mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.deimoney.com/b17DTQzQ
Effective URL:
https://mbantul.my.id/
Submission: On June 22 via api (June 22nd 2023, 10:15:19 pm UTC) from US — Scanned from SG

Summary HTTP 177 Redirects Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 51 domains to perform 177 HTTP transactions. The main IP is 2606:4700:20::681a:6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 639315.
TLS certificate: Issued by GTS CA 1P5 on May 7th 2023. Valid for: 3 months.

This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:3:c... 2a02:4780:3:c141::17	47583 (AS-HOSTINGER) (AS-HOSTINGER)
30	2606:4700:20:... 2606:4700:20::681a:6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c1a::5f	15169 (GOOGLE) (GOOGLE)
5	13.224.249.124 13.224.249.124	16509 (AMAZON-02) (AMAZON-02)
1 8	2404:6800:400... 2404:6800:4003:c0f::63	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
9	2404:6800:400... 2404:6800:4003:c03::9a	15169 (GOOGLE) (GOOGLE)
3	2406:da12:fbe... 2406:da12:fbe:4202:809:c2f2:90f7:4c91	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c01::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.249.123 13.224.249.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:200... 2600:9000:2003:4c00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
1	52.76.166.242 52.76.166.242	16509 (AMAZON-02) (AMAZON-02)
3 4	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	23.50.93.199 23.50.93.199	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
7 12	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
4 14	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
2 2	104.254.148.251 104.254.148.251	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.83.196.24 104.83.196.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.140.170.140 18.140.170.140	16509 (AMAZON-02) (AMAZON-02)
1	23.106.127.39 23.106.127.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	184.26.21.27 184.26.21.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
1 2	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1	202.241.208.2 202.241.208.2	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 2	124.146.215.42 124.146.215.42	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	104.69.166.9 104.69.166.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	3.37.143.130 3.37.143.130	16509 (AMAZON-02) (AMAZON-02)
1	13.115.146.23 13.115.146.23	16509 (AMAZON-02) (AMAZON-02)
1	23.59.168.41 23.59.168.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	13.213.110.67 13.213.110.67	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	35.157.108.189 35.157.108.189	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	38.133.127.63 38.133.127.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2600:9000:223... 2600:9000:223b:7200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1413:b00... 2600:1413:b000:1c::17d1:2ed9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.254.193.145 54.254.193.145	16509 (AMAZON-02) (AMAZON-02)
1	18.140.107.66 18.140.107.66	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
1 1	2406:da18:929... 2406:da18:929:5a03:6c9d:f3f0:968f:3290	16509 (AMAZON-02) (AMAZON-02)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	13.224.249.64 13.224.249.64	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c00::9d	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c05::84	15169 (GOOGLE) (GOOGLE)
1	44.230.126.114 44.230.126.114	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c00::9c	15169 (GOOGLE) (GOOGLE)
177	67

1 2a02:4780:3:c141::17 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

link.deimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)

mbantul.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1a::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.249.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-124.sin52.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c0f::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::9a (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da12:fbe:4202:809:c2f2:90f7:4c91 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-123.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2003:4c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)

df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.166.242 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-166-242.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::9 (Japan) 3 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::9b (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.93.199 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-199.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c00::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.158.64 (Singapore) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.125.200.156 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.148.251 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.151.120 (Los Angeles, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.83.196.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.170.140 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-170-140.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.26.21.27 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-21-27.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.106.89 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.2 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.42 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.37.143.130 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-143-130.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.146.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-146-23.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.168.41 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-41.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.110.67 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-110-67.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.108.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-108-189.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.133.127.63 (United States)

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223b:7200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:b000:1c::17d1:2ed9 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.254.193.145 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-193-145.ap-southeast-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.107.66 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-107-66.ap-southeast-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.122.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:6c9d:f3f0:968f:3290 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.249.64 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-64.sin52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c05::84 (Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.230.126.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-126-114.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::9c (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	mbantul.my.id mbantul.my.id — Cisco Umbrella Rank: 639315	1014 KB
25	googlesyndication.com df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133	105 KB
17	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	309 KB
14	rubiconproject.com 7 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	18 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	707 KB
10	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 ads.as.criteo.com — Cisco Umbrella Rank: 12357 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12627 widget.sg1.as.criteo.com — Cisco Umbrella Rank: 22989 dis.criteo.com — Cisco Umbrella Rank: 601	31 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	33 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 csm.as.criteo.net — Cisco Umbrella Rank: 12668	65 KB
8	adop.cc compass.adop.cc — Cisco Umbrella Rank: 61081 data.adop.cc — Cisco Umbrella Rank: 67483	11 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387 us-u.openx.net — Cisco Umbrella Rank: 492 jp-u.openx.net — Cisco Umbrella Rank: 9796	2 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 337 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 secure.adnxs.com — Cisco Umbrella Rank: 476	4 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	25 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	1 KB
3	socdm.com 1 redirects adgen.socdm.com — Cisco Umbrella Rank: 18008 tg.socdm.com — Cisco Umbrella Rank: 1091	2 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 20164	1 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 662	876 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1485	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	737 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	83 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	25 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	3 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 637	337 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 408	515 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 7500	142 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2146	634 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2951	259 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 761	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 763	287 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 246	668 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1189	882 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 426	439 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 617	659 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 4122	412 B
1	dable.io adx.dable.io — Cisco Umbrella Rank: 13830	141 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 653	547 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1976	278 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1302	230 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572	606 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 645	791 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	deimoney.com 1 redirects link.deimoney.com — Cisco Umbrella Rank: 736598	503 B
177	51

	Domain	Requested by
30	mbantul.my.id	mbantul.my.id
13	tpc.googlesyndication.com	df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com mbantul.my.id cdn.ampproject.org
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com mbantul.my.id
9	securepubads.g.doubleclick.net	compass.adop.cc securepubads.g.doubleclick.net df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com www.googletagservices.com
8	www.google.com	1 redirects mbantul.my.id www.gstatic.com www.google.com tpc.googlesyndication.com
7	pixel.rubiconproject.com	3 redirects ads.as.criteo.com mbantul.my.id
7	cm.g.doubleclick.net	4 redirects mbantul.my.id google-bidout-d.openx.net
7	static.criteo.net	securepubads.g.doubleclick.net ads.as.criteo.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	token.rubiconproject.com	4 redirects df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
5	compass.adop.cc	mbantul.my.id compass.adop.cc
4	gum.criteo.com	3 redirects static.criteo.net
4	cdn.jsdelivr.net	compass.adop.cc securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	3 redirects
3	s.amazon-adsystem.com	2 redirects
3	data.adop.cc	mbantul.my.id
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	s.ad.smaato.net	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	tg.socdm.com	1 redirects ads.as.criteo.com
2	ups.analytics.yahoo.com	1 redirects mbantul.my.id
2	eb2.3lift.com	1 redirects mbantul.my.id
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com	mbantul.my.id
2	x.bidswitch.net	1 redirects mbantul.my.id
2	eus.rubiconproject.com	df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com eus.rubiconproject.com
2	www.googletagservices.com	compass.adop.cc df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects mbantul.my.id
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	mbantul.my.id securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net
1	beacon.krxd.net
1	dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	mbantul.my.id
1	e1.emxdgt.com	ads.as.criteo.com
1	sync-criteo.ads.yieldmo.com	ads.as.criteo.com
1	ade.clmbtech.com	ads.as.criteo.com
1	simage2.pubmatic.com	ads.as.criteo.com
1	sync.outbrain.com	ads.as.criteo.com
1	c.bing.com	ads.as.criteo.com
1	exchange.mediavine.com	ads.as.criteo.com
1	idsync.rlcdn.com	ads.as.criteo.com
1	ads.stickyadstv.com	ads.as.criteo.com
1	cs.adingo.jp	ads.as.criteo.com
1	adx.dable.io	ads.as.criteo.com
1	tags.bluekai.com	mbantul.my.id
1	adgen.socdm.com	ads.as.criteo.com
1	criteo-sync.teads.tv	ads.as.criteo.com
1	sync-t1.taboola.com	ads.as.criteo.com
1	rtb-csync.smartadserver.com	ads.as.criteo.com
1	match.sharethrough.com	ads.as.criteo.com
1	contextual.media.net	ads.as.criteo.com
1	csm.as.criteo.net	ads.as.criteo.com
1	widget.sg1.as.criteo.com	ads.as.criteo.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	ads.as.criteo.com	df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
1	mug.criteo.com	mbantul.my.id
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	link.deimoney.com	1 redirects
177	76

This site contains no links.

Subject Issuer	Validity	Valid
mbantul.my.id GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
adop.cc Amazon RSA 2048 M01	`2023-02-28` - `2023-10-29`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2023-08-01`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2023-08-05`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-02-03` - `2023-11-21`	10 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
adx.dable.io Gandi Standard SSL CA 2	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
colombiaonline.com R3	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://mbantul.my.id/
Frame ID: 66DF72D6128ED9D5882349043F565C76
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=8euuvsnor319
Frame ID: DBE1B2329A4094FAC027BB892B5F1A05
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: CC7DE7E2522F57AE0466547A6AD95D82
Requests: 4 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: 811DF7C1913D4FE950718BA7F1268FA8
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_
Frame ID: 69B2C3C6913E5129E4C460B8B3DF8972
Requests: 3 HTTP requests in this frame

Frame: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6B56ADD5D7159F13C1E73EC9959A6206
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: 84A5C72C30819C97C1120CE64BDD3926
Requests: 2 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: FEE02F3C408B861626ABE9291E9C5639
Requests: 11 HTTP requests in this frame

Frame: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 26701040F38ACFAA9643BB575D72F103
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Frame ID: 7E6DDE6504E2695D45429A940D014D75
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Frame ID: 1A475C142C75B74D1AFBB08371097C70
Requests: 10 HTTP requests in this frame

Frame: https://widget.sg1.as.criteo.com/dis/dis.aspx?pu=65968&cb=6494c7f3181ef28365d47ded9750038b&r=https%3a%2f%2fdf4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: 08C42BDBCE84A3BE64F2470D148AB353
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30
Frame ID: 76EA31C56C860833F872606071161834
Requests: 30 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 654D725F864868A03A62B9696DAFDB25
Requests: 6 HTTP requests in this frame

Frame: https://dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 739D3736A83BB58D49E7901E92B4B397
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E3A76E4010D74194C55543BA7187049
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DBD0D50BEE9103B20CB289AAA0556E15
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC7ECBFF48EE904BC96D2FA951DE95E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F41C493E92D83FB07FD833DC7097467
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: A96EA2D1F27EEDF3E67749B02B81E0B5
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXB... Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

177
Requests

85 %
HTTPS

38 %
IPv6

51
Domains

76
Subdomains

67
IPs

8
Countries

2577 kB
Transfer

5322 kB
Size

77
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw== Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==

Request Chain 73

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

Request Chain 74

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qN82sXxyOEpNa0JaSDQ0QnZJV0lvVWtHa1Nnc3NEV0lLRklES2hDT0hvMkhwVi91WU1wdm1rcnQ3Tmxvc1lXaDJURWlHWXFzT1lqTkFvcTlvbDRSTUZ4UC9acHNtSUErYjVvazcwTkFUUWdqeXl0d1k5SjFBUlhMRjJaMnBpazh6d0xvMkN2OXFnK1J2WWROU01PTWY0N2lQN3NzQnlUOVZKM0lZY015RGZwZ2NkdGcwK1VxNnhBT0kzVjJlQlNraXE4c2E1L2JSU1lTWnJ6V1NoU3cxS3ZWMm14a1J2aXVRL2l2QW9IQ1VJZ3M4dWxIdVZZR3dQOUMwNmxXTE8zSW9HSXFuSlAxeHN3QnBuQXJBZ0RaYmYwZUVEUT09fA&cppv=2

Request Chain 98

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_cm&google_hm=ay1KQWo5M1owS2hUREoxOTlpYTA0MWVTUHZONko2andMX3J2MnBGdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_gid=CAESEP7Hro3L02cXkVm3nS3Ssvg&google_cver=1&google_ula=913071,0

Request Chain 100

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5320890624632815736

Request Chain 101

https://secure.adnxs.com/setuid?entity=52&code=k-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw

Request Chain 108

https://eb2.3lift.com/xuid?mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 109

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw&verify=true

Request Chain 112

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=O-FN5h-w1T0qXWM4Byr0GOMa2ZhcCv8t

Request Chain 113

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag&C=1

Request Chain 117

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg

Request Chain 123

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA&cookieCheck=1

Request Chain 127

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T90PNmuMSpOuCxSjxp5M_w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T90PNmuMSpOuCxSjxp5M_w

Request Chain 128

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ7PBT70-1Y-6NQK

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMv3nERi7xbDPDjz_t3fOE0&google_cver=1

Request Chain 130

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81007948-466b-4ec5-846b-a0cee9cc3ef4&gdpr=0&gdpr_consent=&expires=30

Request Chain 131

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEo3UEJUNzAtMVktNk5RSw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd4bS9-V6wEiTjMktDEBMc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo3UEJUNzAtMVktNk5RSw==&google_push=

Request Chain 132

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhhODQwMTc3MDIxMTczNWIyOWU4ZWI5MGExZGE3MjMwZmZkZDI1Zg

Request Chain 133

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XANguBtzToWCfp11uE06mA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XANguBtzToWCfp11uE06mA

Request Chain 134

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/wj63pH7eh4OlTmlBBgLsrMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eKXmPndE2oJUOFeOMlD8PZVZGl.94QNsHHFveg--~A

Request Chain 136

https://match.adsrvr.org/track/cmf/openx?oxid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=81007948-466b-4ec5-846b-a0cee9cc3ef4&ttd_puid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0&gdpr_consent=

Request Chain 137

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZJTH88Co8YEAAJamc3QAAAAA

Request Chain 138

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab16FhqGAm8iks8AD7MOqxDZ4s8AAAGI5S0Qng

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBOk9Y79LPmkV9mdUbPKSo&google_cver=1

Request Chain 171

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=enLjSPv1omGqRGP8vMaexuU9NPrqI-il

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

177 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
mbantul.my.id/
Redirect Chain

https://link.deimoney.com/b17DTQzQ
https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==

555 B
830 B

488ms
468ms

Document
text/html

2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7db7d93c3a4346cd-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Jun 2023 22:15:12 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHsLmo1jIvusfZpBfE14L5q4BtGu6mleHwodnuAyyQzQZskqQ5xZuxhBlzFlhZ1rHiLv8ETvvXU%2FWdgQ%2FQjL%2BaEVjawo%2FT0L89rgpAgPrq%2F0pwHqMJYynyiCtnl7riIBDm8pq3tuBCnDLXM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Jun 2023 22:15:12 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
mbantul.my.id/ 1 KB
1 KB 537ms
537ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9f467101ddc83a53918a534a7eedfa399604276a5f44a110f362c58cbad2dabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7db7d93f4b4b46cd-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Jun 2023 22:15:13 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIgZEtIKWnoWR4BHN8BqRC%2FttH0kOrh19PotoVdeMQuQVRYsP7TCQkD3zTfGW6dOCkwqbpGuIo%2BZFQKEzkgqnsIAot0AVyXgnP%2FJLfE6ySU41IOwpTG6%2BNZ4kKWs1CTXGPaKgYFPSgt%2BtMo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
mbantul.my.id/ 135 KB
39 KB 104ms
104ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c564d6c8e9ca2303771f490cb6942d9623fff7f3df0bf9ac87bef290c059ec70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7db7d942ccc946cd-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Jun 2023 22:15:13 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GJnrYNAkdmjsX6bDjKri51N5R2CEWzDRsI8nhyDelOEL9KvtNk6JEPKMJt9wiJ3At1BJcTUoXorfw7OdHmv80JX6po2srsZ1WpF6wE5NLof3%2BRfsRPoJjGUBzo63Fm%2FEllFn8Q4N4azc3g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 11ms
10ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459704
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 22:52:38 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tag1aqPsUpwO0WdAcN1ebHd9FdWM3JWUwq7y0sjdNfpvqikiq0cgcIr5bhgG9ZLY2uDYd0BXvvzW4uBycGFiBMai8DemPaOYhjiNzpypk0%2BtwmGr7TMQPDAu%2FeqnjVMdYBnBFokL9PIVbPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cf946cd-SIN
expires: Sat, 24 Jun 2023 14:33:29 GMT

GET
H2 200 classic-themes.min.css
mbantul.my.id/wp-includes/css/ 291 B
560 B 9ms
8ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459704
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Feb 2023 19:20:20 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv2Q0LUr%2BABUZ7ozF5Ns%2B193txwF1s1ii7tJ1vtGV%2BbV4ugwkd4Ga0djkq4GFbvmZjq0CN3VlqczE5jzW1Y7R6MRIDZ8Ugdky2t1d7Xjo24MhubN5MdjJR9Xz8rF9Ab3nL82dNgDZfvH3Sc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cfa46cd-SIN
expires: Sat, 24 Jun 2023 14:33:29 GMT

GET
H2 200 style.css
mbantul.my.id/wp-content/themes/gridmax/ 88 KB
14 KB 13ms
12ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/style.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386897
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joegzyylJlJa5%2F2wKeunHlv3rLJhTLizwfz6jsJn%2BqkZVBTwnT5GGdQmyJGmOV6MJn6Bnmnejxh%2FrYFxPMbKQfPBNztcWdw7o6Xm1zxjtxhBkbMMRoEZce398uOLhlMCGKEg2u9bKAS8ar8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cfb46cd-SIN
expires: Sun, 25 Jun 2023 10:46:56 GMT

GET
H2 200 all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/ 56 KB
12 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386897
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QW3MV3%2BmJFPBJsFZ1rM3m6zv41PfQbXy81b9xMqoNYKaeJjddMh0qabozNed53872xdvUDqb2VKv5mTR0szvB39L7lmnOioggqKAUwUCfm6JD1XynJXQQmnRR6439U53QLtUylrzSFei7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cfc46cd-SIN
expires: Sun, 25 Jun 2023 10:46:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 25ms
7ms Stylesheet
text/css 2404:6800:4003:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 21:42:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jun 2023 22:15:13 GMT

GET
H2 200 jquery.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 88 KB
32 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157293
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Mar 2023 17:07:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N9rBWIP9aAn9C5%2BBsiF4DbzLQ3jQWDnn6sKimroWFJwFHJnQrT4qjsXoa5UDDdb5kT9JJLPmpM12J8glrsOCPs9sRWDqFyEx6L2n9Kh4JeopwPEtg2xPlPWqcaX1Guy7753DSUAcfytlmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cfd46cd-SIN
expires: Wed, 28 Jun 2023 02:33:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 13 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386882
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 19:29:16 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE7le3%2FIiu5Tm5PMzVB2VLlo63y%2BNBj3mSn9JwYEdaJYnWsapErr05ju4pKwQxhTJaciNi8FdbBQrYAcJbksX5xwfc%2BhusInUJ%2BMp3wkCKmwEkuDFV9YSO0aiGE8RC9wOghEuyrk5%2FSjIzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d9437cfe46cd-SIN
expires: Sun, 25 Jun 2023 10:47:12 GMT

GET
H2 200 cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/ 2 KB
3 KB 16ms
13ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386899
x-powered-by: Niagahoster
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:36:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoc8HLYeMTmZNEpGqyM%2FzHBVLVeezB%2FeMppbMLV1%2FnYqFxv007Uki2A2%2FHRExopTwJ9RqF4Rgt2atLR%2B5FLDscm%2BB1sBL7Lnfs3oNVbJ7oBCtBTRl%2FbaUoqACMSdKSYHeVRN8nDwmBntDNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d943dd1946cd-SIN
expires: Sun, 25 Jun 2023 10:46:54 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ 3 KB
2 KB 744ms
7ms Script
application/javascript 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:06:05 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 561
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: 2kITuMpn5xTpQLydFEk8I2tV0KD9Y_Kxc9zmFvUHPWsGd-U5qIjZAA==
expires: Thu, 22 Jun 2023 22:15:52 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 853 B
877 B 29ms
6ms Script
text/javascript 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:15:13 GMT

GET
H2 200 output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 9 KB
10 KB 13ms
11ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196720
x-powered-by: Niagahoster
content-length: 9505
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jZ6kNAS7DT3TQISORI8w3w5pqHpEJckmRMY2GhU90n5qw%2FPj4WSG1VY2YoLkz0nO1%2FcT9zEa2aZSKrz0LHC121qEAy6hxSeS0Sv0SUvZPw2hAImue2mlqfa9bJn0qb4AkxJHLaJFu517Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d943dd1a46cd-SIN
expires: Tue, 27 Jun 2023 15:36:33 GMT

GET
H2 200 htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 73 KB
73 KB 14ms
12ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 74563
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:47 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POsJlepJ%2FMB5DfJtkFhzcpYR5z5uPnzm%2BlLpywLb5tSCSXPWlZ8ynnPgoHqvTB9%2F0nN6xlnq78c7gkR2k3ryTwjx4PRIzU1k0T%2Bv%2FyQEddJF1psqrbtTpsOd2dcwod0UGyBH3Tqdh4KbrFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d943dd1b46cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/ 14 KB
15 KB 16ms
15ms Image
image/gif 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386899
x-powered-by: Niagahoster
content-length: 14474
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uenPYjdr33iH%2Bya6YI8JrINd46uj%2FJL%2B7heem31jAQAjpcQWA%2FAqI6fy3ny75X08RRK4k28rIkXxBKpd8PT4P6u5ob%2FuDbdXTZ3TK0QKfO8Lwq4aksoTmTc5iHcjPGziLm24WrTN8hmM854%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d943dd1c46cd-SIN
expires: Sun, 25 Jun 2023 10:46:54 GMT

GET
H2 200 output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 10 KB
10 KB 18ms
17ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386899
x-powered-by: Niagahoster
content-length: 9923
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:27 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOeU5F6fFYhE1C7l1XT%2FYouqt8FPWWqpT%2FKydrI0JFWcQe8p901786kIC1B9TTBcHBwGnrKvN6Xu6rUfZ01rFuecNgf%2BkLQof8wwCjzUxLXUmLyMwGtgbzJEdmxjrmpfc3tF7HBzgs8%2FVcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d943dd1d46cd-SIN
expires: Sun, 25 Jun 2023 10:46:54 GMT

GET
H2 200 jquery.fitvids.min.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 2 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386889
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUfGtVnjnDtnoQw30yODLaCFVY8MjNfYZBZj44qmOLNvl3jcSdbpYBk0uI6mWGedAlEs4R%2FWxX1Ifn4OVfUPpSIK77Ff%2F3LUfDERi4396pUhrRofssaa%2BJrTf6rS4y7TnJwwSAwqh8UWKQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943bd1046cd-SIN
expires: Sun, 25 Jun 2023 10:47:04 GMT

GET
H2 200 navigation.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 9 KB
2 KB 11ms
8ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386899
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jY7XDHITEu%2BR%2F7ObSGVQbC4O5tnPYP9hcPAw4WZw1m2pHp%2Fn7dxgR7HoD6%2B3O8dX3g3VTpq%2Fti1AVYscNA7zZR6irCYQRxrN5gPJ1AyWXRRTPksi9sIxZRuC3RgovQvK6KqJ%2B4iwrOaar8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943dd1546cd-SIN
expires: Sun, 25 Jun 2023 10:46:54 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 834 B
778 B 17ms
14ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386888
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFoUbJ2fSwRtyRpZSJ1iQkUdhbJ08sDwH6RIBMNPUqtQOppDbqZS3G1vtwMbWWcmK2vFSHME7u4qYcrntI23S9fVf1HXvftndM8sehk0D%2Bv%2FsrCTcJoEnW6X9GT%2BnKwStoGU7F6mw0g%2BDxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943dd1646cd-SIN
expires: Sun, 25 Jun 2023 10:47:04 GMT

GET
H2 200 custom.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 6 KB
2 KB 11ms
8ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386889
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHl1kMI5AKRXYDu77TOLeDqZVju0MRTad5c5ttbYZcXwYLw1KgBmgcOqzgL2d6SuWDALNALnzuftZkCi%2FIEa6DNOIWsgxLlGftmpeDno0YF0xgZjuJMc9U8VOiwHZ0wuWmfDjySxteecMNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943dd1746cd-SIN
expires: Sun, 25 Jun 2023 10:47:04 GMT

GET
H2 200 html5shiv.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 10 KB
3 KB 13ms
10ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386889
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adq1p42oEpPWEpu9D2ow9AVfVHqaWID1zoWBd%2Ba8u3VbD5X30jUtPRC5QHl0doJfcgwgu5RkjNoazbrdY5W1WQCzYkCsWTFCIH1byTOBuEo8F9uFHDC7Zsn3z61e2ZN6w29GSM6HY5Dplwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943dd1846cd-SIN
expires: Sun, 25 Jun 2023 10:47:04 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mbantul.my.id/wp-includes/js/ 18 KB
5 KB 19ms
17ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459675
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 23:23:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22pQECwavooM1OZQXIfPXbDp7XECsKChycJ3hUxp4pVb%2FIfPvHqX6D2SqQk0lxOfn92dk7CeH6uuNvRxYYKLCFdNqlKfqWHoeAfjLBIQELFnVKvSmRgh03ShqCZ3gRNFaIryB9vlXzl%2Biiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7db7d943dd1e46cd-SIN
expires: Sat, 24 Jun 2023 14:33:59 GMT

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 23ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 15:00:38 GMT
x-content-type-options: nosniff
age: 371675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jun 2024 15:00:38 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 26ms
9ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 08:53:49 GMT
x-content-type-options: nosniff
age: 307284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 08:53:49 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v12/ 24 KB
24 KB 20ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 07:57:47 GMT
x-content-type-options: nosniff
age: 310646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24520
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 07:57:47 GMT

GET
H2 200 fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/ 74 KB
74 KB 12ms
12ms Font
font/woff2 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386882
x-powered-by: Niagahoster
content-length: 75728
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWzAOwEWAOFJ8nch0tcJWhvJe%2B%2BA9efZJh5rouPAAzUTEZ8uW9KYzazO3hVkWbhFUPDX8PWBemSxDBwbKkcbvaCQGbiq8TbblB725KbFxGlJoSrVWLuNEI%2FSa2v%2FLxsqCrYj8%2Fo%2FdAXv0XE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9487f0c46cd-SIN
expires: Sun, 25 Jun 2023 10:47:12 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 05:19:22 GMT
x-content-type-options: nosniff
age: 320151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 05:19:22 GMT

GET
H2 200 htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 84 KB
85 KB 11ms
9ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 86224
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8V0%2FiVoK5MOkjDA0YxpLZYJn8SsN53tljNGTdeuxErVCqso%2FwXIkvrT8rsn7O7HNCK5tEclhWDUX%2FOyjHIC%2BeHOE3jxgzhewPUCmjSjusGtr4WJo0OMKrvgQF3xDkrsoohJHHOHc1PVErk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1046cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/ 107 KB
108 KB 13ms
10ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 109683
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nF%2ByLucDWrSslfU2aSEiNaKmZTU45Ns0KmVBPcaaLznLHDnG1Tdk5aPhj8sKD7G1IWyRBBYGRj%2BRyGjrs28fu9QHMg5uIcIEzM1WPURjHxx2ZfYdR7xAiTrLk3%2BUzaHH2p3N7D8FwrmUx2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1146cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/ 87 KB
87 KB 14ms
11ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 88613
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMxRX0CWMrtRjayuvMrfX%2FAaO%2FtbLBDKiSdArrm9DXQ1qE2%2BGtSHdYr0L1LT%2BPtI3fq2ZvMW5ARF0UlbFkV6Ew1jGwHXJknJ3Dv0z8Ctik%2F2P9H5tbYaptE8iy16nukQxQfKojCF0NvAfZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1246cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 83210
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzkuNcEpHHyuszKtuy262XSYBXfeYwDw1NtArxugMzcBXGeQc8EsD4d1ucViQPvZSsP6MLoz8ePQblP%2F4YZlDqew2wAAdiyTitUYlN5js6T7Agt2dcaPxS6XTohdrFM6V8tXqKt8Fic1WnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1346cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 62 KB
63 KB 13ms
11ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 63746
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oDvyhhG3IafCBdESrHvHmqPNdyat%2FJGlqbmw8md76%2F44oqYw%2BswdbeS8W%2BCy13L1OZ1h2KbJwHM99UmR3ONdjE5O4QOVzbqaa6sTycLsxFFTRmKasEg2j8PznRpPEAtdGFMRdLY1peELQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1546cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 78 KB
78 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384007
x-powered-by: Niagahoster
content-length: 79469
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F96lc1Rrm9Nyo%2B%2BHp6P7o7CGXS5mvOA9Zi%2B%2FBFflNgHrFDfhAHirNvEQu3fLCJH4ghWe1x3CFC6BOxkfn97EGO%2FifCiRNKbsWYGAA3IPsN%2FINhc5osQ%2BTArhnpzyvWVIoS2qz6VOxltyzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1646cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/ 34 KB
34 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385565
x-powered-by: Niagahoster
content-length: 34306
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:55:01 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnXU%2F%2BPCcJRmGHe9Oz5wPftAV0K2BGnDKsvsm8cPKwDYfyPOf9tpOZlI9brJ7L0uTfCAkGtMBOAR4RDoW%2ByIQ310a%2FxsfG23S6ftQRldRi1o3gneybqRGOlBjr4kQZMbwXgnTFCBDvmsgcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1746cd-SIN
expires: Sun, 25 Jun 2023 11:09:09 GMT

GET
H2 200 htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 83351
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DheIuwVSdZx6nXZe8Nm5ZxlBT%2BOrPzeCAjEoaIX4ioQUx99rs0u2%2F0FJOS3DkkVnHpdjiN41z9XNtTkGbgubI4eg61aJihVwn82Rdma6XFSc7QtOV1390l6gCG1rKLqkVixH5qPRkAvAIqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1846cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 80 KB
81 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 384008
x-powered-by: Niagahoster
content-length: 81955
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvWSzX0cV3Gk9Ir1VcjgNdvY%2F7wXX0fh7aMBFgO5BW0gitFSYuf8fziyFLElwkhs8On9zyJPRvpJSUh6xGe5oQNub1AK%2FnSh5Sm1miL6O1QjQE7Ru%2BmS0OQcSGzOuvStI%2BT5T%2B%2BycxCIezQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db7d9488f1946cd-SIN
expires: Sun, 25 Jun 2023 11:35:06 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 424 KB
169 KB 19ms
8ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 10:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 10:26:49 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DBE1 52 KB
29 KB 23ms
22ms Document
text/html 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=8euuvsnor319

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cac8c36679a42b16ff45a022b39b0b363b827247869ac14b7f3bbf65e9e879a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KCPJW9RrRFHWe2AQe_-ZeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29174
content-security-policy: script-src 'report-sample' 'nonce-KCPJW9RrRFHWe2AQe_-ZeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame DBE1 55 KB
24 KB 11ms
4ms Stylesheet
text/css 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=8euuvsnor319

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 12:38:30 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame DBE1 424 KB
169 KB 13ms
5ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 10:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 10:26:49 GMT

GET
DATA 200
OK truncated
/ Frame DBE1 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DBE1 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DBE1 2 KB
2 KB 4ms
3ms Image
image/png 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:24:58 GMT
x-content-type-options: nosniff
age: 82216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 23:24:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBE1 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 06:58:43 GMT
x-content-type-options: nosniff
age: 400591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Jun 2024 06:58:43 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DBE1 105 B
136 B 10ms
10ms Other
text/javascript 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=8euuvsnor319
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 1; mode=block
expires: Thu, 22 Jun 2023 22:15:14 GMT

GET
H2 200 8e606d93-713b-41ab-8a38-28505529c9a1 Show response
compass.adop.cc/RE/ Frame CC7D 1 KB
1 KB 94ms
93ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 321bf51ad6744af7fb1bf3b911443da2a2218ad61b87f071d7ae3fb67d7f5de6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 607
x-amz-cf-id: x_9xjw1TXLXwSL1qORMbK849ckNOWvfkLAT3ywZw2BhkCmWIHdb_1Q==

GET
H2 200 ee2791d8-e821-4cfc-aae3-2e1c82f20b9d Show response
compass.adop.cc/RE/ Frame 811D 2 KB
1 KB 107ms
107ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 3a1d1b62c72e7d6a49d7cc23ff1e86cdba3e5664b93ea4b663a895804215d78f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 778
x-amz-cf-id: hZnLSkwxqptchqwquKOoWZygs7_J0MnqXe8Kv9Vh2A3yMdO_EbRMUQ==

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 69B2 7 KB
1 KB 10ms
9ms Document
text/html 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bf810051c369b655047a247b18e8962ce91c8028438201150f1f7eee9d02429

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PyMFyV7MyBbfiBKOpR7sYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1158
content-security-policy: script-src 'report-sample' 'nonce-PyMFyV7MyBbfiBKOpR7sYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 69B2 55 KB
24 KB 4ms
3ms Stylesheet
text/css 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 12:38:30 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 69B2 424 KB
169 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfAmbomAAAAAKSnfOPMC_CDfD3HgTGnHnuIdX5_

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 10:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 10:26:49 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame CC7D 18 KB
8 KB 539ms
177ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Jun 2023 22:15:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31889
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-bom4730-BOM
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ Frame CC7D 3 KB
2 KB 7ms
7ms Script
application/javascript 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:06:05 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 562
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: Ndt-K5xbIB165pzjr69I5fdDmHigb31tNjYCKM915LSNdjj6tICIZg==
expires: Thu, 22 Jun 2023 22:15:52 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 811D 18 KB
8 KB 518ms
176ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Jun 2023 22:15:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31889
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-bom4730-BOM
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 811D 77 KB
26 KB 26ms
9ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5188e89d434c9461b16c10048cb0740815ec7e0a56b7073241ea83bde76b4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26428
x-xss-protection: 0
server: cafe
etag: 83 / 19530 / m202306150101 / config-hash: 11591319961802778394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 22:15:14 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame CC7D 0
139 B 937ms
84ms Image
text/html 2406:da12:fbe:4202:809:c2f2:90f7:4c91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjIyMjIxNTE0IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYyMjIyMTUxNC05NmViZGVhYjA1MzQ0ZmI0IiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiI4ZTYwNmQ5My03MTNiLTQxYWItOGEzOC0yODUwNTUyOWM5YTEiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTQuMC41NzM1LjEzMyBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjEwMy4yNTQuMTUzLjIzMSIsImZsb2MiOiJodHRwczovL21iYW50dWwubXkuaWQvIiwiZnAiOiIwIiwiY2R0IjoiMjMwNjIyMjIxNTE0IiwiZGlyIjoidiIsInRwIjoicmUiLCJyZWYiOiIiLCJ0aXRsZSI6Ik1iYW50dWwlMjAlRTIlODAlOTMlMjBUcmF2ZWwlMjBXYW50ZWQiLCJsb2ciOiJiYXNpYyJ9&aid=1e7094c9-0ba4-4c30-b6a3-606687d53169&r=9OL3R6M
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4202:809:c2f2:90f7:4c91 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 collect.php
data.adop.cc/ Frame 811D 0
139 B 924ms
84ms Image
text/html 2406:da12:fbe:4202:809:c2f2:90f7:4c91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjIyMjIxNTE0IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYyMjIyMTUxNC05NmViZGVhYjA1MzQ0ZmI0IiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiJlZTI3OTFkOC1lODIxLTRjZmMtYWFlMy0yZTFjODJmMjBiOWQiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTQuMC41NzM1LjEzMyBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjEwMy4yNTQuMTUzLjIzMSIsImZsb2MiOiJodHRwczovL21iYW50dWwubXkuaWQvIiwiZnAiOiIwIiwiY2R0IjoiMjMwNjIyMjIxNTE0IiwiZGlyIjoidiIsInRwIjoicmUiLCJyZWYiOiIiLCJ0aXRsZSI6Ik1iYW50dWwlMjAlRTIlODAlOTMlMjBUcmF2ZWwlMjBXYW50ZWQiLCJsb2ciOiJiYXNpYyJ9&aid=e4d06a59-b94b-4def-8805-ef825a9d3434&r=tW235aP
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4202:809:c2f2:90f7:4c91 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ Frame 811D 411 KB
127 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 05:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62092
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 21 Jun 2024 05:00:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 811D 745 B
374 B 18ms
8ms XHR
application/json 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Thu, 22 Jun 2023 22:15:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 811D 107 B
456 B 15ms
6ms Script
application/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 811D 732 B
580 B 182ms
181ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Jun 2023 22:15:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 39331
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bom4730-BOM
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame 811D 102 KB
25 KB 29ms
16ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 75N1A2S5DC51J3VK
age: 2128
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7db7d94eaf924bd4-SIN
x-amz-id-2: dx0KJamILsNOV4AUmRi8MqqA8YYk7rQQ+7r4PoMkaOi9vTxD2ZjrEhgoVs5L6ZK2kbtDGc+axVPn4u7LFDBypg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame 811D 2 KB
2 KB 63ms
4ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:08:46 GMT
via: 1.1 google
age: 389
x-guploader-uploadid: ADPycdt_cIbSKMdKGgMbgE1VtfkyeMLlxF0xSqndngYST_1rypnVJ1GmooW9Hx2i15aVO6wPbiiJxBj1MpHkMzOnV8yiGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Thu, 22 Jun 2023 23:08:46 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame 811D 38 KB
12 KB 33ms
4ms Script
text/javascript 13.224.249.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-123.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 05:20:11 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 60905
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: EfkViQhj0jh3YF0HdRvCNCa-BumuX4HtifTWUG9ICJZeNSvDR0-PTw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame 811D 2 KB
2 KB 26ms
3ms Script
text/javascript 2600:9000:2003:4c00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2003:4c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 22 Jun 2023 01:40:17 GMT
Via: 1.1 3227fb8d08d4021d78aad88753ced298.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 74098
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: gGoHJ5eIMwIFRwPMRWUfMXg4eu5ldKzzl5zk1Rw24dRsTFOZnjAocw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame 811D 24 KB
8 KB 61ms
3ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 07:39:07 GMT
content-encoding: gzip
age: 225368
x-guploader-uploadid: ADPycdsadmXpcSypUfxH-jXYXgOEE1dj5vpj-4s8BMBe8nFQsV6XhOXydntj1wUD791-9gasIdwOvfOJSeJJdrEHefHc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 19 Jun 2024 07:39:07 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame 811D 42 KB
13 KB 21ms
5ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Jun 2023 22:15:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 811D 37 KB
16 KB 195ms
194ms XHR
text/plain 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3010233379210791&correlator=1692766692609623&eid=31070233%2C31061690&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fifs&iu_parts=223513049%2Cca-pub-5111137191506013-tag%2Cmbantul_pg_300x250_std-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3542551512&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687472114983&lmt=1687472114&dlt=1687472114228&idt=714&adxs=650&adys=2104&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=emie7ksosbzf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fmbantul.my.id%2F&ref=https%3A%2F%2Fmbantul.my.id%2F&top=https%3A%2F%2Fmbantul.my.id%2F&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&ga_vid=134025091.1687472115&ga_sid=1687472115&ga_hid=1360451667&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlZq0qY4xSABSAghkEhkKCnB1YmNpZC5vcmcYlZq0qY4xSABSAghkEhcKCHJ0YmhvdXNlGJWatKmOMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiVmrSpjjFIAFICCGQSGQoKdWlkYXBpLmNvbRiVmrSpjjFIAFICCGQSFAoFb3BlbngYlZq0qY4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiVmrSpjjFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fbac9c4db38bdc94930291c8784cec4c920280285f8d63abd0cd4960405c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 453438
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16667
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 748283
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B56 6 KB
3 KB 24ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:15 GMT
expires: Fri, 21 Jun 2024 22:15:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 811D 235 B
691 B 36ms
22ms XHR
application/json 52.76.166.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.166.242 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-166-242.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 93bace6bf59984401091a1a7715f1fe49b8676558c9a8ff4cc3f3735d38c952e

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache
x-server: 10.42.2.16
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 84A5 15 KB
6 KB 12ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 293420
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame 811D 0
322 B 1018ms
339ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mbantul.my.id
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 1573ms
1159ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mbantul.my.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://mbantul.my.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 22 Jun 2023 22:15:16 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: d9f74c24fa3ae49b9b114a72d19c5ddd

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ Frame 811D 221 B
315 B 1185ms
1185ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6c7a2f53a4553dd3f9ee47701fce2f1d9597f57ebcf67f54ca43d2dd261a403f

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Jun 2023 22:15:17 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 0f1c8d3e19177682a290043d26517912
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

GET
H2

200

esp Show response
oajs.openx.net/ Frame 811D
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

85 B
203 B

193ms
193ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7653eb326abe1c040cac93e1107bf82a219d5bc3b4af2d5e7e12a8f584fd9013

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-K28Hr4jb42NBy+4Um3HDx3J3VX8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mbantul.my.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mbantul.my.id
location: /esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

sid Show response
mug.criteo.com/ Frame 84A5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=qN82sXxyOEpNa0JaSDQ0QnZJV0lvVWtHa1Nnc3NEV0lLRklES2hDT0hvMkhwVi91WU1wdm1rcnQ3Tmxvc1lXaDJURWlHWXFzT1lqTkFvcTlvbDRSTUZ4UC9acHNtSUErYjVvazcwTkFUUWdqeXl0d1k5SjFBUlhMRjJaMn...

431 B
651 B

24ms
5ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qN82sXxyOEpNa0JaSDQ0QnZJV0lvVWtHa1Nnc3NEV0lLRklES2hDT0hvMkhwVi91WU1wdm1rcnQ3Tmxvc1lXaDJURWlHWXFzT1lqTkFvcTlvbDRSTUZ4UC9acHNtSUErYjVvazcwTkFUUWdqeXl0d1k5SjFBUlhMRjJaMnBpazh6d0xvMkN2OXFnK1J2WWROU01PTWY0N2lQN3NzQnlUOVZKM0lZY015RGZwZ2NkdGcwK1VxNnhBT0kzVjJlQlNraXE4c2E1L2JSU1lTWnJ6V1NoU3cxS3ZWMm14a1J2aXVRL2l2QW9IQ1VJZ3M4dWxIdVZZR3dQOUMwNmxXTE8zSW9HSXFuSlAxeHN3QnBuQXJBZ0RaYmYwZUVEUT09fA&cppv=2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

2d439a701cbe50053be072833477b8acb3333724f51e8d574197111d0bdc22e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1039479
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=qN82sXxyOEpNa0JaSDQ0QnZJV0lvVWtHa1Nnc3NEV0lLRklES2hDT0hvMkhwVi91WU1wdm1rcnQ3Tmxvc1lXaDJURWlHWXFzT1lqTkFvcTlvbDRSTUZ4UC9acHNtSUErYjVvazcwTkFUUWdqeXl0d1k5SjFBUlhMRjJaMnBpazh6d0xvMkN2OXFnK1J2WWROU01PTWY0N2lQN3NzQnlUOVZKM0lZY015RGZwZ2NkdGcwK1VxNnhBT0kzVjJlQlNraXE4c2E1L2JSU1lTWnJ6V1NoU3cxS3ZWMm14a1J2aXVRL2l2QW9IQ1VJZ3M4dWxIdVZZR3dQOUMwNmxXTE8zSW9HSXFuSlAxeHN3QnBuQXJBZ0RaYmYwZUVEUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 429359
content-length: 0
expires: 0

GET
H2 200 c71ba3ac-9bc0-4f9f-8ee6-57273080b78c Show response
compass.adop.cc/RE/ Frame FEE0 9 KB
4 KB 94ms
94ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=ftChifF4nawApbsCadfEeFlgiHnikaVRzbDM4cVZxRmplLytNQnEwOWxwdDdPYXBra0E2SkdiTHVVTmJHY2Zxdk42V3lsMDVnVFgxVGU2WVY5QlBFbw==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 7fea9db8dbd57851a0df866f1f8feb3beb60dd98bc3b0df34866d6aef2947905

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
via: 1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3018
x-amz-cf-id: 7uLU-vlQ-BsjMajOSTNdcdMkyGDCXW2wEfrYOQATclaP04zJVbWLTg==

GET
H3 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame FEE0 18 KB
8 KB 178ms
178ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/c71ba3ac-9bc0-4f9f-8ee6-57273080b78c?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=c71ba3ac-9bc0-4f9f-8ee6-57273080b78c&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Jun 2023 22:15:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31890
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-bom4721-BOM
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FEE0 77 KB
26 KB 24ms
12ms Script
text/javascript 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dc10fa8cd2c789fe0ff1cfe02d5bb0e025861f015192898fb1384265e2744e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26433
x-xss-protection: 0
server: cafe
etag: 160 / 19530 / 31075546 / config-hash: 11591319961802778394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H2 200 container.html Show response
df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2670 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:15 GMT
expires: Fri, 21 Jun 2024 22:15:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 7E6D 51 KB
20 KB 144ms
66ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw

Requested by

Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4ce544221c1b308ef554f61dca3ec40db585319ed144b44d1df4a50472d9231c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=qw8TJGBI461uDUyka4VSt2Xdx6f8niAxgFJGKKmbEDeYs_cJCn7SZWiDIs-n8n_RFa9-5yNhqXl-Ui6_-CrKI1Y6JYK63q6M0SIwTv09zlUiYf7-SJR6iTPfQoVzJEO7d-rJNoSbPkJGPAZVCsKUzRA--GSsSW1HIiMApZiaALUNk0Z6Gn2hUYntzt9ikBFxlW0FsEFi4I_cdEoBGYuB08QWxrE0Ykc10VbWQFazMs1zvrqf7LMylOpx10IEfp1bmz_y1g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4047245
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1A47 281 B
554 B 61ms
4ms Document
text/html 23.50.93.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Requested by: Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.93.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-93-199.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jun 2023 22:15:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 2670 3 KB
1 KB 20ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 22:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 22:51:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 2670 19 KB
8 KB 17ms
3ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 23:04:45 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 2670 0
632 B 78ms
4ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LJ7PBT70-1Y-6NQK
Requested by: Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2670 24 KB
7 KB 17ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 23:02:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2670 179 KB
56 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
DATA 200
OK truncated
/ Frame 2670 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a76f2b74f4871f929c0dbd1cf4d1724ab4166d267ee7d37592b226b5a97a7fcf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A47 34 KB
10 KB 5ms
4ms Script
text/html 23.50.93.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.93.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-93-199.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b94be52dc5d0bcc050d8b61f5cabe92aa5895a20be2fd222a522ac07cbd4c253

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 22:15:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jun 2023 12:31:48 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51352
Connection: keep-alive
Content-Length: 10113
Expires: Fri, 23 Jun 2023 12:31:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2670 0
0 13ms
13ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9B5L88eUZLuvAdu_9QPXrbCYA_7T969czs-92OoCwI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAaoEpwJP0HigLLEWjvxlmPv7Nf9Y5cA4lfVvo5WUeayJMagDpSFy4CEPjxUhpU4WgpuIjGDV7ta5M4F_i3VbJ5ierzrOD_IaSZfJ6kQoSrS8yAGAIb1U4E77dv_E2zoH1vaOlk_cB6XAzu2QZB35DMtRbw7MVJFAgl8bxbCaLUbLM20_x2bC0RmNe5IjK-kV5vUG4DK8LGZIDRoCw2HodVDRapMifGHSNokbh33QrROEA1V5oL6xro69PobUtlsqr5qk2tvxreL34-hWZn8ePJsD6Aq4dXDNB3R5sR0BTZi1qEtgNfQKd7Wmi3n3bvPcxnQ-QaeMbhWHNzvHsfJvc-b90n2wHVYmZvwnywGKwBSQQ5qjeYDbd-dbD_cSpQm5KscVznAC5DF2vdoN4AQBgAb6qYSm3sf69b4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTExMTEzNzE5MTUwNjAxMxjR1CI&sigh=aghYkdJfpfc&uach_m=[UACH]&cid=CAQSTABygQiDQhhTM2NRg7cArzB5bxEjhSxQj3_VgimLPCuQOK32mF9UM1qfJWYd5Mje0alRHOEjlchCe716YcclxdZyTTLSW2n4Jy22owEYAQ&tpd=AGWhJms7m2HftFm-RTl3-lFN2TMg7IB6kYrKykKeag3Ecw2ffUq0M1ckU6iwGezyft-mtkZAJitQXewJLl5S_drW5jEHSAP0LFs9traizAN3jg39qBHethLm-6UGOrYtMKIxQ7l3tNf2w0hvYDPWNE9e4OrEbStPm3lz9G4DqBKlOJNhOjqhmJXBJx48ppHYG8si1qHfhD4JtuorR6XnVMx0icPOGhUGcNXFKKzb1eCz00zLWzhTB1F9pFDa2MzkKFwwB0Yn49_5zvOTK2jo_sYOjhYoCEZSPot9sZ_GqLLiJccr1UD_sjywWI7fTyeuedJIrsk6Gp-XYE1LzBzNXyQXrQVRmUtdK-O1YM-CfvnHXJQL_cnMpYspZpmjAQM-1BvbsPz_VjvBP0e6A7Il2lgXR922gY2D8DAIfKUE5WQZLlq4msgN66M4293gbtLV8Gsa81iYiS_BsdULu0x5cWZSkZi4_FTeMiy0HetYPcwprEAmjwmvngy1Z83CT8KIPN6jUGwW-1GYPv17sV4HtKEtXmQmsnEGVEhi7lv8jg4HyNiA_Qqntyk-7emPa-8RXR1FhJN1WVG5_NvG1JgDG8rnLCmMO9S-U8brq9Iko6Rb3H0Pqj_E65Jyrw6beE1W2qrz_FYuxNvosYH7QNF_iWf6_zJmj9X0RKAtchUN12HctqlFAAtLa_Mf2n6ZFFempeYUy7IeY2etuiM5zeS7F5kPtMbNb7H9cEmNprms-fb9IWHl26ethP3dXyPUYqJB1ohIpNNhkX0JAh0C2j1Urh7FA9wNZXmWA7VzzhGRfO7_LFV8h0jOzrrlEX86mf7dF9mojEq00ELt7GkqZ_0XvwmgFdgcyLfDK5t1NzPNxj9Jg9tzsos5dSRUhi5JikVUhimkxmGVFkVo_dJoQ7gEWJLfuKLY9A0Za0y6A3bisSJ-g2e0zsHv7qDAZIZN1UaKSsqhW6vJYyB35hRRwQTcDMDgNk22CDs9XylMeb8mpmkktq6zoz2wt2fexDPfBFZ_JTVZuZfpZUWgfvoMhVStIlOcthvMOX180Y8AoHnubpMSDidiMwVhrFNhpfZSm1FZlLIjQ6V0AU6loUl1vL5jhwd0saozsldQeeslQoq2Y5fbhS7HTxinCBSOHM1DI1VfOBDCScTx6Wg2MnMDtKOC7FIKjA4inl17ShRFldhgw5N-Q0BNcshCpRqTfOs7z1uMCMBQ_8dYAjLefTIgNvlBcdFVFpFzW1maZC9B4EK-FUkNLyv5kbPr6pIA0fTP9MKmyZmOq9SWyuPTD_ikh0IJUHvk_Q6EjShQ9-GKyXdVsPfPEbO1y_z0PXqx2i2ECCfWn4BeC3Q5GbkSDYMamyphenfJg_upK0awmZsxrt5tyOPMrcpiw-KaecdT1AygMGxPYu5D1UVIIofoTPg9TxT6EgEXGf5Xt4NNZMEJVpxX84Cf-DUMWJmE8vKSD5xJQopQ6ee2E5T3o3MUUgRXSnuW3uys0fVZu0YCDFIaI-mA-OzknIHzw1NgFbMjjAxTDCz5bFMW57l9nxvZJD769evayz8e1WX8UvKlGcN-hrHNv3N-z6MxzzekuiyY9bz9LrVrbZic7ZwKZHuLA25OgrnwYSA4zfW2XH883GeMK52L30qHSUXfaAdUi5mJJszWdeHF5pr7OsWp3UPa4ifCgFBRwakikEtzSwypos-WigQiYF-Lqk4u3sXUBtpuwv8bcqHhFuoQMXS_Ueo4N8_dIaqaCEnDTdGaMWSVFs1dCNlkCB4OVVt-coy3SAauWeiNCGfem7DZYc-ZQh8eIOboJClztTCJ0bppDNa_Nvj8PCCTOc0GExZjhp-II7bVRxbUIBosssqPQOMXQyMdVMDljeEy1fuu7HO0Pr9mTNjY96R5lisySpuJ9cqBfNIzrPryxKvktLUPNCQBxgb4oV1qQfmn7CbYLeuQLBr0VQ-r_BgatOp0NfjExTiSMn6_dq2bgQ7J9jJj_NN2lmY8dngt9AxDNMI7eyNaBaS4d2XWu79nr4X4z9uPlAqT1JQRtnQQ4sWNI6AVm5WRhuRi3efJPEE8cLM9QbOecr8M7ODF5Ud2v_2zAI-a_nutqYNGvubHUmzAxUgtUMUGKhoNRLuOqz_ZrbEldDVDkhlsPKs9uz8jTt1ohuc5dicAEeTbbClkdhghzyXtsaCwZH0XFGt1e0Q2T-2cHfBqQyKnlOBea6-fmLNORdIW_252pRcPNt8pLJbwWfXwRAjR0cLGfFhYTjYp10q3n3-51DK-qQbztjI_WVzBXVlgSoz4tuHqXdEOT6Dmgejcn3MDbSaXHjJRwR2-G3-FQzRsrreihO3Q3K1iHEDaYkDGxNpeq8rmG5PN6Oa-1PyP00RKRiMjgfQ9-_KHJS8X3HNRU-WSa4_iBxvIDej1_Fo9KWoVnYOjKoJvSGlk5c7gii5ph-8UOIJDjLgIwzyE2dYrRYHLH1kS20SbvCPM0g_r-yClzuijOr0ZoyOvTMOJH2mT21wOQB7qiT_UqJj1ouxgvYr_qE_-VI86jlaE0hbcLpcy6f_B8FpDuzKN8e3pMgrSzSEacvfcxJb3xixEyFVX_K0Txr2RiuAbtJ8&cbvp=2&vis=1
Requested by: Host: df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7E6D 2 KB
1 KB 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7E6D 2 KB
1 KB 4ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7E6D 308 B
636 B 5ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7E6D 293 B
621 B 8ms
7ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 7E6D 43 B
348 B 29ms
6ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=oCk6e9P22Ja-Cg10fQqOyrkBpr-1CBo3ZP12s_0dAMDl5bs3bqmXifvE1FyEoLLonjo3Tuf35pUABL8SlSlS_7gVW8_tCE5PZJU0lKs6OnG1DYu-7dEd7A3MimzRFDHobA9BWHvJzVp_McmGpRfmm_3jQzpoilZQ7_VyycMzwY8hr_bjyfHVGS59gpqf7ZSkCr53S9QC-HFV7BCcFd34tXISglutTIZDcxvpEyhtqvAIYU1PcWmCPBNG8Jta8azT543-ruFlVmzLaZ1YVvTZic8RFCQbOkglY5clLBf-AmQ6xgns_QWkabAHZN3wjLxk8RICTHTtcYRZYSikCQHLOUOjwXo7_lTy4S7dbyppXMKPaACzRCMDUcYOus9mbxkssN6AB7vDYpAJEyNd8F0wQx0rIEkyJ1S5_IvJoYKkP35XjKzVJ1aOm-n9ei4xcC52j4iNeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2488041
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d69a789d398c4fdab96fef36190e56b3_image_ad_300x250.jpeg
static.criteo.net/design/dt/26310/230530/ Frame 7E6D 46 KB
47 KB 6ms
5ms Image
image/jpeg 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/26310/230530/d69a789d398c4fdab96fef36190e56b3_image_ad_300x250.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

686a35a496842ba37f54d8dd1e6824e9fda94c374fecbbfa0486a8ad8cdfd23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 30 May 2023 06:28:10 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6475977a-b9c1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 47553
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H2 200 dis.aspx Show response
widget.sg1.as.criteo.com/dis/ Frame 08C4 6 KB
3 KB 27ms
6ms Document
text/html 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sg1.as.criteo.com/dis/dis.aspx?pu=65968&cb=6494c7f3181ef28365d47ded9750038b&r=https%3a%2f%2fdf4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

10f38db6a9def35c92215008189f5c815b63107ffee29d86a003dc91d36eca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 22 Jun 2023 22:15:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2708695
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 all
csm.as.criteo.net/ Frame 7E6D 0
128 B 112ms
32ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=qw8TJGBI461uDUyka4VSt2Xdx6f8niAxgFJGKKmbEDeYs_cJCn7SZWiDIs-n8n_RFa9-5yNhqXl-Ui6_-CrKI1Y6JYK63q6M0SIwTv09zlUiYf7-SJR6iTPfQoVzJEO7d-rJNoSbPkJGPAZVCsKUzRA--GSsSW1HIiMApZiaALUNk0Z6Gn2hUYntzt9ikBFxlW0FsEFi4I_cdEoBGYuB08QWxrE0Ykc10VbWQFazMs1zvrqf7LMylOpx10IEfp1bmz_y1g&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7E6D 2 KB
1 KB 5ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jun 2024 22:15:15 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 76EA
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30

43 B
510 B

77ms
77ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 22:15:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ZrnT4Z0KhTDJ199ia041eSPvN6LXPQaVqcw6dw&expires=30
Date: Thu, 22 Jun 2023 22:15:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 76EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_cm&google_hm=ay1KQWo5M1owS2hUREoxOTlpYTA0MWVTUHZONko2andMX...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_gid=CAESEP7Hro3L02cXkVm3nS3Ssvg&google_cver=1&google_ula=913071,0

43 B
370 B

16ms
5ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_gid=CAESEP7Hro3L02cXkVm3nS3Ssvg&google_cver=1&google_ula=913071,0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 590687
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-JAj93Z0KhTDJ199ia041eSPvN6J6jwL_rv2pFw&google_gid=CAESEP7Hro3L02cXkVm3nS3Ssvg&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 76EA
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5320890624632815736

43 B
370 B

6ms
5ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5320890624632815736

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1033540
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 22 Jun 2023 22:15:16 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.231; 103.254.153.231; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3766c2ec-d773-4d71-a458-d7ccebfd2539
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5320890624632815736
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 76EA
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw

43 B
1 KB

175ms
174ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:16 GMT
AN-X-Request-Uuid: cd3f22bc-86b3-42af-b926-8096ba79b2c7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.231; 103.254.153.231; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:15 GMT
AN-X-Request-Uuid: 95a37f5a-bd29-424c-80c0-e2f6242df4ff
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-oQaNQJ0KhTDJ199ia041eSPvN6Jdh4J-573RPw
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.231; 103.254.153.231; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 76EA 61 B
791 B 37ms
21ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-VsHS_J0KhTDJ199ia041eSPvN6L4elTTGKVhVg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 22:15:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 76EA 42 B
711 B 22ms
5ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-cQNhf50KhTDJ199ia041eSPvN6JnYG_-Udcg0g&expires=30
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 76EA 68 B
606 B 830ms
4ms Image
image/png 18.140.170.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-T0FW1Z0KhTDJ199ia041eSPvN6JQYW0sAZGy8A
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.170.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-170-140.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 76EA 43 B
688 B 192ms
3ms Image
image/gif 23.106.127.39
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3H4_C50KhTDJ199ia041eSPvN6LwXBwkyzcc-Q
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 76EA 0
230 B 48ms
3ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-HFftP50KhTDJ199ia041eSPvN6LFVP5Ec2hrFg
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2591

GET
H2 200 um
criteo-sync.teads.tv/ Frame 76EA 23 B
278 B 207ms
77ms Image
image/gif 184.26.21.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-jFctBZ0KhTDJ199ia041eSPvN6LH2MbaoVFADA
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.21.27 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-21-27.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 22 Jun 2023 22:15:15 GMT
pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 76EA
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

6ms
6ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-hUT4rZ0KhTDJ199ia041eSPvN6LnvNAi-XcajQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 76EA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw&verify=true

0
121 B

7ms
7ms

Image
text/plain

18.143.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw&verify=true

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

18.143.106.89 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OuTobp0KhTDJ199ia041eSPvN6J1WnAWAhVGvw&verify=true
date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame 76EA 43 B
824 B 432ms
75ms Image
image/gif 202.241.208.2
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.2 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 22 Jun 2023 22:15:15 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZJTH88Co5r4AAHUEcpIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad195"}
X-SO-Key: ZJTH88Co5r4AAHUEcpIAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad195
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad195.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 43
X-SO-LB-Hostname: a-ng40010.dc2p.scaleout.jp
X-SO-IP: 103.254.153.231

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 76EA 43 B
872 B 318ms
73ms Image
image/gif 124.146.215.42
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-L5ESUZ0KhTDJ199ia041eSPvN6Je4mS0D57rEA
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.42 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 22 Jun 2023 22:15:15 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-L5ESUZ0KhTDJ199ia041eSPvN6Je4mS0D57rEA","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZJTH88Co8XgAAHUO8XoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40350"}
X-SO-Key: ZJTH88Co8XgAAHUO8XoAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40350
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40350.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 43
X-SO-LB-Hostname: m-tgng20.dc4p.scaleout.jp
X-SO-IP: 103.254.153.231

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 76EA
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=O-FN5h-w1T0qXWM4Byr0GOMa2ZhcCv8t

62 B
547 B

608ms
221ms

Image
image/gif

104.69.166.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=O-FN5h-w1T0qXWM4Byr0GOMa2ZhcCv8t
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 104.69.166.9 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-166-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 22 Jun 2023 22:15:16 GMT
content-length: 62
bk-server: a175
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=O-FN5h-w1T0qXWM4Byr0GOMa2ZhcCv8t
date: Thu, 22 Jun 2023 22:15:14 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 686948
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 76EA
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag&C=1

43 B
766 B

36ms
36ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-sJaTGp0KhTDJ199ia041eSPvN6I6B9Hwbj_qag&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 pixel
adx.dable.io/ Frame 76EA 0
141 B 434ms
86ms Image
text/plain 3.37.143.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-fWTP150KhTDJ199ia041eSPvN6JVaW55Mx0Feg
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.37.143.130 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-143-130.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame 76EA 43 B
412 B 259ms
73ms Image
image/gif 13.115.146.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-G6-6P50KhTDJ199ia041eSPvN6LYS-GizgySZA
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.146.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-146-23.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 76EA 43 B
659 B 38ms
9ms Image
image/gif 23.59.168.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-STo5VZ0KhTDJ199ia041eSPvN6JVeGZK54i7jw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.168.41 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-59-168-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:15 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687472115845024-69
Expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 76EA
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg

43 B
448 B

6ms
5ms

Image
image/gif

13.213.110.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg
Protocol: H2
Server: 13.213.110.67 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-110-67.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Jun 2023 22:15:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IM6cOJ0KhTDJ199ia041eSPvN6IzvG-Lk98gqg
access-control-allow-origin: *
date: Thu, 22 Jun 2023 22:15:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 76EA 42 B
439 B 277ms
193ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-NS53rp0KhTDJ199ia041eSPvN6I40lt_wAmb2A
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 76EA 0
882 B 513ms
169ms Image
text/html 35.157.108.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-NvqXip0KhTDJ199ia041eSPvN6J_DrZfds3jgQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.108.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-108-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 76EA 42 B
668 B 59ms
41ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-Ut80S50KhTDJ199ia041eSPvN6LBFWF4jAzfmQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E5DAA5CF2B348D4BB30C74800B2B04F Ref B: SIN30EDGE0822 Ref C: 2023-06-22T22:15:15Z
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 76EA 0
287 B 791ms
197ms Image
text/plain 38.133.127.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-HU2B3J0KhTDJ199ia041eSPvN6KT2SDBFgO_9Q&initiator=partner
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 22 Jun 2023 22:15:16 GMT
Cache-Control: no-cache
X-TraceId: b4a091b3d7258d53ee282fd4b94f3fbf
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 76EA 42 B
580 B 28ms
4ms Image
image/gif 67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-YDcL_Z0KhTDJ199ia041eSPvN6IXL5H_VrCGCQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 22 Jun 2023 22:15:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

/
s.ad.smaato.net/c/ Frame 76EA
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA&cookieCheck=1

0
557 B

5ms
4ms

Image
text/plain

2600:9000:223b:7200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA&cookieCheck=1
Protocol: H2
Server: 2600:9000:223b:7200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
via: 1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: G5Y5_gAgL9eInzpiXnS6JTQhLvM3KQESsyWWgg7uZgLD1zGaYZ7HaQ==

Redirect headers

date: Thu, 22 Jun 2023 22:15:16 GMT
via: 1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZXqNf50KhTDJ199ia041eSPvN6IqXv2sz4RitA&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: yYp_jyJsdYodvUkXYblRWAwz_LmU17BUtziZ8sys0RhHKsjwZ6bu6A==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 76EA 68 B
259 B 107ms
69ms Image
image/jpeg 2600:1413:b000:1c::17d1:2ed9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-i4MPEZ0KhTDJ199ia041eSPvN6K29hBwRSPJ0Q

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1413:b000:1c::17d1:2ed9 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 22 Jun 2023 22:15:16 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.83.150:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 76EA 43 B
634 B 854ms
5ms Image
image/gif 54.254.193.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-N01v9J0KhTDJ199ia041eSPvN6KdfrVtaRApxQ&pn_id=criteo&ext=1
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.254.193.145 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-254-193-145.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:16 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 put
e1.emxdgt.com/ Frame 76EA 0
142 B 87ms
4ms Image
text/plain 18.140.107.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-ljV3b50KhTDJ199ia041eSPvN6Le3y8DrK_yTw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=EC8787428329A2D3&u=%7CEOLLN3CXZ2czjSRGx6Yd%2F49t0209tes9bmwNrsco98A%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87RBm-uqPWQ4JxiXzxceV87_M-Aup59gpBgPUGxw2n13mcBIskYxoP3I63A9eO2R69MgEfUxuDdrikV_qcMaJ2hqwq7XWmhgsokbmgTn6vMZ8Xk8oV7A02FVIP1yHleuazumb4RM3oqnpx79jXETficr-wu0aXSeNlFtD_vD5zHch1PNmZNnokC_Ae3znRi38DuUsIR0ISvz9RR79iLrT0wA6n8PFLH0NdnwAV04N5_kCdaSWiDJex2z69UsAUybiL_McPUJSois1CIisnOmKQxjgzswT38KL0WXwQaH6YBEXuPpImzV-Yvr5VxKDv-16yTl8AgxOmmMIF6Rd_qSDBZS48JCjyQCci---gvCfKGZ5uAMAK47PJKtaYMLILDCQMKVUakFCEfPsyy5PaccJPe3jglyQ8TN1OetWFsBgujtonPVaXtGI6n1yPf1CXotIw2q57Nqz9aEB_aGrmpUYebYCWKGLSO0XaSmf5feVaycZ6dFmXpUlPjUZPnRKxPKNupGGKt558eGDrQoWG3_c-rTDhqFfQWNpf39g9HZhZ2meGg83WCAklXoszZ37BhENVKDjxY5ZPnB-FCXJ0APIZou8xtgjZKBx5KVrhUBPsTFm2BgaDqul4gRP3gARHmagMbsdN_oauhl21AgoNu2pjrw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.107.66 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-107-66.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
date: Thu, 22 Jun 2023 22:15:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1A47
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T90PNmuMSpOuCxSjxp5M_w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T90PNmuMSpOuCxSjxp5M_w

43 B
479 B

253ms
253ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T90PNmuMSpOuCxSjxp5M_w

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G87E9JJ7YJGAQJHE8VA5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=T90PNmuMSpOuCxSjxp5M_w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1A47
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ7PBT70-1Y-6NQK

0
515 B

234ms
219ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ7PBT70-1Y-6NQK
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4E0A468537FB4056920A2B927D1BC899 Ref B: SIN30EDGE0820 Ref C: 2023-06-22T22:15:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+vzgEwEtn4syqCOttFw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ7PBT70-1Y-6NQK
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMv3nERi7xbDPDjz_t3fOE0&google_cver=1

42 B
711 B

4ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMv3nERi7xbDPDjz_t3fOE0&google_cver=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMv3nERi7xbDPDjz_t3fOE0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A47
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81007948-466b-4ec5-846b-a0cee9cc3ef4&gdpr=0&gdpr_consent=&expires=30

42 B
711 B

4ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81007948-466b-4ec5-846b-a0cee9cc3ef4&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=81007948-466b-4ec5-846b-a0cee9cc3ef4&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEo3UEJUNzAtMVktNk5RSw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOd4bS9-V6wEiTjMktDEBMc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo3UEJUNzAtMVktNk5RSw==&google_push=

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo3UEJUNzAtMVktNk5RSw==&google_push=

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo3UEJUNzAtMVktNk5RSw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhhODQwMTc3MDIxMTczNWIyOWU4ZWI5MGExZGE3MjMwZmZkZDI1Zg

170 B
188 B

8ms
8ms

Image
image/png

74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhhODQwMTc3MDIxMTczNWIyOWU4ZWI5MGExZGE3MjMwZmZkZDI1Zg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhhODQwMTc3MDIxMTczNWIyOWU4ZWI5MGExZGE3MjMwZmZkZDI1Zg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1A47
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XANguBtzToWCfp11uE06mA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XANguBtzToWCfp11uE06mA

43 B
479 B

182ms
181ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XANguBtzToWCfp11uE06mA

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jun 2023 22:15:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6HEWE4VF0M7NHYFJ33KZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XANguBtzToWCfp11uE06mA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A47
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/wj63pH7eh4OlTmlBBgLsrMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eKXmPndE2oJUOFeOMlD8PZVZGl.94QNsHHFveg--~A

42 B
711 B

4ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eKXmPndE2oJUOFeOMlD8PZVZGl.94QNsHHFveg--~A
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 22 Jun 2023 22:15:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eKXmPndE2oJUOFeOMlD8PZVZGl.94QNsHHFveg--~A
content-length: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 654D 484 B
733 B 24ms
8ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 29e213f2304639d28ccb87935c75d168e4168aa930681d5fe239affde55680f6

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 307
content-type: text/html
date: Thu, 22 Jun 2023 22:15:15 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 654D
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=81007948-466b-4ec5-846b-a0cee9cc3ef4&ttd_puid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0&gdpr_consent=

43 B
249 B

14ms
7ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=81007948-466b-4ec5-846b-a0cee9cc3ef4&ttd_puid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=81007948-466b-4ec5-846b-a0cee9cc3ef4&ttd_puid=38b6418a-9d7f-77dd-e524-cac59e815228&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 654D
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZJTH88Co8YEAAJamc3QAAAAA

43 B
106 B

11ms
6ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZJTH88Co8YEAAJamc3QAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Thu, 22 Jun 2023 22:15:15 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.231","key":"ZJTH88Co8YEAAJamc3QAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad318"}
X-SO-Key: ZJTH88Co8YEAAJamc3QAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad318
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZJTH88Co8YEAAJamc3QAAAAA
Cache-Control: private
X-SO-HostName: m-ad318.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-IP: 103.254.153.231

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 654D
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab16FhqGAm8iks8AD7MOqxDZ4s8AAAGI5S0Qng

43 B
106 B

7ms
6ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab16FhqGAm8iks8AD7MOqxDZ4s8AAAGI5S0Qng
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab16FhqGAm8iks8AD7MOqxDZ4s8AAAGI5S0Qng
cache-control: no-cache
content-length: 0
x-amz-cf-id: jD-x1wLEh8bCa-oWwFJby0Q7BEc4k8cQOhitjnmyafl9rpR3VMUYoA==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 654D 170 B
188 B 10ms
9ms Image
image/png 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTRkOTkyNDAtNTQwOC0yOTc5LWYwYzQtOTA3YzU0NjM5YzQ4

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 654D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBOk9Y79LPmkV9mdUbPKSo&google_cver=1

43 B
180 B

6ms
6ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBOk9Y79LPmkV9mdUbPKSo&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBOk9Y79LPmkV9mdUbPKSo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame FEE0 0
140 B 182ms
83ms Image
text/html 2406:da12:fbe:4202:809:c2f2:90f7:4c91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjIyMjIxNTE1IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYyMjIyMTUxNC05NmViZGVhYjA1MzQ0ZmI0IiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6ImM3MWJhM2FjLTliYzAtNGY5Zi04ZWU2LTU3MjczMDgwYjc4YyIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTMzIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjMxIiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA2MjIyMjE1MTQiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=129520e6-7505-4b75-9c29-7320363b2730&r=sBPkvz2
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4202:809:c2f2:90f7:4c91 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ Frame FEE0 393 KB
125 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 10:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41828
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 21 Jun 2024 10:38:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame FEE0 745 B
374 B 6ms
6ms XHR
application/json 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FEE0 107 B
165 B 6ms
5ms Script
application/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FEE0 54 KB
13 KB 278ms
277ms XHR
text/plain 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=15502330379577&correlator=149681483447727&eid=31072020%2C31075546&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_pg_300x250_std-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2353456063&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Df6c41c70fa2a000d%3AT%3D1687472115%3ART%3D1687472115%3AS%3DALNI_MbOfnShGS5WIraRfEreydbhKHC5Gg&cdm=mbantul.my.id&gpic=UID%3D00000c1684583df9%3AT%3D1687472115%3ART%3D1687472115%3AS%3DALNI_MaYFmgZaYN2lNTLKqRjKwuuTQfwgw&abxe=1&dt=1687472115705&dlt=1687472115084&idt=593&adxs=632&adys=116&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=njkqyex7fudd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1314207470.1687472116&ga_sid=1687472116&ga_hid=1121938901&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQGYxNDUzMThjNmQ4ZDkwMjQwZmJlY2JkYmFkN2QxNmQ1MzkzODljMGM1ZjZkZTE2Njg3MjNiMjBlY2MyYjhlMmYYgZu0qY4xSAASGQoKcHViY2lkLm9yZxjTm7SpjjFIAFICCGoSFwoIcnRiaG91c2UYlZq0qY4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJWatKmOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJWatKmOMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lObmh3S3pCNlZEUlRRM0V2T0dkSmRDdHhXbWd4VVQwOUluMD0Y4Z60qY4xSAASGwoMaWQ1LXN5bmMuY29tGJWatKmOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0dbf6336319f94f34b523fc8c6c5cf8688caa83e0afcd844278500f68881ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13177
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 739D 6 KB
3 KB 13ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:15 GMT
expires: Fri, 21 Jun 2024 22:15:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FEE0 14 KB
11 KB 21ms
10ms XHR
application/json 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d43235fe26feb8f49d1ec99fed58c14f56035484dbfc94055d14fbdf60877d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11181
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FEE0 17 KB
7 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E3A 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 85496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 22:30:19 GMT
expires: Thu, 20 Jun 2024 22:30:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DBD0 783 B
535 B 14ms
13ms Document
text/html 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a94518df6265abf2372937614dfebe7db8b4195ee415c88742da34d00b8eddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A1BoYLPSLbltfLZdQ9HzBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-A1BoYLPSLbltfLZdQ9HzBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:15 GMT
expires: Thu, 22 Jun 2023 22:15:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E3A 38 KB
14 KB 6ms
5ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 22:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 22:59:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBD0 0
0 6ms
6ms Image
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=15502330379577&rc=null
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 811D 15 KB
11 KB 11ms
11ms XHR
application/json 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee68a1265282e733c9d14470e9f7a3838516bc0976c1e234aea509f6cde031b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11275
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 811D 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 22:15:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E3A 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KxeLEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC7E 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 85496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 22:30:19 GMT
expires: Thu, 20 Jun 2024 22:30:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F41 783 B
536 B 14ms
13ms Document
text/html 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9d25f3d6453ce88b3a8a1ca7330c532817b9eac19754e9d0a2f04143e73753d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xx2J37tNvZmtVv-52UszoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Xx2J37tNvZmtVv-52UszoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jun 2023 22:15:15 GMT
expires: Thu, 22 Jun 2023 22:15:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame A96E 222 KB
61 KB 21ms
3ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 17:16:04 GMT
age: 536352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 15 Jun 2024 17:16:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame A96E 15 KB
5 KB 25ms
8ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 21:11:25 GMT
age: 90231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 21:11:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame A96E 94 KB
28 KB 27ms
10ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 08:12:03 GMT
age: 482593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 08:12:03 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame A96E 5 KB
2 KB 28ms
12ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 21:47:23 GMT
age: 433673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "fbb7a7837efaff21"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 21:47:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame A96E 40 KB
13 KB 26ms
9ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 21:11:25 GMT
age: 90231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 21:11:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A96E 14 KB
1 KB 8ms
7ms Stylesheet
text/css 2404:6800:4003:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Jun 2023 22:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 21:04:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jun 2023 22:15:16 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A96E 3 KB
3 KB 4ms
3ms Image
image/png 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
age: 83431
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 22 Jun 2023 23:04:45 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A96E 344 B
368 B 5ms
4ms Image
image/png 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 15:29:07 GMT
x-content-type-options: nosniff
server: cafe
age: 24369
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 23 Jun 2023 15:29:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A96E 0
0 50ms
49ms Image
text/html 2404:6800:4003:c0f::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXn2WttB8iUsnJFqQ8Uxrl1fEU4YEcgSwX697Jfv5ptEaNnhKfxUJ-GcRyN_TRznn5cwm2O6dsoU4veFeEnk7zP3qmJA
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A96E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2490b1add9d6000475ebb5ed6596e5f57337959ec142c86c400c1b9b7265f38

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F41 0
0 6ms
6ms Image
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=3010233379210791&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame FC7E 38 KB
14 KB 4ms
4ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 22:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 22:59:17 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A96E 33 KB
33 KB 9ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:51:18 GMT
x-content-type-options: nosniff
age: 537838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 16:51:18 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 76EA
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=enLjSPv1omGqRGP8vMaexuU9NPrqI-il

0
337 B

678ms
172ms

Image
text/plain

44.230.126.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=enLjSPv1omGqRGP8vMaexuU9NPrqI-il
Protocol: H2
Server: 44.230.126.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-230-126-114.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: beacon-n004-pdx-prod.krxd.net
date: Thu, 22 Jun 2023 22:15:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1687472116
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=enLjSPv1omGqRGP8vMaexuU9NPrqI-il
date: Thu, 22 Jun 2023 22:15:15 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 750576
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A96E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

14ms
5ms

Image
text/html

2404:6800:4003:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2404:6800:4003:c00::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Jun 2023 22:15:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A96E 3 KB
3 KB 4ms
4ms Image
image/png 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:04:45 GMT
x-content-type-options: nosniff
server: cafe
age: 83431
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 22 Jun 2023 23:04:45 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A96E 344 B
368 B 4ms
4ms Image
image/png 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 15:29:07 GMT
x-content-type-options: nosniff
server: cafe
age: 24369
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 23 Jun 2023 15:29:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A96E 0
0 15ms
14ms Image
text/html 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsftG88eUZNm5LbeF3LUP_PmCkAvBp8X9ZaeSkqKnD5CUxazMBBABIJm1iUNgvwWgAY235tMDyAEBqQKBf4o1CmKyPuACAKgDAcgDCqoEhgJP0PAQmRE4IY3l3A2z3udU7XFEUKJulBqAH1zMzGr9cTX3mubuVY5X6Gv0pfO_TNxY3c5mRHIq-eLn0VKdnjSIT17u4Q6TJpRNbfBC1bXJznuuh39YtzPQxkqMJ9wlMfyw7TVCtsrytDCvUVQ2Kr_zEntsaHjsMQEPGXqF-qO_I1t6a7HKOtD3dd58pLf7oc1Qg20MpmMtkT7usADSsSMlsbafJ8YNPV8rElLG1VE4ECWHCOglwgcSJGFdQ9Duf6kZGQxQLRy-KmCkVKhIp55VvnPspjmAeqjukCyioKI7u-VQrN4xxCWiwbS2UBgTf8kmiaT5LCtz5cxu75k095SmM0CwiSuowATPrK7w2gPgBAGSBQQIBBgBkgUECAUYBKAGZoAH28iZLKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPnVBdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEw2IFALQFQGAFwGyFx4KHAgAEhRwdWItNjUxNDE0NTg5MTM5NzIxOBjR1CI&sigh=fuIaWJAdHHg&uach_m=[]&cid=CAQSPABygQiDf7GNBTDVp3ojPMdXZLQVWJ5BI3jXl_W6wi8OV3Fj8HjbUFbY54vAnB0aacJM80d5Mx1MieHPPBgB&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FC7E 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kYUDVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:15:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEE0 0
0 8ms
7ms Image
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306200101&jk=15502330379577&bg=!ZmWlZTHNAAYQ3eRoMN07ADkAdvg8WgWisgraczjUN8CEa9hBpV_UwkGvzAiJ0jOHcPu7Sm0iMencebQ3PmiwHxkSBZUn-QZ81MECAAAAZFIAAAACaAEHCgAVuYYxsOwbuhGAgNraOQhwan08WZzGmQLE4npuAA-ug1nlbOjHsPws57bO_81uxc3SZJZR_-kir8pOLF29r7KDBjk0491ERDW0qD95VqHjgodU0HFoNoF-65NRFCGyHUxwhuBKJTMQevx9vZK6diQG1hZDVYt__6Ni7NqqNypvDhvW1sFy-ZG7sWDlDnotRuJ_GflUu15TjaC0_ap-6aMi_L_F4nfMhj6AvOPi1jL_eIJlWJWtXL3Cw6y6iOUJGF-kTw8yuEXufEIq_25RS8DSad6E3C3q9f1fQ39T1ap4lgd9WyCtLyaDmSzeOJfEs9NvokwXeliT-94jqES3mM6L6JfoaTRIB3sY_rxI_x88MuOIMtJfWPN8HEMYP89dUCDuObUoWbzVJoPg80KCLw0poy1kdKpERqsy_rPI6u_BskJ8tPEXcH9_2uM0NMMi9nS4znPo2UbnBu9_JUCJ0Vm0RZiNQdDa9ehF-lOGfFD8Y7izZWSepLBYthOfhK_hNQcGOncwN5CqXhUdN9Zbv3mx79_ss2boPJWXLtMeeS4k2jUjASzNy5B2c3nxfdKAFJTl2qQ3yDiSOtDpnApqQIycrxkssgDFLLkGEeaWrK4n0F6v5Iznxw3T8JsDoh-d3AfKUVUhegh1ZUJp0MRspxCUQuYG5Vm1oxH_5x1TZnIiN4L88YEx5DoaDSH9_-Ljen76M7CTM1EScHYl4-ElCDCNkaqWo7_GITMlE76_YPna3UL7GVx99R7wVtnvRqWG1KKT8i7gjjNnQEI5hq5BPL5pA9LcZw5JhF_BGkOPGu5wVnb3ezJomZK6g1Jg2MviEb5wa9PO1aqEVs5k27ZIemGwvuJskXKeAPCBXdddAcwXF-zJrX567RAcYnF6Ko132LXR690hA1cOhZwzmMCYi8DiC4JPJeVPvtvHtPXuvgJw95eLJdI81vP9HTaxXlMbHgIuodnfFQBQvpTR5tus
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 811D 0
0 8ms
8ms Image
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306150101&jk=3010233379210791&bg=!kZKlksbNAAYQ3eRoMN07ADkAdvg8WkQI7jmvVlqd6Erh6ILnnEcfWyhEm95ETCmI5sB0Gcb73uuG3vu7lrau7uiEbgoSiPkdK14CAAAAlVIAAAACaAEHmQKz1755PTrfacomEHEV5klfUC-oqWdearEjO3L9dxmzuS_bMkyOl43YQ62PjLDtKoZAZw5RnQPbudPKbKJhu7Ru7OKy4fK88mhYrGAiNr6W1PCCm_IkeIMrgdTTKcEgFX2UBZ81MtiFjn_uboL3cYY52-SiwKpnZ4M2pbtf7UyacbxpIVgD_cHjGtv2yRpw9vlDD1JYnLs4uWshMTokg4c1aZtLuFJeuYxvom65S9tyXN1QTOylyOM3O84FbLNpVx8n4xkCJGIzJOyl_FF8_2Xesd4vs6Gg77fXYCk5vf5IG0MQW7RDmyeRk4xtvHoPtnWsMV12meLVlGJquQhp5LwB3-uEl8piIxC_kd4zbydhtKCU3NtwtRCqC1_0VxfUyxHK0GThqNc-t-Z35uyD6HXpEA2aeXdV_mIiDQwuQhr7J05w3fp4JRJYFfaTnrVW-o0oLxxa81iXoQ5g1B5kj36bTRy_aueoYtS4iaNoTql_p_5nfuTYcva9RJ6uWFzglQmd5rykkyGftCBSq_KhyJ8aZjl9ZgwMa5SJu2VH370RsUihfFnf5LarPFn2TbCXhlQPtjl8bpEq6Wt0w4AZxlOkwf7-AsLkEIY4dtD92xF5uIMARayayPQtlTGk1IrPJMZMazKgZ4n7fv6YbSfTL8TZRDletSHArPOMt8C4XE1xw26Ugpku6ZQPIydwQT33G4yba2IAtxEaux3FvdNZzI5d7RqRF3sDbtqeB3al2Cr7aYe58tFlkqCsChBhlpGZQPhuNF98AYKtDpiwyxmh3QxVdlQIl84EK-d2nLaGY2Lu_U3l0pFJG0o4czzKA_WoC8yvzVCmWBPJepHMmcsi744zIp0WnSNbQ-rkWgBFIgE_NtmaraBHxii2cW_ywKdwPCwPhap03cMTk9trcb_J9jQhOb9Tng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A96E 42 B
64 B 28ms
27ms Image
image/gif 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9SKypqqrojv6akemjCI0GzJM_OcvpD9L0lAc-dSuiVvVu7KqVF0rmq-shh1tcB1eoUZXzM7qo_IN9j8cROghHTEXq--4T5CT42uFL30SZ2tTuBsinYVPPIEvWyh1xfR7rUkjEUSHpDA&sai=AMfl-YQopg2FWz8Gn3Enefc0-1swuzTpj8Ox37sAf7N1UMbrKz2HKQF5s0T9xa8EEvaR7PwzUUBtfqmaUcEHs922i6BV7qx075oISC1wWoCYWfhvnlTGdaJQy14DgGwM&sig=Cg0ArKJSzFfL73-_o5OCEAE&cid=CAQSPABygQiDf7GNBTDVp3ojPMdXZLQVWJ5BI3jXl_W6wi8OV3Fj8HjbUFbY54vAnB0aacJM80d5Mx1MieHPPBgB&id=ampim&o=632,116&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=168&tls=1168&g=100&h=100&tt=1168&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jun 2023 22:15:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
compass.adop.cc/	1970-01-20 12:45:04	Name: ADOP_P_U Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/	1970-01-20 14:54:08	Name: ADOP_CID Value: SG-230622221514-ec602c54cb1c4276
.mbantul.my.id/	1970-01-20 12:44:32	Name: lotame_domain_check Value: mbantul.my.id
.criteo.com/	1970-01-20 22:06:08	Name: uid Value: 704c585f-c87e-4bfc-880e-6f2c4753923a
.crwdcntrl.net/	1970-01-20 19:13:19	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:13:19	Name: _cc_id Value: 2dbdb254e636abf550f4b2c144156697
.mbantul.my.id/	1970-01-20 19:13:20	Name: _cc_id Value: 2dbdb254e636abf550f4b2c144156697
.mbantul.my.id/	1970-01-20 12:54:36	Name: panoramaId_expiry Value: 1688076915034
.mbantul.my.id/	1970-01-20 12:54:36	Name: panoramaId Value: f145318c6d8d90240fbecbdbad7d16d539389c0c5f6de1668723b20ecc2b8e2f
.mbantul.my.id/	1970-01-20 12:54:36	Name: panoramaIdType Value: panoIndiv
.mbantul.my.id/	1970-01-20 22:06:08	Name: cto_bundle Value: hrZHnF8xb084SXlyaHJiJTJCRW0lMkJPWlVCeEZNYUxiU2xWTXVJbWg2bTBIVFJCNjllcWElMkZUckY4cWFYR2szV3V5TzJseFVBU29KWmFhVU50NCUyRmtFblFLMmlpdnQyWTZvYlNpdzFTZGFLbUo5dk95UFFaVkxrQmV6SE15Z1RTNElRQmhMMFBpRlY5RkxvMWZDUGNzVGpPNTdpZFZ3USUzRCUzRA
.mbantul.my.id/	1970-01-20 22:06:08	Name: __gads Value: ID=f6c41c70fa2a000d:T=1687472115:RT=1687472115:S=ALNI_MbOfnShGS5WIraRfEreydbhKHC5Gg
.mbantul.my.id/	1970-01-20 22:06:08	Name: __gpi Value: UID=00000c1684583df9:T=1687472115:RT=1687472115:S=ALNI_MaYFmgZaYN2lNTLKqRjKwuuTQfwgw
.openx.net/	1970-01-20 21:30:08	Name: i Value: eb1a7ed3-34f8-482a-bff2-022dfaa661d5\|1687472115
.rubiconproject.com/	1970-01-20 21:30:08	Name: khaos Value: LJ7PBT70-1Y-6NQK
.doubleclick.net/	1970-01-20 22:20:32	Name: IDE Value: AHWqTUly6BEICI2EiPO6C6jnX25VwM_h4KGWpDJBdlrOnJIg7Y5mH3Af0JqDBcxGnfo
.media.net/	1970-01-20 21:30:08	Name: visitor-id Value: 3304737153879158000V10
.media.net/	1970-01-20 13:27:44	Name: data-c-ts Value: 1687472115
.media.net/	1970-01-20 13:27:44	Name: data-c Value: k-VsHS_J0KhTDJ199ia041eSPvN6L4elTTGKVhVg~~3
.adsrvr.org/	1970-01-20 21:31:34	Name: TDID Value: 81007948-466b-4ec5-846b-a0cee9cc3ef4
.taboola.com/	1970-01-20 21:30:08	Name: t_gid Value: 4462e09a-328f-4d86-860c-7e73c460a95c-tuctb8e4d73
.openx.net/	1970-01-20 13:06:08	Name: pd Value: v2\|1687472115\|jElYiuvOhI
.adsrvr.org/	1970-01-20 21:31:34	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPrN_YGG3vk7EAUYBSACKAIyCwi2roGvnN75OxAFOAE.
.3lift.com/	1970-01-20 14:54:08	Name: tluid Value: 3269522409922205985582
.openx.net/	1970-01-20 13:06:08	Name: univ_id Value: 537072971\|81007948-466b-4ec5-846b-a0cee9cc3ef4\|1687472115599259
.smartadserver.com/	1970-01-20 22:14:46	Name: pid Value: 2332199780868011985
.smartadserver.com/	1970-01-20 22:14:46	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:31:34	Name: csync Value: 79:k-3H4_C50KhTDJ199ia041eSPvN6LwXBwkyzcc-Q
.teads.tv/	1970-01-20 21:28:41	Name: tt_viewer Value: 2d79375a-9c2f-4aed-9602-bfc1029ccfe4
.linkedin.com/	1970-01-20 21:30:08	Name: bcookie Value: "v=2&be08b641-6ade-4d71-8a05-d71ec4836dde"
.linkedin.com/	1970-01-20 12:45:58	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2542:u=1:x=1:i=1687472115:t=1687558515:v=2:sig=AQHydRnQOV65AQPc_9MyEMYOVVhrfRV3"
.bidswitch.net/	1970-01-20 21:30:08	Name: tuuid Value: c3952e31-e0e3-455f-a469-0398573f2f48
.bidswitch.net/	1970-01-20 21:30:08	Name: c Value: 1687472115
.bidswitch.net/	1970-01-20 21:30:08	Name: tuuid_lu Value: 1687472115
.socdm.com/	1970-01-20 22:20:32	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg3NDcyMTE1fQ
.ladsp.com/	1970-01-20 12:44:35	Name: cr Value: 1
.yahoo.com/	1970-01-20 21:30:29	Name: A3 Value: d=AQABBPPHlGQCEDbaKGE5WOuoce-_Y7nR6eIFEgEBAQEZlmSeZK9E8HgB_eMAAA&S=AQAAAg1pa6Dn3nqUGfv54IhaeLg
.analytics.yahoo.com/	1970-01-20 21:30:08	Name: IDSYNC Value: 18zh~2cda
.ladsp.com/	1970-01-20 22:20:32	Name: smn_uid Value: isjopig8P3bgfDJ2RtEu5g-zDqsQ2eI
.ladsp.com/	1970-01-20 22:20:32	Name: lum Value: CJ6htKmOMRIFCAMQ0AU
.adingo.jp/	1970-01-20 13:27:44	Name: criteo_dsp Value: k-G6-6P50KhTDJ199ia041eSPvN6LYS-GizgySZA
.socdm.com/	1970-01-20 22:20:32	Name: SOC Value: ZJTH88Co5r4AAHUEcpIAAAAA
.bing.com/	1970-01-20 22:06:08	Name: MUID Value: 3F44882A8B0C64EB1E2C9B128A5665A0
.c.bing.com/	1970-01-20 12:54:36	Name: MR Value: 0
.pubmatic.com/	1970-01-20 13:27:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-YDcL_Z0KhTDJ199ia041eSPvN6IXL5H_VrCGCQ&KRTB&23144-uid:k-YDcL_Z0KhTDJ199ia041eSPvN6IXL5H_VrCGCQ&KRTB&23286-uid:k-YDcL_Z0KhTDJ199ia041eSPvN6IXL5H_VrCGCQ&KRTB&23287-uid:k-YDcL_Z0KhTDJ199ia041eSPvN6IXL5H_VrCGCQ
.pubmatic.com/	1970-01-20 13:27:44	Name: PugT Value: 1687472116
.casalemedia.com/	1970-01-20 21:30:08	Name: CMID Value: ZJTH9P8nGf23ymoVAYxPngAA
.casalemedia.com/	1970-01-20 14:54:08	Name: CMPS Value: 4895
.casalemedia.com/	1970-01-20 14:54:08	Name: CMPRO Value: 4895
.smaato.net/	1970-01-20 13:14:46	Name: SCM Value: 96b9584a
.bluekai.com/	1970-01-20 17:03:44	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 17:03:44	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1L4UU541pp59+Byyhv/y/2pPh3iy0zw4lEEuv0ACtng1G9xY0kOPO
.bluekai.com/	1970-01-20 17:03:44	Name: bku Value: uUW99wwcksx2Co/M
.smaato.net/	1970-01-20 12:59:39	Name: SCM1001851 Value: 96b9584a
.dable.io/	1970-01-20 15:08:32	Name: uid Value: 99109364.1687472116036
.rlcdn.com/	1970-01-20 21:30:08	Name: rlas3 Value: BsG0UQBVo8JUYNHbe0i4pF2zCHO49XGes6BG6YXBk7U=
.rlcdn.com/	1970-01-20 14:10:56	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 12:44:35	Name: DSID Value: NO_DATA
match.sharethrough.com/	1970-01-20 12:54:36	Name: AWSALBCORS Value: 5Mb+Fz4ExCLE6FvcimDm0qr5gw3neoEw4xq8ATCJyzOqwhhJZR2UoH2YbsPtBDLaJBKpxphiI3lkD+aZLaTeveOpQvG8lKjeEJPzn5aiiC/1znp7E66XiHHHaRVg
.sharethrough.com/	1970-01-20 13:27:44	Name: stx_user_id Value: 88a39716-6a7c-40ec-9c32-bbb6bff1aef7
.adnxs.com/	1970-01-20 14:54:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Il_wo'dQ!]tbPl@/D!9hy6]/Cr+p3`ZU$gN94fe8XuLiT@[.cw1tf65#PEgY^![e*Wd6lh0cXBn<=Xo]#cY%nugO%v4VB%noCt+00d?
.360yield.com/	1970-01-20 14:54:08	Name: tuuid Value: a07962bc-bfeb-4445-a6f1-154baebd8ece
.360yield.com/	1970-01-20 14:54:08	Name: tuuid_lu Value: 1687472116
.360yield.com/	1970-01-20 14:54:08	Name: um Value: !38,hEU3iI8SiJAUBlw5injbgTHB0WsYF3Q8qHJMOFGpCZvWRquPFvVOeISJiw1jzljjIMuGXAjj,1695248116
.360yield.com/	1970-01-20 14:54:08	Name: umeh Value: !38,0,1749680116,-1
exchange.mediavine.com/	1970-01-20 13:04:41	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%224419fcf0-114a-11ee-b019-7f8b1108fbb8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:04:41	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224419fcf0-114a-11ee-b019-7f8b1108fbb8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:04:41	Name: am_tokens Value: %7B%22mv_uuid%22%3A%224419fcf0-114a-11ee-b019-7f8b1108fbb8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:04:41	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%224419fcf0-114a-11ee-b019-7f8b1108fbb8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:04:41	Name: criteo Value: %7B%22id%22%3A%22k-NvqXip0KhTDJ199ia041eSPvN6J_DrZfds3jgQ%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 14:54:08	Name: uuid2 Value: 5320890624632815736
.amazon-adsystem.com/	1970-01-20 22:20:32	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 17:22:27	Name: ad-id Value: A0Fgbyu0rk05rNNr6x1EVn8
.rubiconproject.com/	1970-01-20 21:30:08	Name: audit Value: 1\|46plap7KD+WAomga0SNewGiLpT0yjo+KdaROlJ0T9XvE50xgAul76bMmAB6PabueknRlaD0yM9pTPoTeSkk3C3gfueBqVrcaaSNejWJJjtW9ZJQ/RUdPC0qGsh9h1Eb1
.krxd.net/	1970-01-20 17:03:44	Name: _kuid_ Value: PoZ1IYts
.yieldmo.com/	1970-01-20 21:30:08	Name: yieldmo_id Value: g21458b33d57bea6f633%7C1687472116923%7C0%7C
.ads.yieldmo.com/	1970-01-20 21:30:08	Name: ptrcriteo Value: k-N01v9J0KhTDJ199ia041eSPvN6KdfrVtaRApxQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ade.clmbtech.com
adgen.socdm.com
ads.as.criteo.com
ads.stickyadstv.com
adservice.google.com
adx.dable.io
bcp.crwdcntrl.net
beacon.krxd.net
c.bing.com
cat.sg1.as.criteo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
compass.adop.cc
contextual.media.net
cr-p3.ladsp.com
criteo-sync.teads.tv
cs.adingo.jp
csm.as.criteo.net
data.adop.cc
df4bc5ae2990468302165fa3fbb42f2c.safeframe.googlesyndication.com
dfa97ee99d7255a96a9aa2e348f6576d.safeframe.googlesyndication.com
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
invstatic101.creativecdn.com
jp-u.openx.net
link.deimoney.com
match.adsrvr.org
match.sharethrough.com
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
widget.sg1.as.criteo.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.254.148.251
104.254.151.120
104.69.166.9
104.83.196.24
124.146.215.42
13.115.146.23
13.213.110.67
13.224.249.123
13.224.249.124
13.224.249.64
139.5.84.243
141.226.229.48
162.19.138.117
18.140.107.66
18.140.170.140
18.143.106.89
182.161.73.132
182.161.73.136
182.161.73.146
184.26.21.27
202.241.208.2
23.106.127.39
23.50.93.199
23.59.168.41
2404:6800:4003:c00::84
2404:6800:4003:c00::9c
2404:6800:4003:c00::9d
2404:6800:4003:c01::9b
2404:6800:4003:c03::5e
2404:6800:4003:c03::9a
2404:6800:4003:c04::84
2404:6800:4003:c05::84
2404:6800:4003:c0f::63
2404:6800:4003:c0f::9b
2404:6800:4003:c11::5e
2404:6800:4003:c1a::5f
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::9
2406:2600:7:100::f
2406:da12:fbe:4202:809:c2f2:90f7:4c91
2406:da18:929:5a03:6c9d:f3f0:968f:3290
2600:1413:b000:1c::17d1:2ed9
2600:9000:2003:4c00:a:e047:753:be1
2600:9000:223b:7200:1b:5138:8a40:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:6d
2620:1ec:21::14
2620:1ec:c11::200
2a02:4780:3:c141::17
2a04:4e42:200::485
3.37.143.130
34.102.146.192
34.120.135.53
34.96.70.87
35.157.108.189
35.190.39.111
35.190.60.146
35.213.12.39
35.244.159.8
38.133.127.63
44.230.126.114
52.223.2.229
52.223.40.198
52.46.155.104
52.76.166.242
52.95.122.74
54.254.193.145
67.199.150.86
69.173.158.64
74.125.200.156
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10f38db6a9def35c92215008189f5c815b63107ffee29d86a003dc91d36eca30
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
16fbac9c4db38bdc94930291c8784cec4c920280285f8d63abd0cd4960405c9f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cac8c36679a42b16ff45a022b39b0b363b827247869ac14b7f3bbf65e9e879a
1dc10fa8cd2c789fe0ff1cfe02d5bb0e025861f015192898fb1384265e2744e2
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
29e213f2304639d28ccb87935c75d168e4168aa930681d5fe239affde55680f6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d439a701cbe50053be072833477b8acb3333724f51e8d574197111d0bdc22e1
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321bf51ad6744af7fb1bf3b911443da2a2218ad61b87f071d7ae3fb67d7f5de6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a1d1b62c72e7d6a49d7cc23ff1e86cdba3e5664b93ea4b663a895804215d78f
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce544221c1b308ef554f61dca3ec40db585319ed144b44d1df4a50472d9231c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5188e89d434c9461b16c10048cb0740815ec7e0a56b7073241ea83bde76b4c84
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5a94518df6265abf2372937614dfebe7db8b4195ee415c88742da34d00b8eddb
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
686a35a496842ba37f54d8dd1e6824e9fda94c374fecbbfa0486a8ad8cdfd23d
6bf810051c369b655047a247b18e8962ce91c8028438201150f1f7eee9d02429
6c7a2f53a4553dd3f9ee47701fce2f1d9597f57ebcf67f54ca43d2dd261a403f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7653eb326abe1c040cac93e1107bf82a219d5bc3b4af2d5e7e12a8f584fd9013
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7ee68a1265282e733c9d14470e9f7a3838516bc0976c1e234aea509f6cde031b
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
7fea9db8dbd57851a0df866f1f8feb3beb60dd98bc3b0df34866d6aef2947905
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
93bace6bf59984401091a1a7715f1fe49b8676558c9a8ff4cc3f3735d38c952e
9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9f467101ddc83a53918a534a7eedfa399604276a5f44a110f362c58cbad2dabc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76f2b74f4871f929c0dbd1cf4d1724ab4166d267ee7d37592b226b5a97a7fcf
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2490b1add9d6000475ebb5ed6596e5f57337959ec142c86c400c1b9b7265f38
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270
b94be52dc5d0bcc050d8b61f5cabe92aa5895a20be2fd222a522ac07cbd4c253
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c564d6c8e9ca2303771f490cb6942d9623fff7f3df0bf9ac87bef290c059ec70
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032
d0dbf6336319f94f34b523fc8c6c5cf8688caa83e0afcd844278500f68881ec2
d43235fe26feb8f49d1ec99fed58c14f56035484dbfc94055d14fbdf60877d53
d9d25f3d6453ce88b3a8a1ca7330c532817b9eac19754e9d0a2f04143e73753d
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45
f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

mbantul.my.id Open in urlscan Pro 2606:4700:20::681a:6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

85 %HTTPS

38 %IPv6

51 Domains

76 Subdomains

67 IPs

8 Countries

2577 kBTransfer

5322 kBSize

77 Cookies

0 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

85 %
HTTPS

38 %
IPv6

51
Domains

76
Subdomains

67
IPs

8
Countries

2577 kB
Transfer

5322 kB
Size

77
Cookies

177 HTTP transactions
4 data transactions