813
x-amz-cf-id
eL1nOfikkskZqcrsFViicExFhKefn0AqPuDphNthrXPIju6Z0o4xKg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sindonews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
4 KB
4 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sindonews.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
4018
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-scGGmu-WOv"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2494335
accept-ranges
bytes
content-length
4016
x-amz-cf-id
_LRaOed3dbuiJdnz9ajY5z_va8drQEqXH2hWKUPgqRoYyma4-joznQ==
expires
Sat, 26 Nov 2022 16:33:55 GMT
jurgen-klopp-percaya-diri-the-reds-bangkit-di-laga-liverpool-vs-leeds-united-LfAgmdp619.JPG
img.okezone.com/dynamic/content/2022/10/29/45/2696978/ Frame 4B63
8 KB
8 KB
Image
General
Full URL
https://img.okezone.com/dynamic/content/2022/10/29/45/2696978/jurgen-klopp-percaya-diri-the-reds-bangkit-di-laga-liverpool-vs-leeds-united-LfAgmdp619.JPG?w=300
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2e00:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c75c249a997462c66a5e289ff7f7d3cd3ffc27cd34de12197bfab60b9c66ffdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-length
7749
x-xss-protection
1; mode=block
last-modified
Sat, 29 Oct 2022 08:06:06 GMT
server
nginx/1.20.1
etag
W/"635cdeee-21cd4"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
link
<http://img.okezone.com/dynamic/content/2022/10/29/45/2696978/jurgen-klopp-percaya-diri-the-reds-bangkit-di-laga-liverpool-vs-leeds-united-LfAgmdp619.JPG?w=300>; rel="canonical"
x-amz-cf-id
TPZcpTh93eorZ_3PHtN8yA1NRmBByRaS4Qr0bmBUI9X_TutJlcR2Gw==
expires
Sun, 29 Oct 2023 08:07:36 GMT
okezone.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
3 KB
3 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/okezone.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
2761
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-tyMZq5pz7-"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2494356
accept-ranges
bytes
content-length
2748
x-amz-cf-id
cPuYqx-Ey8god5gy9SgOH_0oSi7khERPurL0ge7rarqaFfKUHK_Z3w==
expires
Sat, 26 Nov 2022 16:34:16 GMT
1667028625859988404-635cd6bb2aea69dd2695d156.png
i.buddyku.id/ugc/2022/10/29/1667028625859988404/ Frame 4B63
407 KB
408 KB
Image
General
Full URL
https://i.buddyku.id/ugc/2022/10/29/1667028625859988404/1667028625859988404-635cd6bb2aea69dd2695d156.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4000:1c:7874:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0d59699774f36ddc8514f1e7bd9695a3f6eb00cc1f2d85caef41f0b2437073e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 07:36:58 GMT
via
1.1 daa2f44af77ac5ed09ff4b0024dfcd5c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Oct 2022 07:31:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1838
etag
"90fc1b4e1f51f9f3409af7ff7fdc9a11"
x-cache
Hit from cloudfront
content-type
.png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
416720
x-amz-cf-id
PNvYVezMkJKuTggRIKKVmjI37Q8kZo3bQo7xaL_rBPw_VoizHscM7g==
buddyku.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
3 KB
3 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/buddyku.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
5483
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-IcrYddWUxz"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1587743
accept-ranges
bytes
content-length
2693
x-amz-cf-id
T8fTPIKSAwUsLmAYHJk70Pj5jP8MvtcnTp92cd2KSSTkgKe8zqJrrQ==
expires
Wed, 16 Nov 2022 04:44:03 GMT
master_83t7cPl09Q_487_shopee_video.jpg
img.celebrities.id/okz/800/14Feg8/ Frame 4B63
30 KB
30 KB
Image
General
Full URL
https://img.celebrities.id/okz/800/14Feg8/master_83t7cPl09Q_487_shopee_video.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb2956784c4ece3469a3630fb534ff0da3d99b5fa9e737026f68b27cf04dccd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-original-content-length
48381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30540
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"PSA-aj-98RSPhtkgZ"
x-frame-options
SAMEORIGIN
vary
User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=315359598
accept-ranges
bytes
cf-ray
761a6b21de0fb76d-AMS
link
<http://img.celebrities.id/okz/800/14Feg8/master_83t7cPl09Q_487_shopee_video.jpg>; rel="canonical"
expires
Tue, 26 Oct 2032 08:00:54 GMT
celebrities.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
2 KB
2 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/celebrities.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
1745
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-YBT1KxLyB6"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=158990
accept-ranges
bytes
content-length
1732
x-amz-cf-id
iL7C4e8cG_-XIry-sZ74zoXBNJ1tbeL7cLS2kyaKMblEbwPcVG9wDg==
expires
Sun, 30 Oct 2022 15:51:30 GMT
master_9GS05c5X0S_1956_shopee.jpg
img.sportstars.id//2022/10/ag9W88/ Frame 4B63
84 KB
84 KB
Image
General
Full URL
https://img.sportstars.id//2022/10/ag9W88/master_9GS05c5X0S_1956_shopee.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3798f211a42660bfc7a83f62be15b6e059f118090173568d4697f804da6ef0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:35 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
18
cf-polished
origSize=92462, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85716
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sat, 29 Oct 2022 08:04:02 GMT
server
cloudflare
etag
"635cde72-1692e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
761a6b21da16b972-AMS
link
<http://img.sportstars.id//2022/10/ag9W88/master_9GS05c5X0S_1956_shopee.jpg>; rel="canonical"
expires
Sun, 29 Oct 2023 08:07:35 GMT
sportstars.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
2 KB
2 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sportstars.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
1845
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-Py3HXLPLBk"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=158658
accept-ranges
bytes
content-length
1832
x-amz-cf-id
ttywiXCzJ03XpktbtNqg4K8DdBtwvCSKf6wp357oNtn4Ac8rpd7auw==
expires
Sun, 30 Oct 2022 15:45:58 GMT
Elon_Musk_beli_Twitter.jpg
img.idxchannel.com/media/439/images/idx/2022/05/19/ Frame 4B63
15 KB
15 KB
Image
General
Full URL
https://img.idxchannel.com/media/439/images/idx/2022/05/19/Elon_Musk_beli_Twitter.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e00:15:c3e:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
a35d0ff99aeee019b274ace7ab125685985d5a1bbeaed39a6332465ae8fd3efd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 10:53:42 GMT
server
nginx/1.17.2
x-amz-cf-pop
FRA56-C1
etag
W/"628621b6-86f7"
x-cache
Miss from cloudfront
content-type
image/jpeg
content-length
15432
x-amz-cf-id
2hHoqvD9hVgN06sIi1UImcBAJkT9flbFe0AyjHogCnZF5AmluB7FCg==
idx_simple.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
5 KB
5 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/idx_simple.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
13405
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-ynhC4ViFMt"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=158673
accept-ranges
bytes
content-length
4649
x-amz-cf-id
hT07eleEOMWjC4Ij0iLQScsGasBFmv00KvN-o7jpkej2bPBRjHt1og==
expires
Sun, 30 Oct 2022 15:46:13 GMT
IMG-20221029-WA0107.jpg
www.mnctrijaya.com/uploads/news/ Frame 4B63
147 KB
147 KB
Image
General
Full URL
https://www.mnctrijaya.com/uploads/news/IMG-20221029-WA0107.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6a00:e:c3de:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1a49cdbebcde43cb05e89aef96d90b975079cf50620e34eabfa1aae493fab4f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Sat, 29 Oct 2022 07:40:29 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
etag
"635cd8ed-24a4d"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
150093
x-amz-cf-id
IDSfrcvt92hKMfv3E31CdTB5LgFEhzi1f22g_Cnooby8Xs-s7sDATw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mnctrijaya.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 4B63
10 KB
11 KB
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/mnctrijaya.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
13116
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44757
etag
W/"PSA-aj-qAx-oOOL5R"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2494343
accept-ranges
bytes
content-length
10422
x-amz-cf-id
faHqeaxdb7XTLysvGZq8_g_SRgReIxDILz2pY2t9cCMYuBgW5-znlw==
expires
Sat, 26 Nov 2022 16:34:03 GMT
jquery-3.6.0.min.js
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/ Frame 4B63
87 KB
31 KB
Script
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/jquery-3.6.0.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
89501
x-amz-cf-pop
FRA56-C1
age
44757
x-cache
Hit from cloudfront
content-length
30812
server
nginx/1.20.1
etag
W/"PSA-aj-vSq_cOaZon"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=158165
x-amz-cf-id
D6JTwpgs-_30_EI5Kb0NF7ZfCXQAW28A7Qg9Hz7lcAuCa0fBK1AaEA==
expires
Sun, 30 Oct 2022 15:37:45 GMT
swiper-bundle.min.js
unpkg.com/swiper@8.4.4/ Frame 4B63
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js
140 KB
40 KB
Script
General
Full URL
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1453817
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GF62160TFJVJNW2X680A6BRB-ams
server
cloudflare
etag
W/"2310e-YgoXHzBgFVHspCsWstmF72fEP1g"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
761a6b220b54b90f-AMS

Redirect headers

date
Sat, 29 Oct 2022 08:07:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GGHC8GF4ABZN8SMKTK7F90CX-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
257
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.4/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
761a6b21cadfb90f-AMS
bpe.html
www.visionplus.id/besportse/photose/ Frame E4A0
22 KB
4 KB
Document
General
Full URL
https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Requested by
Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Sat, 29 Oct 2022 08:07:36 GMT
etag
W/"631e95c9-57ed"
expires
Sat, 29 Oct 2022 08:07:35 GMT
last-modified
Saturday, 29-Oct-2022 08:07:36 GMT
server
nginx
vary
Accept-Encoding
xred.png.pagespeed.ic.jpXU9Y2YLq.png
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/ Frame 4B63
122 B
636 B
Image
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/xred.png.pagespeed.ic.jpXU9Y2YLq.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-original-content-length
135
x-amz-cf-pop
FRA56-C1
age
44757
x-cache
Hit from cloudfront
content-length
122
x-page-speed
Powered By okezone.com
last-modified
Thu, 29 Sep 2022 13:29:34 GMT
server
nginx/1.20.1
etag
W/"0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
link
<https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/red.png>; rel="canonical"
x-amz-cf-id
VqTn1Z_LYlRdDBRuobVP8mgJYe12B7d2pw12vbS3t1wQSvl23Ep1Rg==
expires
Fri, 29 Sep 2023 13:29:34 GMT
Roboto-Medium.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 4B63
175 KB
176 KB
Font
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Medium.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:28 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44756
etag
"61b743ec-2bc60"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
179296
x-amz-cf-id
KhdtLTIgA0cNn7pxJxN5K_X1Ir7WaF9B8MUwZkTdzKDch-aTLwDjiQ==
expires
Sun, 27 Nov 2022 19:41:39 GMT
Roboto-Bold.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 4B63
166 KB
167 KB
Font
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Bold.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44756
etag
"61b743f1-297ec"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
169964
x-amz-cf-id
IZXQ94smR00Dq_AYemjIym_0wJcRkWqVMlxCWF-znpRlCAK17CvmwQ==
expires
Sun, 27 Nov 2022 19:41:39 GMT
Heebo-Regular.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/ Frame 4B63
32 KB
33 KB
Font
General
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/Heebo-Regular.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b400:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:41:39 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:27 GMT
server
nginx/1.20.1
x-amz-cf-pop
FRA56-C1
age
44756
etag
"61b743eb-8110"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
33040
x-amz-cf-id
gIxPleWlAI2hU_D_lL6yGJFLHxIDWS1s17fbbFdaR-YQOWYIU1nLVg==
expires
Sun, 27 Nov 2022 19:41:39 GMT
gtm.js
www.googletagmanager.com/ Frame F6B9
132 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eed5db3b7deeaea97c67dce18ba6e91d4f99024debed541f22d16dc6740ae522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49068
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
rcti__news.png
static.rctiplus.id/fta_rcti/logo/ Frame F6B9
11 KB
11 KB
Image
General
Full URL
https://static.rctiplus.id/fta_rcti/logo/rcti__news.png
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.232 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000
Date
Sat, 15 Oct 2022 04:27:20 GMT
Via
cache3.l2de2[0,0,200-0,H], cache14.l2de2[0,0], cache14.l2de2[1,0], cache1.de3[0,0,200-0,H], cache8.de3[1,0]
Age
1222816
X-Swift-CacheTime
1478502
X-Cache
HIT TCP_MEM_HIT dirn:12:569991309
Connection
keep-alive
X-Swift-SaveTime
Fri, 28 Oct 2022 01:45:38 GMT
Content-Length
10963
Last-Modified
Thu, 29 Apr 2021 05:19:32 GMT
Server
Tengine
ETag
"608a41e4-2ad3"
Ali-Swift-Global-Savetime
1665808040
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
4f85b19c16670308562361143e
placeholder.jpeg
static.rctiplus.id/fta_rcti/logo/ Frame F6B9
0
0

kiat-pakai-eyeliner-tanpa-belepotan-buat-pemula48_700.jpg
statics.indozone.news/content/2022/10/29/3ese1Ml/ Frame F6B9
42 KB
42 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/3ese1Ml/kiat-pakai-eyeliner-tanpa-belepotan-buat-pemula48_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c69adc39d893dbdddc89e68b5c62cf6a041a048fd128e68aaa19349c3b4e8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
X6Acl7ZGnJAslynVKSiuiDTkda6IBcwm
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
34YG07F0355YSM1J
age
201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42818
x-amz-id-2
CR5vOPLvULb+X92/BjzN+5zZP6TuN+pKJi11Mjs5XEm0uv1G35TGPE23j1BQUY0EWESBvc1uN0M=
last-modified
Sat, 29 Oct 2022 06:22:44 GMT
server
cloudflare
etag
"3cb361bf373cef2a5e3221a64f8b41f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfExyTeFRolerRjZKRxJfXk94iyqjNDGZjDGL3gCOH5ZI%2F%2FUO%2FkbeA2lmvxhLqn5qezNi7cAYGZNwlrZHCw4J4peiBC3xg8EpFylh8nynjJhb85Iu0spbk6h7n8lV32fQI2BzkuMSxpF9hR2ZCaZBpozqTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237ec09150-FRA
demi-dapat-ps5-dari-istrinya-pria-ini-berhasil-turunkan-berat-badan-hingga-10-kilo36_700.jpg
statics.indozone.news/content/2022/10/29/o8sALyp/ Frame F6B9
55 KB
56 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/o8sALyp/demi-dapat-ps5-dari-istrinya-pria-ini-berhasil-turunkan-berat-badan-hingga-10-kilo36_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da09bc10a8f09d9ab33a5249004edaa27cc08d1b0052d2ec4e08c3b7538fa5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
ZE0lOUlwpRJID_9gfvWWn1Kbbiti9dFA
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
34YW4E0FCTFY6BVM
age
201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56324
x-amz-id-2
txbWBNS7xEbG0GBvC+/90D71RLJmR/KLHPhvfNabzZSM/3pf7Uc86mHbvPA38Vle9ZSFjIv8HuA=
last-modified
Sat, 29 Oct 2022 07:47:54 GMT
server
cloudflare
etag
"71441d6994680da90302fd1a1f6db0af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR%2FikdnHke%2BT258MHkWYrW6iGp4zYAaWZNIe0jnElLdarQcg%2F1Sa1aUGs0E42uslsBMzfAZG1BKKZYZdx%2BKBE2P6pF8FZSRI2LKQiZPREBH5fmOXcbbGOhzK8uMdAFFFpWi5VayYSQtlz7fJXvWkihoZ5Lo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237ec39150-FRA
ikut-syukuran-nikita-mirzani-ditahan-indra-tarigan-harus-ikhlas-jangan-teriak-teriak100_700.jpg
statics.indozone.news/content/2022/10/29/75sLAaQ/ Frame F6B9
63 KB
64 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/75sLAaQ/ikut-syukuran-nikita-mirzani-ditahan-indra-tarigan-harus-ikhlas-jangan-teriak-teriak100_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d28ddaf2de66f636735d59858ed6a65a5ad7b9a0a7fb76c5cec2667a7b2160

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
AKh78sqMzENC4YfzX_RicNu1b0yvlPqV
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
34YK1K1SHKX4H8JK
age
201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65006
x-amz-id-2
jk4R/eeZ3LZiU23HQ1iUl8NMN6tjBXac6FNlybAUzADOIRfAglUm8T8EdyUUTzmieCPtooXpnvM=
last-modified
Sat, 29 Oct 2022 07:45:05 GMT
server
cloudflare
etag
"452651e669f54eaac623d96220f010e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LggTbFjZ6KnnniMwIIrFNohYT2ew4vWmzW19K4ovL1rMsMz%2Fshy1iw1w4Dvu2dGXce4JoG6Fx3plo9Qwwy3%2FBT80vMZGF0XP5gSEW8DToWCyw2VHAIQsKdF5Yx9y8nwai1bFboqUxXnZkkFHnYMe%2FyCzLQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237ec69150-FRA
apa-itu-jejak-digital-ini-penjelasannya-agar-kamu-punya-etika-di-dunia-maya30_700.jpg
statics.indozone.news/content/2022/10/29/n0s034A/ Frame F6B9
73 KB
74 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/n0s034A/apa-itu-jejak-digital-ini-penjelasannya-agar-kamu-punya-etika-di-dunia-maya30_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59f40c40baaf4eefac87dd126ae51f8bde7f1e1cc7b80a4804df050f0817dad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
M3D9fwpnkL8q6eKGZOd2pYFjIs8V4HVl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
34YJ960D2WCMF3J4
age
201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74757
x-amz-id-2
vmMwEHXMr+0tWqQL1PKZUP2044vGZVUQ3EBPU9nNkzNGPLqPeGCx0dY5L8ewp2wtVCsA4vi6qzU=
last-modified
Sat, 29 Oct 2022 07:34:51 GMT
server
cloudflare
etag
"48f3d740c036a3ad6b14bb041dfc8d38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7kUSfflOyTF5nuX6WTgsSzeEZrY9jlNR01%2BTbmkjUWL1sVqcH%2Fh7Ipip66ZlcDVvNSXV9v4ZDjwU1xn2DcHV8afdkyb7Q5CGR3SzZzF4HI7YgDTQyuK7udxfhCtk7Fldq4Vmt%2B%2Fg4ne4sbPTPZmjL%2BeG6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237ec89150-FRA
main-bareng-cristiano-ronaldo-pemain-muda-mu-ini-girang-bener78_700.jpg
statics.indozone.news/content/2022/10/29/x0sL4ee/ Frame F6B9
58 KB
59 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/x0sL4ee/main-bareng-cristiano-ronaldo-pemain-muda-mu-ini-girang-bener78_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7840a4178ff600d15cbde08845e24d521cca368a0fb41f823f83852d613926f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
4Wp_c.DkFYFhWgPlBTtG4U20Zo41OPh.
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4VFXK86QQM7EP5CF
age
1685
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59568
x-amz-id-2
+LQ3xGB5DqGblRrrUE5XwMrOssED1HnQg2fZAEe/TdHV3tCdWTS/saVia+Oswyk8O9OUNzw79CE=
last-modified
Sat, 29 Oct 2022 07:34:23 GMT
server
cloudflare
etag
"70babcf5ee0132617b903d74f6532712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFPMDJ1HDwm33rkIdY4%2FsREHOAmEZhZYP174xDSoYxo7kxawarP6pHPZQtYIli4O5s8d22CfKZPLlIzHHgBarkFpNzqdOVdjZ0kOpmktJcVm6MU7UEtibIg8Sd1c7%2BZDgvelh7GxeSxBuMrTVuiL%2FeZILtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237eca9150-FRA
kalau-orang-mesir-kuno-sulit-hamil-membeli-ilmu-sihir-pun-jadi-jalan-tengahnya19_700.jpg
statics.indozone.news/content/2022/10/29/DNsg6AY/ Frame F6B9
82 KB
82 KB
Image
General
Full URL
https://statics.indozone.news/content/2022/10/29/DNsg6AY/kalau-orang-mesir-kuno-sulit-hamil-membeli-ilmu-sihir-pun-jadi-jalan-tengahnya19_700.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:db17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415a5743b92d3700a3f583d4bed31a1891987799ce2b2ecb103d258161ad6c4d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
x-amz-version-id
lg8o72VkLfWK8.0m5efLgSv7_qLyRemO
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
34YYTDEC7GBCQRTH
age
201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83823
x-amz-id-2
kqVrSNbvFImBQftgwL8XD8AHLQfaHypMVqQjGiexFLMS00y8jMBRkOyVHN7qr9YPvunWjTdxgd4=
last-modified
Sat, 29 Oct 2022 07:31:47 GMT
server
cloudflare
etag
"b6479ad2e0ee04779457d0293cf912c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX2NeC%2BTfGXA4BB1NaCunVKvnaepOuyZYmJeQexnefVhioNdHxOvEMSpDupZ5485sM1wuwtwDdeLu9hKWdXKXeU1%2BVYTkGMcambsSEAe2BDraoyOyF1dfXnwfR7RrUlokpO%2BvmdIDHj1QMCmyflGs6O2TxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
761a6b237ecd9150-FRA
analytics.js
analytics.rctiplus.com/tracking/ Frame F6B9
3 KB
2 KB
Script
General
Full URL
https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash
9921378a24a5dd5ad719783a2030fa9692d6a78f80af2c9387e02998ecab52d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.15, Dark Phoenix
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmV%2BLNZG3hoRtoSSOD5sQej%2FsBLK2DsTp5THfiILZ6b4zoRQ0Oa0FG8txSyoOfZ9wBXvPhkhoUob2Pgl875lcY7y5mjWbfcu2FjUNJXJy7AtTnRqf6mc0LyRHwN7U%2FaUIkdrjtHi4%2FKfkuweNjLtFtXk2f5Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-robots-tag
noindex
cf-ray
761a6b236aa4b813-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame F6B9
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 07:29:16 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2300
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 09:29:16 GMT
atrk.js
certify-js.alexametrics.com/ Frame F6B9
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
4427863
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
6vSXse3015bSxsPngAO0GCB1ENxRkGmSXevcqrHYZQeS1-Qi-A-6Yw==
atrk.gif
certify.alexametrics.com/ Frame F6B9
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=600&frame_width=279&iframe=1&title=RCTI%2B&time=1667030856323&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.rctiplus.com%2Flife%2F3068169%2Flesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan%3F1667030852566&random_number=14445059227&sess_cookie=85d4a56918422c83282ac79308e&sess_cookie_flag=1&user_cookie=85d4a56918422c83282ac79308e&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-100.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:09:38 GMT
Via
1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-P2
Age
21479
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
AMrJkOoKwt97hT73W9a_U15IxnN5PvOLD49o4IPxGDxHVsphX6XTGA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame F6B9
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/life/3068169/lesti-kejora-dan-rizky-billar-sepakat-leslar-dibubarkan?1667030852566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.181.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-181-226.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
server
Server
Site
gamesx.rctiplus.com/Home/ Frame D974
993 B
2 KB
Document
General
Full URL
https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14 Dark Phoenix
Resource Hash
f0720958fb14bda851435ca2132f557f9bcef2e4fb374ff19c91302983e23553

Request headers

Referer
https://www.rctiplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
761a6b250c3eb813-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 08:07:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaP8xGMweZx3MR3VUoNUSSlEGdQXUk7MXUIQ%2B%2F3O1HGbKMtQCQut5v2RAzi4b77apnhxXAlB5fVyJbM3gCGzi0VjaWbmkCrcbjZ7Z%2BljtCrT5B4BpOzuautHXfZbRrvlAtSKeLUWZdTuG2gW33SBLuZh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.14 Dark Phoenix
x-robots-tag
noindex
config-widget.js
www.visionplus.id/besportse/photose/shareconf/ Frame E4A0
2 KB
2 KB
Script
General
Full URL
https://www.visionplus.id/besportse/photose/shareconf/config-widget.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
last-modified
Saturday, 29-Oct-2022 08:07:36 GMT
server
nginx
etag
"631e9507-802"
content-type
application/javascript
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2050
expires
Sat, 29 Oct 2022 08:07:35 GMT
config-widget.js
www.visionplus.id/besportse/photose/ Frame E4A0
2 KB
2 KB
Script
General
Full URL
https://www.visionplus.id/besportse/photose/config-widget.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
b9121d34e7a3588ef5e6b58d05a4f0ceb22af79c1d978e3711f343814123bd34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
last-modified
Saturday, 29-Oct-2022 08:07:36 GMT
server
nginx
etag
"6358e5f2-798"
content-type
application/javascript
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1944
expires
Sat, 29 Oct 2022 08:07:35 GMT
js
www.googletagmanager.com/gtag/ Frame E4A0
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87214f41e69d0b24eb1102e938b1862fc8d4411a015710c17b583b3f3617ad5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43650
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
js
www.googletagmanager.com/gtag/ Frame E4A0
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24adce822093e88af7a92f2044810da046f9117bcb45243d8a0d674fd935bcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43657
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame E4A0
86 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Oct 2023 04:08:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E4A0
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f81e5b0bea04f4401a50ac1107f3fe016167d9ced3c574048da67ea97fb58d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27397
x-xss-protection
0
server
sffe
etag
"1377 / 215 of 1000 / last-modified: 1666994777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Oct 2022 08:07:36 GMT
app_logo.png
www.visionplus.id/besportse/photose/img/ Frame E4A0
8 KB
8 KB
Image
General
Full URL
https://www.visionplus.id/besportse/photose/img/app_logo.png
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
last-modified
Saturday, 29-Oct-2022 08:07:37 GMT
server
nginx
etag
"631e9507-1e63"
content-type
image/png
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
7779
expires
Sat, 29 Oct 2022 08:07:36 GMT
ph_3-2.jpg
www.visionplus.id/besportse/photose/img/ Frame E4A0
0
0

Ellipse-Play.svg
www.visionplus.id/watch/video/img/group1283/ Frame E4A0
2 KB
2 KB
Image
General
Full URL
https://www.visionplus.id/watch/video/img/group1283/Ellipse-Play.svg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
last-modified
Saturday, 29-Oct-2022 08:07:36 GMT
server
nginx
etag
"60e6e573-659"
content-type
image/svg+xml
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1625
expires
Sat, 29 Oct 2022 08:07:35 GMT
ph_2-3.jpg
www.visionplus.id/besportse/photose/img/ Frame E4A0
0
0

vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ Frame D974
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: gamesx.rctiplus.com
URL: https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://gamesx.rctiplus.com/
Origin
https://gamesx.rctiplus.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
761a6b275df90bbf-AMS
gtm.js
www.googletagmanager.com/ Frame D974
132 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Requested by
Host: gamesx.rctiplus.com
URL: https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
136815ea6f2e5f4eecde02c7c8f0df9d8fb56bb63d052a67895ca79ae0ff948e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49070
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
beacon.js
sb.scorecardresearch.com/ Frame E4A0
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 04:42:05 GMT
content-encoding
gzip
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
13903
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
74Z-3tFDXJj7Brpl7NhfIz29E1l9VSfIZ6Xtlv7f8C00cbCTFkL3bg==
analytics.js
www.google-analytics.com/ Frame D974
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 07:29:16 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2300
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 09:29:16 GMT
atrk.js
certify-js.alexametrics.com/ Frame D974
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
4427863
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
RG_nEzDnSW69h7WKFgbR3Twelc0n18JUDv85mXnhhRsRIuyx2ZHz6Q==
js
www.googletagmanager.com/gtag/ Frame D974
181 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JR2L0ZYPG7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2c78ec9b9b0440b897acb03c5077a0201b36feb4b3723b1e109250d6bc596d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66696
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 29 Oct 2022 08:07:36 GMT
gtm.js
www.googletagmanager.com/ Frame E4A0
116 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ff16dfdf400e473a6293e2b10aaca79de24926eb19bc349ab8ae8311f28295e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45354
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
atrk.js
certify-js.alexametrics.com/ Frame E4A0
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-98.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
4427863
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
QO6uFqhIW_jozZfYThNuo4DP1eHlhAiiR8B3rJgo8HEQP9lFkLUY5w==
motogp_assen.jpg
cluster-images.visionplus.id/static/website/ Frame E4A0
51 KB
51 KB
Image
General
Full URL
https://cluster-images.visionplus.id/static/website/motogp_assen.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
0b51d2a4419d2eba7f4deaceded280f509d0b203fcbbe02b39e25d0b1ac7ae1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Wed, 12 Oct 2022 06:40:09 GMT
server
nginx
content-encoding
gzip
etag
W/"63466149-ca97"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
link
<https://cluster-images.visionplus.id/static/website/motogp_assen.jpg>; rel="canonical"
x-xss-protection
1; mode=block
expires
Sat, 05 Nov 2022 08:07:37 GMT
5ce1.jpg
static.mncnow.id/images/series/32173cac/ Frame E4A0
34 KB
34 KB
Image
General
Full URL
https://static.mncnow.id/images/series/32173cac/5ce1.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 01:28:35 GMT
via
cache17.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache4.de3[0,0,200-0,H], cache14.de3[3,0]
age
23942
x-swift-cachetime
604593
x-cache
HIT TCP_MEM_HIT dirn:13:848833696
x-swift-savetime
Sat, 29 Oct 2022 01:32:02 GMT
content-length
34352
last-modified
Fri, 11 Mar 2022 08:03:17 GMT
server
Tengine
etag
"622b0245-8630"
ali-swift-global-savetime
1667006915
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571871755e
expires
Sat, 05 Nov 2022 01:28:35 GMT
6274.jpg
static.mncnow.id/images/series/a0318f17/ Frame E4A0
27 KB
27 KB
Image
General
Full URL
https://static.mncnow.id/images/series/a0318f17/6274.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 04:02:07 GMT
via
cache8.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache11.de3[0,0,200-0,H], cache14.de3[2,0]
age
14730
x-swift-cachetime
604574
x-cache
HIT TCP_MEM_HIT dirn:13:653425272
x-swift-savetime
Sat, 29 Oct 2022 04:05:53 GMT
content-length
27687
last-modified
Mon, 07 Mar 2022 10:41:44 GMT
server
Tengine
etag
"6225e168-6c27"
ali-swift-global-savetime
1667016127
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571881756e
expires
Sat, 05 Nov 2022 04:02:07 GMT
7a0a.jpg
static.mncnow.id/images/series/446a6208/ Frame E4A0
43 KB
43 KB
Image
General
Full URL
https://static.mncnow.id/images/series/446a6208/7a0a.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 04:02:07 GMT
via
cache5.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache8.de3[0,0,200-0,H], cache14.de3[2,0]
age
14730
x-swift-cachetime
604574
x-cache
HIT TCP_MEM_HIT dirn:12:264892516
x-swift-savetime
Sat, 29 Oct 2022 04:05:53 GMT
content-length
43640
last-modified
Fri, 11 Mar 2022 10:18:29 GMT
server
Tengine
etag
"622b21f5-aa78"
ali-swift-global-savetime
1667016127
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571881757e
expires
Sat, 05 Nov 2022 04:02:07 GMT
489b.jpg
static.mncnow.id/images/vod/863f579e/ Frame E4A0
36 KB
37 KB
Image
General
Full URL
https://static.mncnow.id/images/vod/863f579e/489b.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 04:02:37 GMT
via
cache16.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache9.de3[0,0,200-0,H], cache14.de3[2,0]
age
14700
x-swift-cachetime
604604
x-cache
HIT TCP_MEM_HIT dirn:12:692838455
x-swift-savetime
Sat, 29 Oct 2022 04:05:53 GMT
content-length
37076
last-modified
Tue, 28 Dec 2021 04:52:28 GMT
server
Tengine
etag
"61ca980c-90d4"
ali-swift-global-savetime
1667016157
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571881758e
expires
Sat, 05 Nov 2022 04:02:37 GMT
949d.jpg
static.mncnow.id/images/vod/7847cc87/ Frame E4A0
51 KB
51 KB
Image
General
Full URL
https://static.mncnow.id/images/vod/7847cc87/949d.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 04:02:37 GMT
via
cache3.l2de2[0,0,304-0,H], cache6.l2de2[1,0], cache14.de3[0,0,200-0,H], cache14.de3[2,0]
age
14700
x-swift-cachetime
604603
x-cache
HIT TCP_MEM_HIT dirn:13:683321369
x-swift-savetime
Sat, 29 Oct 2022 04:05:54 GMT
content-length
51712
last-modified
Fri, 11 Mar 2022 10:34:55 GMT
server
Tengine
etag
"622b25cf-ca00"
ali-swift-global-savetime
1667016157
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571881760e
expires
Sat, 05 Nov 2022 04:02:37 GMT
f924.jpg
static.mncnow.id/images/vod/058df7c5/ Frame E4A0
36 KB
36 KB
Image
General
Full URL
https://static.mncnow.id/images/vod/058df7c5/f924.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 29 Oct 2022 04:02:06 GMT
via
cache2.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache3.de3[0,0,200-0,H], cache14.de3[3,0]
age
14731
x-swift-cachetime
604572
x-cache
HIT TCP_MEM_HIT dirn:12:381718908
x-swift-savetime
Sat, 29 Oct 2022 04:05:54 GMT
content-length
36795
last-modified
Fri, 11 Mar 2022 05:04:16 GMT
server
Tengine
etag
"622ad850-8fbb"
ali-swift-global-savetime
1667016126
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
eagleid
4f85b1a216670308571881762e
expires
Sat, 05 Nov 2022 04:02:06 GMT
analytics.js
www.google-analytics.com/ Frame E4A0
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 07:29:16 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2300
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 09:29:16 GMT
js
www.googletagmanager.com/gtag/ Frame E4A0
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154114411-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1df34459b00e508765176776a9c4a0e20a5a6f7f3b329575f421b6657f7b3158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43668
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 08:07:36 GMT
atrk.gif
certify.alexametrics.com/ Frame D974
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=0&frame_width=0&iframe=1&title=Home&time=1667030856912&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.rctiplus.com%2F&host_url=https%3A%2F%2Fgamesx.rctiplus.com%2FHome%2FSite%3Fplatform%3Dweb-android%26type%3Dreal%26utm_source%3Drctipluspillargames%26utm_medium%3Ddirect%26utm_campaign%3Ddetail_125&random_number=11521473302&sess_cookie=b1366ca518422c834cfd70e2dbe&sess_cookie_flag=1&user_cookie=b1366ca518422c834cfd70e2dbe&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by
Host: gamesx.rctiplus.com
URL: https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-100.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:09:38 GMT
Via
1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-P2
Age
21479
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
wp8Zt9DWe12CbSVdzfxzp-schDdIAOSwuJ9GLlNpJ0JIZVFXGX8ibA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame D974
0
47 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: gamesx.rctiplus.com
URL: https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.181.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-181-226.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gamesx.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
server
Server
b
sb.scorecardresearch.com/ Frame E4A0
0
284 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1667030856915&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&c8=Vision%2B&c9=
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-2.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:36 GMT
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
ajUC9cLCHymiRFjReocLgJRawQWb_J9WCGNwZpuD9bFxaBD3-LP0LQ==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ Frame E4A0
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007243257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEBAAUABAAAAACAAIC~&jid=1609530937&gjid=1285349214&cid=937407572.1667030857&tid=UA-111351533-7&_gid=2000415379.1667030857&_r=1&gtm=2ouaq0&z=1177901737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame E4A0
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007243257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=aEDAAUABAAAAACAAIC~&jid=753967513&gjid=850020854&cid=937407572.1667030857&tid=UA-154114411-1&_gid=2000415379.1667030857&_r=1&gtm=2ouaq0&z=1823084637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame E4A0
0
47 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.181.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-181-226.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
server
Server
atrk.gif
certify.alexametrics.com/ Frame E4A0
43 B
551 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=590&frame_width=284&iframe=1&title=Vision%2B&time=1667030856940&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&random_number=19742918417&sess_cookie=8441c7d218422c834ecbe553c10&sess_cookie_flag=1&user_cookie=8441c7d218422c834ecbe553c10&user_cookie_flag=1&dynamic=true&domain=visionplus.id&account=s+Whw1O7kI20L7&jsv=20130128&user_lang=en-US
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1667030852948
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-100.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 02:09:38 GMT
Via
1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-P2
Age
21479
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
fMKWC1Vcvadp4Z-JGH8x0x20ARrQ8XBhteMdw_GpUygbXPtCU7FESw==
collect
stats.g.doubleclick.net/j/ Frame E4A0
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=937407572.1667030857&jid=1609530937&gjid=1285349214&_gid=2000415379.1667030857&_u=YEBAAUAAAAAAACAAIC~&z=1857394683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 08:07:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame E4A0
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007243257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=aEDAAUABAAAAACAAIC~&jid=2127512932&gjid=1429653181&cid=937407572.1667030857&tid=UA-111351533-1&_gid=2000415379.1667030857&_r=1&gtm=2wgaq0TRZJRWG&z=1156846478
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame E4A0
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007243257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=aEDAAUABAAAAACAAIC~&jid=837239199&gjid=1981007352&cid=937407572.1667030857&tid=UA-111351533-7&_gid=2000415379.1667030857&_r=1&gtm=2wgaq0TRZJRWG&z=823308694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame E4A0
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1007243257&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=aEDAAUABAAAAACAAIC~&jid=1416921250&gjid=771617378&cid=937407572.1667030857&tid=UA-154114411-1&_gid=2000415379.1667030857&_r=1&gtm=2wgaq0TRZJRWG&z=1176445622
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 08:07:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022102701.js
securepubads.g.doubleclick.net/gpt/ Frame E4A0
379 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 07:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130801
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 08:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Oct 2023 07:19:37 GMT
collect
stats.g.doubleclick.net/j/ Frame E4A0
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=937407572.1667030857&jid=837239199&gjid=1981007352&_gid=2000415379.1667030857&_u=aEDAAUABAAAAACAAIC~&z=1282583830
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 08:07:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
gamesx.rctiplus.com/cdn-cgi/ Frame D974
0
179 B
XHR
General
Full URL
https://gamesx.rctiplus.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gamesx.rctiplus.com/Home/Site?platform=web-android&type=real&utm_source=rctipluspillargames&utm_medium=direct&utm_campaign=detail_125
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type
application/json

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://gamesx.rctiplus.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
761a6b28bd2dfa14-AMS
integrator.js
adservice.google.nl/adsid/ Frame E4A0
107 B
122 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.visionplus.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E4A0
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.visionplus.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E4A0
37 KB
15 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2312505670854871&correlator=3196576361471549&eid=31070619%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102701&ptt=17&impl=fifs&iu_parts=7108725%2CVplus-Widget-Banner-iNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=243x110%7C300x250%7C243x100&ifi=1&adks=4109564508&sfv=1-0-38&sc=1&cdm=www.visionplus.id&abxe=1&dt=1667030857211&lmt=1667030856&dlt=1667030856592&idt=596&adxs=21&adys=101&biw=-12245933&bih=-12245933&isw=284&ish=590&scr_x=-12245933&scr_y=-12245933&ucis=xtskey1itnx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1667030852948&top=https%3A%2F%2Fntt.inews.id&frm=8&vis=1&psz=268x-1&msz=243x-1&fws=256&ohw=0&ea=0&ga_vid=937407572.1667030857&ga_sid=1667030857&ga_hid=1007243257&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c04248bd8bcd44caaccb2e55560a1568acfc95bf7a28d98d617a0a4e65905db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15425
x-xss-protection
0
google-lineitem-id
6136770363
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409513375
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBE1
6 KB
3 KB
Document
General
Full URL
https://4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:37 GMT
expires
Sun, 29 Oct 2023 08:07:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 878B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvAbVK_8jXdENckpKwjIffcgQ0Vwk-Y0RjoAspjTGLKVDpilG6O08g7QeDl3Bq-afLbCtfA3v-QTR4OjM8i5zSC3h5MZXhcb7hOqpvlSm7Oik_P8iJPp9EoFlJeBh-4yGPDK-cMJn0ftzBGlgIL1f9Fo3r9DMeYr6fMrec_CQ4tgsIFudbN1lUuZDWKE_sF8pMLe_yfA3cyoc0RcQXgQ4SauguRS2M4u2T776_1lALsdqDa2j9cFSLhuXGOU4QIpXxmH45FzN-KsB43GKUMbqj__StFr2QMhkDwByQ-bZRhNGlL-URBGjnGdGYQb47w4d8LE65DnpjnohFp1YXJw&sai=AMfl-YTbLK6Ah9_2FwpBfmvesejiX_EQerI_ejxfdwghD3VzInrEhUGL2QlyhTnAPJRVQABySvLC5_KiD8IVMR_WFAVX6t5vG733HXAfT6wk&sig=Cg0ArKJSzOU29POt4-6SEAE&uach_m=[UACH]&adurl=
Requested by
Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 878B
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
58630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 15:50:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 878B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
72582
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
l
www.google.com/ads/measurement/ Frame 878B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_7q3ztsgQX3NXBh3ZYWZK24qbpV5Ugn17C9GBn3mi8TPq5-SGBYqu1jKb6s7wX6iLofedhT2xgirQJb1srxh-iKMUPw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 878B
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 08:07:37 GMT
4729967900352923802
tpc.googlesyndication.com/simgad/ Frame 878B
52 KB
52 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4729967900352923802
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 11:04:06 GMT
x-content-type-options
nosniff
age
421411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53343
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 02:58:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 24 Oct 2023 11:04:06 GMT
truncated
/ Frame 878B
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8302438f17701052025b08a5491a812d5d3e129c1a0ff1ca496c98be1b1fa44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 878B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuATSqZ7GOfGxiyjOx1sEjOUR1LZItstvQaYmbzLnn3hWFIMmYEX38IVXBzRrIQI4R0gwkW-0oDenwb6t7x3XQVDMo8aj1EwP-mewwVkNneQ-hXSotTlMShNri3TSvTUBFyarohxP9YtJ04NxPyZftuVwrxvK79lxlCyUn8wfWdMIDmhD321WUfNNiNXupXJvQf2XfIXCY3_WTS6qgH8Sl1kwBm94z4yQQxRtEHhg1ZcM-SvA7SWP0TuhRM-Boj7J6-tZp0XG6peYEn2ebeXfE1SLzpw_f-zos_G-jOokEsX2LILhrTfg0ANNhJBbIwFWhNntuwrYmaP26aNJn9-QF_&sai=AMfl-YSI7L-HI0q0LRbnfYv-oDLXw6Z6j5HwFqlzamXQi8WotvAQfqdN0SHKapa8237L5K89El0tI3krI1TxABB9ab7nW4SY6fxZ7l1sF2Y3&sig=Cg0ArKJSzHAf0X8wF3MSEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 08:07:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E4A0
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d5b5acc6daa52a792d21dcf562b49e7174752ce8cd7e5a2d2a99120bde2f48f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11173
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E4A0
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102701.js?cb=31070619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 08:07:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66F4
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
42503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E87
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
717b2130ff739397eec8f17fe26cc7b8f4f7ed2c92e65ce77b49bde27b367f24
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kKQqxKL7EyG0n5ELkNfh3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-kKQqxKL7EyG0n5ELkNfh3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 08:07:37 GMT
expires
Sat, 29 Oct 2022 08:07:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E87
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102701&jk=2312505670854871&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
pagead2.googlesyndication.com/bg/ Frame 66F4
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/HZrunHRjvTX5MIeL6Ibl7iJKqMmAAzHWmbkaKM7M3x0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 17:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16118
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:17:30 GMT
generate_204
tpc.googlesyndication.com/ Frame 66F4
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Nf1uOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:07:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E4A0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102701&jk=2312505670854871&bg=!-_il-LzNAAZPh4lnb4c7ACkAdvg8WsyWPvRCd-0qi_axILGgNtOgu6yHZi6CCtZDkd6a0ZWf0hW1iAIAAABUUgAAAAJoAQcKAB43U4vvTe4xGLgzVeUqo2Cb3OjgbX7U-TQVBmGnKzCZAsnYo6RpLmldCFrWIze04el4Fqtot8U_-CBe-5hOZM1Nbz5mW8YZ9K1lvfMattFgYrjP14l2KlrVbi2eBZEzmK3c1NPr5CsivIDdkK8nUj2TUBPQZkGyT_n177N1LoBH-ly4gI19Plmn6lwgYygT8U6PYgMCPthWoZVJTAIQbzzKL3e8ZiOKU_LVCYaVkWZE6RFlyF5dbon-73cTm9wP2xDhKsTg3VJ-NT6wGIMrCVeJYOIOekBg9ZR4KYxyOh8KJcEQh3Cd1cMatWdbeIwiseCU7saQMZXtHXYJRO3IulxVLWtuI3PFFNZuIjM8ZMPFZlWPyuko8J5LWOgMzzU4p0MBJKhrx4IGpiuE5cIBAhjqhdF8qtfFSRQlpEzHjnvaZgRlRmIbeHXkMtKebBWYk0rnEcX-Cuwx40qXtBgA4h3Tyxa7slKVvLeQAYB22AdGQQytsn0E2tAKWsY5qJMsEJbG6M_YzBEjA-SZ_E-6pEK2lhKTayFXriTtE5YFNVLqGf5DyS4pxcU09OZlXVbQLIIVPMJcd1LbhTz00U-eQfYBoYMUF735MtwFGWHTFzsiyLrupq9aiGKl_d00-CR1vE5XAymdGsrHcR5hm6pNIuCd7hi0MfkGarCJ52pJszz0QEUnAFU78Kx9cFcTDSBteUOFasbAPDqTpFHA0gjmSEDw5H7TcZgVCjMSmZf6u-xis2SXHLtmLS0wFTIsCX7jpkOOhlArk8Q5jPdMS008hLZz1fiLplPej9iXV6uVRWCkvf2RnOfyMwTAuONjks9CqQP2LBOQfwUQXam7o1rx9zRmLu7Wa60OsOwDUl9wg9YhQbIA4B_ABPmfn4n53m3o9AVLZBYKnI0vuoAvhzyMznxeMaLGm--DmYV10_NCx85diq_XjZaKNOne0EvITYvoQQRmfUbrbK2Bnd2IvPJF4SxaAdFR3kzp85ba-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

all
csm.eu.criteo.net/ Frame EF6A
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gxG_PgCNm_D14Fe4gv8ODt_ZUfcACJZov39yp6hBVoUAe-iVCRF5ZYMDeZx7OMGH7dIMggdefxrC7s3vNKXRjytlI8zXns4EFlPjsVw0uugCmZWeX8kGxN8Fuv3dbq8PxO2eiopZnrAek8iIi3T9j9l_PMzDR2vLWUA06eyA6I6c4SeBXQsADTIwIokzzVqkCiVk6_qKHxoxiFDsT72QluItkikHaSZY5v8fteexf3vK9XAUrJS_O_rcCl2xcHEdzO-UJg&sds=2&rev=83303&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1zfQwANbUoH_Z6MAANrqevJVgTtceCGgdGMvA&u=%7Cwm6%2Fypeq%2BL4zk9JYXMhoefaPPkilMiw%2FbJldHEDa4eg%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfZPEAbrdk7lUBxiTObcADNoSW7oLz76C-NYcvgEcav_e_KgffdaufeVf3HbSMhdtmOqeu0wrqZ6Ljami8nUTBePXT9OLUGpjAHPriCiQMXt0baZAaRYaAXBVBn_mEqg2tv7mQfDRu2P0Pd8SzXhYnTzyJlQtEyhYuGLqICv-lM9HZIF_XMxdGip1V2Z6L8znzq294Tnu_9cp6BBCMF4NxQgYjWNm2h5H9I1ZkPoxEWdMJBwP-ICLGgE-9H-_Uh8_TaO6A_AyTU0i7m_LqtBEJTbCY7gO3PUJKiWYt_asm-Vh7OUSVkySQRbdpA1lBSj4u8u2AKmMDTxmQZgpI-3JM7Lf2QEd553GNy5S18CftjexkFnnJw1Q3p_KjHxPV6MQ-oYQl6o4XCHWhuk6zsWyFO4N04Bgck-SyIp1UM95F5jmobc9zeBluhmglPiOAxoEElSn5tT0axQCLgUV4Gjw1W3TmLk0u9qb1pVRu6oECd4zYV7Tk9p-Oj4D0LK2ftDtugOQ3aWaQEw9VFSjDHvCCvPH-_mymzrA8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOsnmQ99cY8raNYy99u8PqdeN6AbJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTgzMDc1OTgyMDgwMTY2MTnIAQmpAlSpVcL8t7A-4AIAqAMBqgThAU_QHfDTdBunRqzQ7M2iMC65Yvuj6CcsXe096iY5xWwzLjIW8qkWWlK1rqw7eg28U-exnrKBYeKC-lCuIXEIJg8g_ooT2fcEykKagBFQ-v65QCSi_GseRvNBuU4SckHE7ukNkpaRzBYIrPxxY9jsEd5PN6f9kXbnnO3dXKs87gAJMZ0E9XJcs0q1R8yYsZdfliQuM_i5RG47IfRPK1KWYeeKlMedgQ2NlGAbJD2pBR-W_sAsindroI7A_dtf4fkl43DaFDEoXFkwjoZo4J7Xp-6knNijOwcpxshm_JV3d3PY4uAEAYAGp8-dp6av0JJJoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1vdKvBMXxpMSikvwtslOYhiwXaGg%26client%3Dca-pub-8307598208016619%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 08:07:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
static.rctiplus.id
URL
https://static.rctiplus.id/fta_rcti/logo/placeholder.jpeg
Domain
www.visionplus.id
URL
https://www.visionplus.id/besportse/photose/img/ph_3-2.jpg
Domain
www.visionplus.id
URL
https://www.visionplus.id/besportse/photose/img/ph_2-3.jpg

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| googletag object| _comscore object| dataLayer function| autoComplete object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ function| jQuery object| jQuery11240536282969726612 function| toggleTab function| oncopy object| CryptoJS function| Swiper function| ellipsizeTextBox function| loadView function| liveStream boolean| strcache string| type string| date_news boolean| load number| count function| news_update_load function| eventTrigerList number| SudahDiLoad object| COMSCORE function| udm_ object| ns_p object| __twttrll object| twttr object| __twttr object| google_tag_manager string| GoogleAnalyticsObject function| ga object| PWT boolean| gptRan function| loadGPT object| __s object| instgrm undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| google_optimize object| gaData function| onYouTubeIframeAPIReady function| owpbjsChunk object| owpbjs object| ucTag object| OWT string| partnerName string| key object| msgData object| __afflib object| G_options function| setCookie function| getCookie function| geolocationInews function| createLocalStorage function| postTagging object| affpbjs number| n function| toggleTabs object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _aff_pob object| affpbjsChunk string| nobidVersion object| nobid object| GoogleGcLKhOms object| google_image_requests

30 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 1D50b82c589cdb101a2eed81667030851
.inews.id/ Name: _gid
Value: GA1.2.1725991004.1667030852
.inews.id/ Name: _gat_UA-109056487-1
Value: 1
.ntt.inews.id/ Name: _ga
Value: GA1.3.1056399923.1667030852
.ntt.inews.id/ Name: _gid
Value: GA1.3.1725991004.1667030852
.ntt.inews.id/ Name: _gat_UA-109056487-4
Value: 1
.inews.id/ Name: _ga_10CQL436CK
Value: GS1.1.1667030851.1.0.1667030851.0.0.0
.inews.id/ Name: _ga
Value: GA1.1.1056399923.1667030852
ntt.inews.id/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.inews.id/ Name: pbjs-pubCommonId
Value: 216ada62-5d95-4be6-9398-be34ea700b94
ntt.inews.id/ Name: pbjs_debug
Value: 0
ntt.inews.id/ Name: cto_bidid
Value: LKUGil9vam96cjhocDRBZnBHOHhmak56S2hxZUJHZVRyZlNOU0JNeWNjc2NhOG5WVkVZT3ltWllJbllvMHRpVlFjaXBCOVo5ZVhxQm41NG40JTJCbGglMkJiREhJOHclM0QlM0Q
ntt.inews.id/ Name: cto_bundle
Value: sRudIl9qTmRKVmJaUksyUkxKYXJSTlFNSFJ6bEFqak1xdEo3alpWeWJPdmluS20xbDdZWVpLd3hPaklyNzQxd0JwM0k1aFF3MTBlJTJGN0pHcEZvNHR2aFprRVFhckdZUmliR3c5OXg4b21wOXN3eDhqNVFyQlRoc1JZN1Q2YjZ1UXNUNTZH
ntt.inews.id/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik96Y3RsTVBleGlVcnZTVnlHUk1rWFE9PSIsInZhbHVlIjoiNjFXMjFjMDZKRjRseWt4SzREdHhoVnMzcG90QTVVSXNHSTM1bkNnSVMzanliUFF5MkZoem9MbVVaSzN0RTJnZk81MEdPeDE3UTJLZHFibzBDMjFNR3R5bHRiUjVjbHFraGRPYUVkN0NBTmVGSXg1R1dZQ21XUmJzdE5SeURTS1wvIiwibWFjIjoiYmY4NzYzOWJlZmFlOTJmYzVhNzE2OTE1OGI2OTgwOWY3MjkyMTZkMjA0ZWQyMWE4NTZmN2NjMjJhODFiMzg2OCJ9
ntt.inews.id/ Name: inewsportal_session
Value: eyJpdiI6IjhcL05TQ0puZE9kQTBQbk9LZnVud3BnPT0iLCJ2YWx1ZSI6IjFqVjR4TmxENE1wY21kbm5UVXU2dnE0cTZVaTFsWHh1OXZ2N2I1ZEl0QVd2TGN2R3FlSWg0U2YwNDZsKzN0Y1d2d0crOUFiVmxUdDdKSG1uZWozOWlvc2xHbWhiUmpBd24wTXB1YktWWU1GRXRJYzIxRUxPeGpcL2xmQ0VySXhBZCIsIm1hYyI6IjZiNzc4ODlmNDk2OTZiZGJlYjM4YTExZTM2NmY5NWQwNDZlODA5NWQxZmUwMjY3YTM5ZWJkNDVjYWQ3Mjk4NzUifQ%3D%3D
.inews.id/ Name: __gads
Value: ID=cfca69241f4168a9-228991d75dce005a:T=1667030851:S=ALNI_MYOUiz2vsIbe0uEwMLdE347oJvcCQ
.inews.id/ Name: __gpi
Value: UID=00000b79a587d15c:T=1667030851:RT=1667030851:S=ALNI_MZOMHq0QlTXLJwEcpR14iiYE8lFXQ
.doubleclick.net/ Name: IDE
Value: AHWqTUkvRYKOu0U_p9e92XreFX2UmCdZNYcd0LZMyu07z8eYkBuuvGkIusrM2bK-6qY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.inews.id/ Name: ssidInews
Value: U2FsdGVkX18lNPFd3TfXHG+ADBN39dRMQyAsveHnLhK+Kg7ryUkHwVjfsGhhdfNsedEByFI4zSMwoUSXeElmUQ==
ntt.inews.id/ Name: _lr_retry_request
Value: true
ntt.inews.id/ Name: _lr_env_src_ats
Value: false
ntt.inews.id/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-10-29T08%3A07%3A33.952149506Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
ntt.inews.id/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-29T08%3A07%3A33%22%7D
.inews.id/ Name: panoramaId_expiry
Value: 1667117253993
.visionplus.id/ Name: _ga
Value: GA1.2.937407572.1667030857
.visionplus.id/ Name: _gid
Value: GA1.2.2000415379.1667030857
.visionplus.id/ Name: _gat_gtag_UA_111351533_7
Value: 1
.visionplus.id/ Name: _gat_gtag_UA_154114411_1
Value: 1
.visionplus.id/ Name: _gat_UA-111351533-7
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://img.inews.co.id/media/600/files/img/ntt.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://ntt.inews.id/?utm_source=inewsntt
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://ntt.inews.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4a6bd0f6c1a317568fc7171c68eb1e.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
analytics.rctiplus.com
api.rlcdn.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.okezone.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cluster-images.visionplus.id
csm.eu.criteo.net
d7dbccd0423f391f5ff096e4a45f0d37.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gamesx.rctiplus.com
googleads.g.doubleclick.net
gum.criteo.com
hbs.ph.affinity.com
i.buddyku.id
id.crwdcntrl.net
id5-sync.com
img.celebrities.id
img.idxchannel.com
img.inews.co.id
img.okezone.com
img.sportstars.id
inewsntt.id
match.adsrvr.org
mug.criteo.com
ntt.inews.id
pagead2.googlesyndication.com
pict.sindonews.net
pix.eu.criteo.net
platform.twitter.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.nl.eu.criteo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sindikasi.inews.id
sindikasi.okezone.com
static.cloudflareinsights.com
static.criteo.net
static.inews.co.id
static.mncnow.id
static.rctiplus.id
statics.indozone.news
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.mnctrijaya.com
www.rctiplus.com
www.visionplus.id
api.rlcdn.com
static.rctiplus.id
www.visionplus.id
104.244.42.8
108.156.60.100
13.32.27.98
142.250.185.98
162.19.138.82
178.250.0.157
178.250.0.160
18.116.181.226
2001:4860:4802:34::36
2001:4860:4802:36::178
202.147.193.157
216.139.248.131
23.35.236.201
2600:9000:2057:4400:9:965a:8240:93a1
2600:9000:2057:6a00:e:c3de:61c0:93a1
2600:9000:2057:7a00:c:5e3e:d280:93a1
2600:9000:206f:2e00:1f:824e:58c0:93a1
2600:9000:206f:6a00:1f:4c6b:cc00:93a1
2600:9000:206f:b400:11:320f:7780:93a1
2600:9000:206f:e00:15:c3e:78c0:93a1
2600:9000:211e:4000:1c:7874:a680:93a1
2600:9000:211e:5c00:f:e29d:1c40:93a1
2600:9000:214f:ca00:c:4bf0:5680:93a1
2600:9000:214f:d800:1:b1a4:2f40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3030::ac43:db17
2606:4700::6810:3865
2606:4700::6810:5914
2606:4700::6810:7caf
2606:4700::6811:180e
2606:4700::6812:1d64
2606:4700::6812:b80
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:812::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9c
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::8
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a03:2880:f245:e0:face:b00c:0:4420
2a06:98c1:3120::3
2a06:98c1:3121::3
52.223.40.198
64.185.181.185
79.133.177.229
79.133.177.232
99.80.121.57
99.86.4.2
013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8
01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d
0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5
0416e608f97f9b7f285fdd202934b097ce44f03f9dd1059d25d373d1c994defe
06d5e900c5685575b0e48fcafe8796d9bd867da00b908577056cd2b4861193d5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b51d2a4419d2eba7f4deaceded280f509d0b203fcbbe02b39e25d0b1ac7ae1e
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646
0e953ab8e286f44014b6ecd81336c603f999410ed6891baf8d499c6f17f01947
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3
10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d
1115cc530a4d36e5c02657ad36265099d2c5bcbb0e700ee98dba99ca1f5b11bf
11c9a5799ba21879c76a3864f8365937cf3c2ec8cc0223cc595e8b444f9ed13a
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1238832e1e82c1913c7d8303664ddb5f37d78b30e2b657b88ca41334261a39b2
12c3cd78874d03008bd2d81d65b41c683e18dca113e63e38cf690e97033f7087
12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c
136815ea6f2e5f4eecde02c7c8f0df9d8fb56bb63d052a67895ca79ae0ff948e
1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1769a8f2cbf5d3ba25c4ed2830ce5b2aa3781f2a6ed7e1ad55788f08bd2bb190
1a49cdbebcde43cb05e89aef96d90b975079cf50620e34eabfa1aae493fab4f7
1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f
1d9aee9c7463bd35f930878be886e5ee224aa8c9800331d699b91a28ceccdf1d
1da9e1e28bad9f2fad31f35e469fd526f703fea04594baea1cdac45ee1ba82b5
1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138
1df34459b00e508765176776a9c4a0e20a5a6f7f3b329575f421b6657f7b3158
22068e7c540f855f8f3bdd278a567a9f5d5bafd745e80af54e76343639a64473
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
22b93ff5cd82f9672dbdf4807e811abb9dbfca3e67346d9d2bd3b088ff5c4cac
24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be
24adce822093e88af7a92f2044810da046f9117bcb45243d8a0d674fd935bcea
250d195bc836ba04598ee30b15927eb4507eda10555693012685f5eda5d15867
2540509a5d6cbd7c0a12c0924e157f3df2b01e2e7011b0bb061b2f10600e8698
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e
25a7c90dad907b924c8fc5d7818883958f27f252aeea7a890637e128878ff5be
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724
28c69adc39d893dbdddc89e68b5c62cf6a041a048fd128e68aaa19349c3b4e8e
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6
2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879
36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e
399df4ffb74468b7e1771d90241c65fa17b40df94a37414a4c86ef1a189048a7
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1
3ff16dfdf400e473a6293e2b10aaca79de24926eb19bc349ab8ae8311f28295e
415a5743b92d3700a3f583d4bed31a1891987799ce2b2ecb103d258161ad6c4d
42d28ddaf2de66f636735d59858ed6a65a5ad7b9a0a7fb76c5cec2667a7b2160
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a
4baceec8a9dce4ad13b5dbaf2963ddf2f466e8bf8ce436e60b9515e97b3efc73
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f
575110d3e1cf42a596deb7175d71b07a8d951461dfd279df8f2dc3b07d61afcf
58174fa028b2681d2f4ca49c97cca5ec0967c1429ac25487826ccf0e2f8afc0f
58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
64d315994da14bb2f433e0abf69714d6ec19be4a4a21e702d51c6586fb10fce3
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
652c8f0343aec1affba448ff7bf69ad1de65a37b6013066f58575d766ba91edb
653495662f9dba415d1f5263554c2fe752b0c1bb427271ce7ea77c0eb631746c
657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075
662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2
6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c
665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16
67f7aefd6a29b8d3db7fa4ec0999b3919a88252b738dffac9d403365ae56fd86
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe
6cc4f71a61eaf27f7bf71e09195170d1970d1a5534a6fd3520cfa7fd96678243
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
6eb601de98ce4c6b6b3c261c9ef690f5e7d0f1748e6604fed3122ae6efd51296
717b2130ff739397eec8f17fe26cc7b8f4f7ed2c92e65ce77b49bde27b367f24
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446
74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e
7840a4178ff600d15cbde08845e24d521cca368a0fb41f823f83852d613926f8
79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7
79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427
7a9fccc53c5bbfb0423017d4e08833868354aa92e33b3f7c88f9b1e586de35c0
7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321
7d5b5acc6daa52a792d21dcf562b49e7174752ce8cd7e5a2d2a99120bde2f48f
7e667c6605e929d7ea78be2628f5bab68b49068479bfb0c60660be3a7b3d3dd2
7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38
823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8
8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef
83bc7f39d7324eaeff30ed92ba481e3e7df76caf527c64ad75ad382695537cfa
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
871928124c98ed7bd63e9a5a1d80c530343b3478bd92372d2a3320351ca44bc9
87214f41e69d0b24eb1102e938b1862fc8d4411a015710c17b583b3f3617ad5a
88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13
8bd3e7aa12fabe17eaf829bac89e815ad15c5e2a730376ff4fe68d53a4bcb537
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eec4c634ff559c18a211db765d67d4a3a99f7423aea7ca2e2566bebc9f43b73
8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520
91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6
9203f46cc5c2225bf217c554db122d14db6a1a33509b77fce9d95cfda2ae686b
9220ec8cd29c7b8335c3bcb2dbc06fa1507a6baaffe440efde003b1c093bfddd
92e1aeeead621f3c3d80c6dbfc82a163aa5f5ff01d9f1453592d955c9bcf292d
937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd
939ead4c334285d5c6145a2dee956e5c9ef0b802651cb3396d4aed07b5d41303
9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242
95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd
967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba
97cae52e82c98d08065ab910fab3cca6312087b28166c64e4f4835047764bdd3
9921378a24a5dd5ad719783a2030fa9692d6a78f80af2c9387e02998ecab52d8
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6
9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9c292021acd59afe773a1e20511239c9f14fcaa44593113ead31e2534e6a1e3d
9da09bc10a8f09d9ab33a5249004edaa27cc08d1b0052d2ec4e08c3b7538fa5b
9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938
a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80
a1b5849b2b7261637d488dade2254dd3cd72460a42115f20a05ac2c2d91d6bd5
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35d0ff99aeee019b274ace7ab125685985d5a1bbeaed39a6332465ae8fd3efd
a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aab98033c7e75895e1e2ac649cf03b5f5d4d81489e0269116024ff1726c3a262
ab12671bc53e258dfd70e2b9e9a9399435a2fb435ac4a563a9e82c4d0743bc62
abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72
adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656
aeb2956784c4ece3469a3630fb534ff0da3d99b5fa9e737026f68b27cf04dccd
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b456dfad452a3a867c7164de88cde35b22eca71b1f412f3c1c3ec31bbc6227e4
b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb
b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618
b9121d34e7a3588ef5e6b58d05a4f0ceb22af79c1d978e3711f343814123bd34
bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033
be23725c0bc44744f3cb4cb0dd193e5d02b8953e1e141c0fb3b20ceb05f237cf
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da
c04248bd8bcd44caaccb2e55560a1568acfc95bf7a28d98d617a0a4e65905db5
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215
c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b
c6ce4760ee91e00f1abf903178f6b224c36384ff941e7071fb114b4883d30630
c75c249a997462c66a5e289ff7f7d3cd3ffc27cd34de12197bfab60b9c66ffdc
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca
cce982e6b94d79448f7cdd9922a3c7dcc8a2decb276fafbe3c299e08d2d25cd7
cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13
d2c78ec9b9b0440b897acb03c5077a0201b36feb4b3723b1e109250d6bc596d7
d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460
d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1
d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d94a580a9519b03cb06fa57722ac3f0b81ac6326e3fbc64a2145dd85a0191eb5
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d
dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4
dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e2c4426138b2e8146506072742da93df24ef9b21913076906becd1db50108fca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d
e5ba3f57c4b22922d41bed7f247fbfcd228bb7a8fbc575a0872114a1807d54db
e6d1c29dc9d38f999ae4c2cda3884effa8e17b0bb80054fb30cdc1e50908671f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e85839289d5f6329c7233cd33a93ee054935bcdff7285e739b49b392decabd02
e92bc51e1e95183013312de1d86bdd4d90eeb1e89cb1d74ebf6f81c439dd5c66
ea3798f211a42660bfc7a83f62be15b6e059f118090173568d4697f804da6ef0
ec10fe85b10a44f96483c146e2d6a86d3a76092197ead00c969f2b28f5e4ca91
eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed5db3b7deeaea97c67dce18ba6e91d4f99024debed541f22d16dc6740ae522
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0720958fb14bda851435ca2132f557f9bcef2e4fb374ff19c91302983e23553
f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740
f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a
f0d59699774f36ddc8514f1e7bd9695a3f6eb00cc1f2d85caef41f0b2437073e
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a
f23a95a9884d41519be01fd8896bbd3393a4ab605a159d517af10d56520d9de1
f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76
f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827
f3c663a7c68483722dd841b8a6aed8b2e41fb1678863490a9ffbd5e5ce809032
f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790
f59f40c40baaf4eefac87dd126ae51f8bde7f1e1cc7b80a4804df050f0817dad
f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8
f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2
f81e5b0bea04f4401a50ac1107f3fe016167d9ced3c574048da67ea97fb58d11
f8302438f17701052025b08a5491a812d5d3e129c1a0ff1ca496c98be1b1fa44
fcd284c04cfa73be86d88ef2d5e94f9b03f30d3b3a54aef0f23df7db9f564131
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4
ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a