mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:16d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.deimoney.com/b17DTQzQ
Effective URL:
https://mbantul.my.id/
Submission: On June 17 via manual (June 17th 2023, 9:08:30 am UTC) from ID — Scanned from SG

Summary HTTP 215 Redirects Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 55 domains to perform 215 HTTP transactions. The main IP is 2606:4700:20::681a:16d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 639315.
TLS certificate: Issued by GTS CA 1P5 on May 7th 2023. Valid for: 3 months.

This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:3:c... 2a02:4780:3:c141::17	47583 (AS-HOSTINGER) (AS-HOSTINGER)
30	2606:4700:20:... 2606:4700:20::681a:16d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c1a::5f	15169 (GOOGLE) (GOOGLE)
3	13.224.249.124 13.224.249.124	16509 (AMAZON-02) (AMAZON-02)
7	2404:6800:400... 2404:6800:4003:c02::68	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
4	2404:6800:400... 2404:6800:4003:c0f::9c	15169 (GOOGLE) (GOOGLE)
2	2406:da12:fbe... 2406:da12:fbe:4200:82eb:831e:204f:98bc	16509 (AMAZON-02) (AMAZON-02)
8	2404:6800:400... 2404:6800:4003:c01::9d	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.249.123 13.224.249.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21b... 2600:9000:21b4:4200:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	2404:6800:400... 2404:6800:4003:c06::84	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
3 4	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.250.241.73 13.250.241.73	16509 (AMAZON-02) (AMAZON-02)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	202.241.208.57 202.241.208.57	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
3 3	13.33.88.32 13.33.88.32	16509 (AMAZON-02) (AMAZON-02)
7 17	74.125.130.157 74.125.130.157	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
12	2404:6800:400... 2404:6800:4003:c02::84	15169 (GOOGLE) (GOOGLE)
2	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2406:2600:7:1... 2406:2600:7:100::1f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
10	3.0.25.35 3.0.25.35	16509 (AMAZON-02) (AMAZON-02)
2	23.75.85.227 23.75.85.227	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
7 13	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	50.31.142.127 50.31.142.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	2600:9000:223... 2600:9000:223b:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	54.64.237.165 54.64.237.165	16509 (AMAZON-02) (AMAZON-02)
1 2	13.251.84.9 13.251.84.9	16509 (AMAZON-02) (AMAZON-02)
3	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	104.254.151.60 104.254.151.60	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.207.188.21 23.207.188.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.106.127.165 23.106.127.165	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.199.77.124 23.199.77.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
1 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1	124.146.153.150 124.146.153.150	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	23.73.13.201 23.73.13.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	15.164.246.88 15.164.246.88	16509 (AMAZON-02) (AMAZON-02)
1	35.74.143.220 35.74.143.220	16509 (AMAZON-02) (AMAZON-02)
1	42.99.140.177 42.99.140.177	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1 2	54.255.66.79 54.255.66.79	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	35.159.42.9 35.159.42.9	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	38.133.127.31 38.133.127.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1413:b00... 2600:1413:b000:1c::17d1:2ecc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.169.214.108 54.169.214.108	16509 (AMAZON-02) (AMAZON-02)
1	54.169.75.79 54.169.75.79	16509 (AMAZON-02) (AMAZON-02)
1	35.85.211.154 35.85.211.154	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2406:da18:929... 2406:da18:929:5a03:1507:ab6c:c908:2148	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
215	70

1 2a02:4780:3:c141::17 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

link.deimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::681a:16d (United States)

ASN13335 (CLOUDFLARENET, US)

mbantul.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.249.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-124.sin52.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c02::68 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c0f::9c (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da12:fbe:4200:82eb:831e:204f:98bc (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c01::9d (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-123.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b4:4200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)

bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::9 (Japan) 3 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.241.73 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-241-73.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.57 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.88.32 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p1.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 74.125.130.157 (Nashville, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c02::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2406:2600:7:100::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.0.25.35 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 69.173.158.64 (Singapore) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.127 (Itasca, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223b:3600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.118.186.107 (Singapore) 3 redirects

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.237.165 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-237-165.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.84.9 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-84-9.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.151.60 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.254.151.120 (Los Angeles, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.188.21 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-188-21.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.165 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.77.124 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-77-124.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.150 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.13.201 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.164.246.88 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-164-246-88.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.74.143.220 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-143-220.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.177 (Central, Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-177.pacnet.net

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.66.79 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-66-79.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.159.42.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-42-9.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.133.127.31 (United States)

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:b000:1c::17d1:2ecc (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.214.108 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-214-108.ap-southeast-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.75.79 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-75-79.ap-southeast-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.211.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-211-154.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:1507:ab6c:c908:2148 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.as.criteo.net — Cisco Umbrella Rank: 13532 csm.as.criteo.net — Cisco Umbrella Rank: 12668	370 KB
30	mbantul.my.id mbantul.my.id — Cisco Umbrella Rank: 639315	1014 KB
25	rubiconproject.com 7 redirects s.update.rubiconproject.com — Cisco Umbrella Rank: 4946 eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	77 KB
25	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	282 KB
24	googlesyndication.com bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133	118 KB
13	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17168 ads.as.criteo.com — Cisco Umbrella Rank: 12357 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12627 widget.sg1.as.criteo.com — Cisco Umbrella Rank: 22989 dis.criteo.com — Cisco Umbrella Rank: 601	108 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	674 KB
9	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	34 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387 us-u.openx.net — Cisco Umbrella Rank: 492 jp-u.openx.net — Cisco Umbrella Rank: 9796	2 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032 s.amazon-adsystem.com — Cisco Umbrella Rank: 337	4 KB
5	adop.cc compass.adop.cc — Cisco Umbrella Rank: 61081 data.adop.cc — Cisco Umbrella Rank: 67483	10 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 secure.adnxs.com — Cisco Umbrella Rank: 476	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	163 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
3	ladsp.com 3 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 20164 cr-p1.ladsp.com — Cisco Umbrella Rank: 70472	2 KB
3	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1091 adgen.socdm.com — Cisco Umbrella Rank: 18008	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	17 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 662	876 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1485	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	738 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 572	1 KB
2	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 8176 cs.adingo.jp — Cisco Umbrella Rank: 4122	877 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 618	2 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 560	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1039 r.turn.com — Cisco Umbrella Rank: 3929	869 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	10 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	18 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 408	733 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 637	337 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 7500	142 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2146	595 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2951	259 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 761	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 763	287 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 246	668 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1189	879 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 426	440 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 617	659 B
1	dable.io adx.dable.io — Cisco Umbrella Rank: 13830	141 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 653	548 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1976	277 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1302	230 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	688 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 645	794 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	628 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	deimoney.com 1 redirects link.deimoney.com — Cisco Umbrella Rank: 736598	503 B
215	55

	Domain	Requested by
30	mbantul.my.id	mbantul.my.id
20	static.criteo.net	securepubads.g.doubleclick.net ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
17	cm.g.doubleclick.net	7 redirects google-bidout-d.openx.net e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
12	tpc.googlesyndication.com	bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	s.update.rubiconproject.com	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com s.update.rubiconproject.com
9	imageproxy.as.criteo.net	ads.as.criteo.com
8	pagead2.googlesyndication.com	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mbantul.my.id
7	pixel.rubiconproject.com	3 redirects ads.as.criteo.com
7	www.google.com	mbantul.my.id www.gstatic.com www.google.com e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com tpc.googlesyndication.com
6	token.rubiconproject.com	4 redirects e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com eus.rubiconproject.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	gum.criteo.com	3 redirects static.criteo.net
4	www.googletagservices.com	compass.adop.cc bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	csm.as.criteo.net	ads.as.criteo.com
3	match.adsrvr.org	3 redirects
3	cdn.jsdelivr.net	compass.adop.cc securepubads.g.doubleclick.net
3	compass.adop.cc	mbantul.my.id
2	ad.360yield.com	1 redirects e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
2	eb2.3lift.com	1 redirects e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
2	x.bidswitch.net	1 redirects
2	match.sharethrough.com	1 redirects ads.as.criteo.com
2	sync.1rx.io	2 redirects
2	s.ad.smaato.net	1 redirects ads.as.criteo.com
2	b1sync.zemanta.com	2 redirects
2	eus.rubiconproject.com	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com eus.rubiconproject.com
2	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.as.criteo.com
2	cat.sg1.as.criteo.com	ads.as.criteo.com
2	ads.as.criteo.com	bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	tg.socdm.com	1 redirects ads.as.criteo.com
2	us-u.openx.net	google-bidout-d.openx.net
2	oajs.openx.net	1 redirects mbantul.my.id
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	data.adop.cc	mbantul.my.id
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	beacon.krxd.net	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
1	e1.emxdgt.com	ads.as.criteo.com
1	sync-criteo.ads.yieldmo.com	ads.as.criteo.com
1	ade.clmbtech.com	ads.as.criteo.com
1	simage2.pubmatic.com	ads.as.criteo.com
1	sync.outbrain.com	ads.as.criteo.com
1	c.bing.com	ads.as.criteo.com
1	exchange.mediavine.com	ads.as.criteo.com
1	idsync.rlcdn.com	ads.as.criteo.com
1	ads.stickyadstv.com	ads.as.criteo.com
1	cs.adingo.jp	ads.as.criteo.com
1	adx.dable.io	ads.as.criteo.com
1	tags.bluekai.com	e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
1	adgen.socdm.com	ads.as.criteo.com
1	criteo-sync.teads.tv	ads.as.criteo.com
1	sync-t1.taboola.com	ads.as.criteo.com
1	rtb-csync.smartadserver.com	ads.as.criteo.com
1	contextual.media.net	ads.as.criteo.com
1	widget.sg1.as.criteo.com	ads.as.criteo.com
1	cc.adingo.jp	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cr-p1.ladsp.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	rtb.jp2.as.criteo.com	mbantul.my.id
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	mbantul.my.id
1	id5-sync.com	cdn.id5-sync.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	mbantul.my.id
1	link.deimoney.com	1 redirects
215	85

This site contains no links.

Subject Issuer	Validity	Valid
mbantul.my.id GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
adop.cc Amazon RSA 2048 M01	`2023-02-28` - `2023-10-29`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-08` - `2023-08-10`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2023-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2023-08-05`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh
post.update.rubiconproject.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-02-03` - `2023-11-21`	10 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
adx.dable.io Gandi Standard SSL CA 2	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh
colombiaonline.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://mbantul.my.id/
Frame ID: CE3929820B1A1D13B9888495DB7EF2E1
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=2k87zem9z0eg
Frame ID: 22B83F12FC60411ED00D72A94029D64E
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: 7CE95F168F425AA889B0B4275A24E315
Requests: 21 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: D4E3F2A3FFBF8BAF68961A05A222C80A
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg
Frame ID: 008122A04B07C83B9D5CAE7FDF7919CC
Requests: 3 HTTP requests in this frame

Frame: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0D09C01EA12F839BEB04546C4A219201
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: 9385D0A560E5C6819A69373693BD681B
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F72956F9AF447ACA9C0AC0110099E3A5
Requests: 6 HTTP requests in this frame

Frame: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 07D7F9EA1ED5BCDB043B9F92E685DE4F
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14CQALSW4KaEKBAA0IYv1WoajLZB2K7OAugw&u=%7CX9uaY6v3AUM5G3zck654Hctg8xamtbaD8Q0v2wI1%2FDo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq3KC7L9adrm4g6mOUED68zGJ0bMzxR1gN221qwmyHV109sUfhLrv3s-Dm7DHaBLtPHvNYNuyw99O3E20Pzy9sy7rkWaY9QJ8TEkqNkdxW61jtisROvS_863PX_I4GOa8FimKsmAxlN5HUWjdHgbY4o0VTJSoxpV1yOaQ0H9tPg31Bq_3RzAALWVSOvIWeXxZSGkUcXBJ8J85pJehGxPIwR5HCCmmDeUFrRPCLfML7bAO5EHvtX4ZE_02C1PJNpJHuaF5R6GGdcXjsp8KIt79WsI7PInZaCoKpXAwQtwZpnAiPooJ4t30oEiL3zqV-sW70ox22Q95nTWfMrkooXwH2dhJkAeu-ZpxzBhiIRd_A_ff47XFHtgbXPqxx0uyHlleCk7j5r2ugc9po8XTnFwvzYQeiZXTI71zvdbuipx-qSOUkSkXyocWRFoZaFQOY2Wts_CIFpmhO23RZY1dA90QH9Gg4VIfxwtzfyJ2NMioMQX_0i5PLh2TzqWhWtmk8Tc7a__YVtnRVW8thkiuHGJXKTuYzgvJpH47kakt-L-ekSpKs1Iw33rGfMM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjHyfCXiNZO6SLYGFoQPikLTADb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJ4AIAqAMBqgSnAk_Qp2bh9OvpHHUeLkIWZxcFUbtMiPyzkogmuLnaXBpbqzwhNo2N6QABz1IGRf0i8Q3gQsl9VODRV3GyoRj95LcwAqHGTeD6muLcIkSiXMCqGMk4XKEQowj977rraYIkKGS1CqyO0469ntG-3PGiLpZxm68mF3qPxpRgNZIokLFt6hi2qoqdPMoiCTrkrRJGmwiQQEN9r4GOy3E75udNq0OmuDQYliib001SVxCYORg_SLds5jIMcAnzkInO-iqpz7T0q4OyDNiGAiLkFFyAMJbcx1F1mDgwguxBJgqYwNTPCk5wMzC2CDYLK-ehRb9UDwKVx7ySHeXkOP-k-uAQ71obOEmDOWP2fJU_jg0tH1U8Ek45i_yOE31SFYGinZv_PRLII9h0WBfgBAGABrH31NjboOj4ogGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2mfOk79TYtKegCFye7KZIdDS9Jeg%26client%3Dca-pub-5111137191506013%26adurl%3D
Frame ID: 3626696071AFB82FC90361D2C998EC8A
Requests: 20 HTTP requests in this frame

Frame: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BEAD742EB54CA845C8EECFA74F8E5BF4
Requests: 1 HTTP requests in this frame

Frame: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B045F097C6FA4F791C7DD4B3DDD034F6
Requests: 20 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Frame ID: CC9CD4AC9732BF0F46FAD1AC5305D750
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Frame ID: D674AA088FD239A9A0EB5D6135F14BFF
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A2FD72788E40091BDE3708E2364B47A8
Requests: 9 HTTP requests in this frame

Frame: https://widget.sg1.as.criteo.com/dis/dis.aspx?pu=65968&cb=648d780a8739c374428da1a8be4fd521&r=https%3a%2f%2fe877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: A0F315783928B9058BED9E78E37E417E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30
Frame ID: 822EC97A6032D2B2DBD38C52AA4B2D00
Requests: 30 HTTP requests in this frame

Frame: blob://https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240
Frame ID: 0834AC3D3CDC168107D01CE50F8E9E53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE2344B623ED390C291887E03C14E163
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C1B4ADC880E10DA0C591F9C0C664DD6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CAAE77D6B1AA61C744E3E4FC7111362
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D62286DC472A326D14A7F0E5A387E57
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQ... Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

215
Requests

84 %
HTTPS

38 %
IPv6

55
Domains

85
Subdomains

70
IPs

9
Countries

2932 kB
Transfer

5799 kB
Size

82
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA== Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==

Request Chain 71

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=brhfsHxDSDJNNU1EY2N3OUlIMUpCQ1R5aXV5bWR5S1BmTVYwOXRwa1BZaWlWTGtUdXZJZ0Z0TlJNaUpEdWlZWnVHaUFWa0ZrTVRwc0pnUlcyR3RUdTVTYzFrTkFPSy82dVg4b2M4VE90KzFydDNNV1Z2WjBmK2VHYzU1aEN3emg4VnQ2K2w2dzFNL1MyMlc4dlE3V1JERTZmN2t0YXQ3V1NxaU9HLy9XWTdGdm1uU3VJek9NUzBseitMVll0MkZLVHEwWWlvcGNMQ2JUT1FldUFyR0NkeExWVUNrN3JoRXdvUEJZOTZvUnBhb0xHTHhTeTNndzdaeGhoU3dQQU4zY2VwSjUxdkRnZGZzd2YrTEhZZyt6ZXlVelIydz09fA&cppv=2

Request Chain 72

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

Request Chain 75

https://match.adsrvr.org/track/cmf/openx?oxid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&ttd_puid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0&gdpr_consent=

Request Chain 76

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14CsCo5sAAAHnAuXoAAAAA

Request Chain 77

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWdJcBGnqawBks8AD7MOpr062M8AAAGIyJzohQ

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4&google_tc=

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEcOISZNaOZGA7L9PsemYLw&google_cver=1

Request Chain 128

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1&google_push=ATf1kGPvB53PtDJHSbMhPGLR13Rs0HSXPp0y3K7DYt8Yie5J_WdqX4NUMHq2AIseqM6f1WgML_W9OonZ4I1IPz3e4AC72zD0Isvbg0RZxKqMxLgwQTgkVOeBwc9boX496i6kZRJVuzYQTD5NeXQY0UVwRLU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0NjM2NjM3NjQ0Nzk4NjkwMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1

Request Chain 129

https://cr-p1.ladsp.com/cookiesender/1?google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0bRKpArGXY4Mkaj1Vd9Gypk&google_gid=CAESELMaMRdifQRLAf_AWu3CN_g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0bRKpArGXY4Mkaj1Vd9Gypk&google_hm=AeJ3Vk1FRsIiks8AD7MOpr062MA

Request Chain 130

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA90CJutY8QDiJN3Uf9Fhz8&google_cver=1&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88JqL6Dlixu6_hyDrmjADU2w5xg8 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA90CJutY8QDiJN3Uf9Fhz8&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88JqL6Dlixu6_hyDrmjADU2w5xg8&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88JqL6Dlixu6_hyDrmjADU2w5xg8&google_hm=T3Z1WkdDZ2xkRUV5TjdQNVp0UEI=

Request Chain 131

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHYPSAgRHeMCuJ6hon0BpQM&google_cver=1&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLdVxL9LzQZ8aEDCS2Y0bXIO28h9EsyhBmtCAz6RjrxjDufdB7EjcxLSJmb1rdQrW0R19VnMG4kLppFjY2kC-mU3-iySVRbUKStp2q5j22I2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=80ceee02&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLdVxL9LzQZ8aEDCS2Y0bXIO28h9EsyhBmtCAz6RjrxjDufdB7EjcxLSJmb1rdQrW0R19VnMG4kLppFjY2kC-mU3-iySVRbUKStp2q5j22I2g

Request Chain 132

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIEbfUBojSHShSmuCHSDz-c&google_cver=1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1686992907065 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0cd0b23e-fd3a-4db8-a682-5694e08df8ec-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA%26google_hm%3DBAzQsj79Ok24poJWlOCN-Ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA&google_hm=BAzQsj79Ok24poJWlOCN-Ow

Request Chain 133

https://cc.adingo.jp/adx/push/?google_gid=CAESEKKbb_fCgZ16O01mRX-OR4s&google_cver=1&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe-XuZzvaXg2_DB4mJPVqLdRaH3GjaMegaznpHy4SG6KixWL7YS9CQ1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe-XuZzvaXg2_DB4mJPVqLdRaH3GjaMegaznpHy4SG6KixWL7YS9CQ1c&google_hm=9db8f58238b1e7a4f2116c7264e5daac

Request Chain 134

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAG0jpEoINf0_UluhaSjPrc&google_cver=1&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEWmz2N5m-WJoDwWuAceMFGU41BtMIycYTGnsuZ20dDxJfGwsm0O_qsAecCEtSno4QwaLvVp5pC_cHG47rB_adwe3nJmIuK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTA0YTM1YzYtYmNjMS00ZjUzLWI1MTgtNTM3ZTFiNjIwZTBl&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEWmz2N5m-WJoDwWuAceMFGU41BtMIycYTGnsuZ20dDxJfGwsm0O_qsAecCEtSno4QwaLvVp5pC_cHG47rB_adwe3nJmIuK

Request Chain 157

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_cm&google_hm=ay1OUWliN1ZySlBXN3RINGh3LUVZSnMwbHNZMEFVSXZ1aG9DRjVmdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_gid=CAESENWBdfzwlSljmhdrgYSPNy8&google_cver=1&google_ula=913071,0

Request Chain 159

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=945636454347791631

Request Chain 160

https://secure.adnxs.com/setuid?entity=52&code=k-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg

Request Chain 167

https://eb2.3lift.com/xuid?mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 168

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg&verify=true

Request Chain 171

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=MsEZwzsuR1sOlZslCddas81BygCxVsOE

Request Chain 172

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g&C=1

Request Chain 176

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg

Request Chain 190

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PVYe1idM3OMf9BdnvVZMcWeF4wkJxUJt

Request Chain 195

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElaUzBRNTMtNS05QzhM HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDzi7nqCN5E5DYAnqabxHd0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaUzBRNTMtNS05QzhM&google_push=

Request Chain 196

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cW3syXNdR66DWW7Q9Fz_xQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cW3syXNdR66DWW7Q9Fz_xQ

Request Chain 197

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&gdpr=0&gdpr_consent=&expires=30

Request Chain 198

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZS0Q53-5-9C8L

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcqOCrKDmuvDh_J19mWzBo&google_cver=1

Request Chain 200

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/2z6WJU3OeM7I6mSd70pWmA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-T2gQzElE2oLIZsJlKHF8h70uVJ1Ugnmxn99XSw--~A

Request Chain 201

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODk2YTdmY2MwMWMwNGE2ODI4NmFjM2FiOWU0MjI4ZTdhMzVmNDMwOA

Request Chain 202

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rQXFhrBRQYewr1z7yeud9g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQXFhrBRQYewr1z7yeud9g

215 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
mbantul.my.id/
Redirect Chain

https://link.deimoney.com/b17DTQzQ
https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==

555 B
831 B

586ms
569ms

Document
text/html

2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a25d019e1919b-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:08:24 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA%2FYaqIbDO9dMwTj8iC9CXuYo0IerlcY0HslwpmUOr4PO2B%2FVG2%2BAnG0Rqqx3BikmXloTSsSGwZqJrlkqM0cGZmRQ%2FSKCBZPSsEB4CGu%2FHWJTFX3es0utsKNjq23XbXvkEHw3C4ieJw0VAI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:08:23 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

POST
H2 200 /
mbantul.my.id/ 1 KB
1 KB 72ms
71ms Document
text/html 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a25d3cd54919b-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:08:24 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yw0ECulmuEQFBtnq%2B2k7xDwlpIxvt0gbBNDEuSHckSqttzF6MNKoNhgpxZTg7zqN%2FvAkBPnsPYMvZPHJvZiYuqBf8BN4vCoZX1bVfFd1rvGhDAPi3dW056VPZ7Tp2G7PSjun0zjttkrrMWc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
mbantul.my.id/ 135 KB
39 KB 120ms
120ms Document
text/html 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8c00b81c6bf51adc887df0e8e2642b723c611b77ae476ad864c18a04c93e8f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a25d45dd1919b-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:08:24 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJrBlLxfC7A8olyGqnhgQehyaJsCPLdx29ZUn%2BeL7qhp%2B6gsgtgsOBTQx%2BCSV77c4SUhoFNJqVGh0AFEBcqDxoqS27vhlgi7ZMhAXt%2FBk2SJVArh9%2Fs%2BtOPc9i8KpV2qwMWy5WrrUCgPgKk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585295
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 22:52:38 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FglaGZNSlwGePQ9MDKIgY%2BNSmzaahYhmEJ4ZXSKOjN2rihEOfn4jQ%2BIWiyyInN1f9Oeolq7tsMyG9C%2FnkuX1YKtpdsUPCyk28vosYBw03fZXfY88C8ETWcMv0gac7VqKEzWPrn4me%2BK2wy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e8c919b-SIN
expires: Sat, 17 Jun 2023 14:33:29 GMT

GET
H2 200 classic-themes.min.css
mbantul.my.id/wp-includes/css/ 291 B
560 B 14ms
13ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585295
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Feb 2023 19:20:20 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEVgAqAgp%2Fnnatc4gI2Rf6i9X1uuJ1Ix63g4zDqoidPLPjLYoDiufZFqq03hXbVXJEEZ3CEPLVQH1EHHkiSKVHgw2Jb7q6ODLgVgW9JQMNdfo5IQexWABX%2FLDeKvmxCJst9EobIKh2PAX8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e8e919b-SIN
expires: Sat, 17 Jun 2023 14:33:29 GMT

GET
H2 200 style.css
mbantul.my.id/wp-content/themes/gridmax/ 88 KB
14 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/style.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512484
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef%2Bu4FEmSbHp5XGOXxDDUPBtPfmN2qUkMco2AB3YqnHki9dtpNGn1keDazw1s1nmhGiBjKlvj6ja30AbBvphD3%2BAy6KbxUMrIuWSyutc6dfMXFiNRJ5V6HUmWf9OIHn6M1rZTu5oYkF6zuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e8f919b-SIN
expires: Sun, 18 Jun 2023 10:47:00 GMT

GET
H2 200 all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/ 56 KB
12 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512484
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6LHwwjdf1cyp%2Fh2Pb%2Foe4zLbadFTq8NdXkoCOsYL7IucWPK6vfsNpkw6aWAV1b%2BvO%2F2kyPMFkg%2FNfXucdfh7s40CEOcsl%2F26tmaTyrna9VnJKNBkCcCQ5W9tSdcgy1nde6ofaMPrqD%2BNhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e90919b-SIN
expires: Sun, 18 Jun 2023 10:47:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 29ms
9ms Stylesheet
text/css 2404:6800:4003:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 09:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 09:08:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 09:08:24 GMT

GET
H2 200 jquery.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 88 KB
32 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282877
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Mar 2023 17:07:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nFYfKX2KRN3LNujadIbsqGv4x7Knhcy1P7ecy0QnXOCnxe29Biqql9b7ckY%2BdQFaEbqEdjTmldezZ3LdG08QS2ue%2FW%2BYctewNVnoByRNYDFEJF76r909ZcpAMAyyJ8VL4n0nO45KGeLxmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e92919b-SIN
expires: Wed, 21 Jun 2023 02:33:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 13 KB
5 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512484
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 19:29:16 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4aGM7sC8j92D%2FYPlLDgKL3nbeFILC1F9oByjPRPQirxUdirGVM6Ec9H0fUN4Btsn3ssoJgZCbLsquiXuOfT9XauRTrFHIu2XxJfGGR5uryLKdyhHkzNDYO0%2FxNGi4a7Hyq9pt3%2FhBER5DM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d52e94919b-SIN
expires: Sun, 18 Jun 2023 10:47:00 GMT

GET
H2 200 cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/ 2 KB
3 KB 14ms
11ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:36:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCRDGPHzTfG8P1%2BaYRYGjt2F8ZBb55UXsWXKaTEb6BFfQPTbaidaH4Dy%2BpZF00q29beyxDAfADZUh659wX3fXu3m3ljwuxfzXqTyXaUKFQ4AfvdcQ9ElQOFAWDKqgpWmp6fqJXNOktemj0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d5af1f919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ 3 KB
2 KB 123ms
6ms Script
application/javascript 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:05:52 GMT
content-encoding: gzip
via: 1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 152
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: E331S3uNz8ayNWR1tLAZMGgPQTuoVc-X57cWKl2EEwnXM8D5q-a3bg==
expires: Sat, 17 Jun 2023 09:15:52 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 853 B
877 B 27ms
5ms Script
text/javascript 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 09:08:24 GMT

GET
H2 200 output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 9 KB
10 KB 14ms
12ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322308
x-powered-by: Niagahoster
content-length: 9505
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KAjLKUzkmFM7dFyto7ZX4vzcbLKwfN4L8ftUyl4aNTOKE0LvOnV1wXYxO7OhagUfU4hxJsDC2Vlr1M3omiN5C9aSzKVHHZgmXsEySen2Oq5f8emejLC35y0b6ii6rD5XG1WGU1Vy%2Byxk8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d5af20919b-SIN
expires: Tue, 20 Jun 2023 15:36:36 GMT

GET
H2 200 htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 73 KB
73 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509939
x-powered-by: Niagahoster
content-length: 74563
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:47 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci1pucb3t9HVZiq6sNYqL9tc29zWVyqM4rtEldHNOeLJUK8rFxsHOgcuS%2F0Uk0MkrH6B8y3BePAlEkV4dzrs%2FiSnssI3%2B2iwrRL%2BAGszYXPNM5bRQKOr2e3%2F6js082ED%2BV4YxhEMLNy5%2BGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d5af22919b-SIN
expires: Sun, 18 Jun 2023 11:29:25 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mbantul.my.id/wp-includes/js/ 18 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585283
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 23:23:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDVWFYIogqJZlQ3iyOS4aGy9vTKG1xbJQWGGx99XGK9vRMLJVj94WJPFBMGzd8khLYV2w78aVemtRMOaA7Cu0UMD0D%2FH%2FXaKU5JHm05CePHrrjL7SWOAh%2Ft2QSFj4AmBn1bGYJVoVFymNIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d5af23919b-SIN
expires: Sat, 17 Jun 2023 14:33:41 GMT

GET
H2 200 ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/ 14 KB
15 KB 16ms
14ms Image
image/gif 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-length: 14474
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r43MYpMWqY%2BRQj7rsR%2Fi4ksajMPDias0lMYZSp%2FnXQoCUFl2OKexqxmdjILSRLQMmq5bz%2FWruLlwNHJ3LuSSWs4a5PjowNajXl1wTLuCFPsDlYohHemAk7G4AhM6xnv5wAe3eumyduvFXow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d5af24919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 10 KB
10 KB 17ms
15ms Image
image/png 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-length: 9923
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:27 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6XCT3ForIFqnJYH7lW0kjueAt1Fw%2BFU5cFLDC8rGjNy5rqstKcYg3C0iB2boCRoIhQ%2FBPOD4pihlVuokjHi0Xkx%2FWDHFcX5kRpukaXtoMmY9AoWcmj9JAlv56bttc0yDiomSbsm%2F54IQXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d5af26919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 jquery.fitvids.min.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 2 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iCbmxGdrY0ep%2F26PHJIRSOQRbUCuE9ej8uPaGjWTd8zuEtKDnvcHbE23H1kdvnzf2kbHnvSwy66E5osUnjXDZFieKarL%2BR1czGH7%2F8e7P65B%2FQC3uTvsw92ILodklmJjuvpj%2FJjebOUQVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d58ef1919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 navigation.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 9 KB
2 KB 13ms
10ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbIcB7gD26h9xThv6%2B1e36t2z0xpW91DgUIqN8%2B78dSIniQZkCAa35PvwV4Ejznyb%2BMiggIlIhQ1gYTVtVJXJGLw1InxeIhxfD19LX0Vk5TPtvQKMmKfrfQk%2Bd3lOjG4UvXGWcLpwKlyp8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d5af1a919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 834 B
708 B 16ms
13ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXz%2B7VOKp9O%2FGo%2Bi13hf4dEnFw6LJZHbAeiSyJELBT1g9GyVwT8g%2F2E4AixPiESdDz8bEZAe5EWEv6TdKsqhJ2EraUBX6%2BjvqhTCOcHVlEd9eFOPEAjH3sXY9S%2FJjQAB7huy2A%2BKgVnIvok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d5af1b919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 custom.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 6 KB
2 KB 14ms
11ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcLNVSJgawBkrPiWWiq1Oogo7VXZVoLkT4XvrYKG2zjjnhLzXHzBsU8WXRgK81PAbhtFy0pOGos7Qbo8P%2BSIrcvcuWJjZdqR3Zqivjb4baPj%2Bm4jVe5nIgPpLeG6tBGJn7Q%2FbJi9jI8cc6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d5af1c919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 html5shiv.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 10 KB
3 KB 20ms
17ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmI52qJt%2BDWJNxgcNYONQ8LgoMXai46yVOXi%2Fn8IqLO%2BhSf8zFS4FcqXKmpsNibjbciKPlON1%2BadnWtD8x7engNGQ%2BvLZGDb%2FBMF77XDjIJzHgw8b%2Ffd4eA8TCIO9CgxXRGUfLTrH9PvKdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a25d5af1e919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 22ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 10:21:57 GMT
x-content-type-options: nosniff
age: 168387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 10:21:57 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 24ms
8ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 20:56:48 GMT
x-content-type-options: nosniff
age: 216696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 20:56:48 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v12/ 24 KB
24 KB 20ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 21:45:05 GMT
x-content-type-options: nosniff
age: 40999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24520
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 21:45:05 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 424 KB
169 KB 20ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 02:43:23 GMT

GET
H2 200 fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/ 74 KB
74 KB 10ms
9ms Font
font/woff2 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512483
x-powered-by: Niagahoster
content-length: 75728
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR0CER5CWRUdEqn1547zA4LS8zWzJB%2BXzZNuC7VFIbM3IHMyLEjbPD2eOHwtLY80fVZOMrNReD1pT0JwD57PohTt2o5l5TMmIeLn4M7VY%2FXUOEPWcZP3Dv%2F2LA9wG0HHzabTu8LGXA9RHC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6684e919b-SIN
expires: Sun, 18 Jun 2023 10:47:01 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 19:28:50 GMT
x-content-type-options: nosniff
age: 135574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 19:28:50 GMT

GET
H2 200 htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 84 KB
85 KB 13ms
10ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509939
x-powered-by: Niagahoster
content-length: 86224
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJLWvedx5ouJK8I4lN%2FwBpKA0ZiTR2tXVCOhto2Cr2xqWJmtyNcDXe0Tma%2F9o4Pxb23hfNnmKx2TUbMKbhjdZKo21NxcG0iy2VICFWuw5pyiGrO3tMZyhsLrRZfpTtNpvJ5Y%2FDBeHpvJ11I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6785d919b-SIN
expires: Sun, 18 Jun 2023 11:29:26 GMT

GET
H2 200 htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/ 107 KB
108 KB 24ms
21ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509922
x-powered-by: Niagahoster
content-length: 109683
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pglGIKYSykP9Y7qOylqP5%2BNzy6ZyqlX2ko3WXH4SsthK%2FKwAPSHYF2BR7ewq9nepjYXp2fBu5Gh4qhb6O7og%2BZ6%2FMKF5YpxOgvEPMXo6J8e2antFOfCGyqx%2Fkph1BL4ASU39lD4a7XISnqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6785e919b-SIN
expires: Sun, 18 Jun 2023 11:29:42 GMT

GET
H2 200 htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/ 87 KB
87 KB 19ms
16ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509922
x-powered-by: Niagahoster
content-length: 88613
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpy%2FxuDh3TFNqGLnQgwkvuPmnBY5jUIZetOpfcuR6HGFVQM%2FDCVRE6LMh872K1nmTqXrpw15x3Hw3fzkZ3YU3Zsmjddx1OEyAyF9XY5GZxfttg0yUWzc9Bqsc1iry01cxPnO2C%2F%2Bt94kTKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6785f919b-SIN
expires: Sun, 18 Jun 2023 11:29:42 GMT

GET
H2 200 htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 26ms
23ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509922
x-powered-by: Niagahoster
content-length: 83210
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV%2BIaUa3oUZ6S5LtynmJpnJw7TaL6pvU%2BekrHKPGBFWikfkx3zsmJpXSSkCcm56GdZt7LaKrxYviVCLHv4PPq3MLfQ5tT%2BIJMAMAP2aMeiRecPtaLEA8oSGTxvFQBfzXXzfJqN7%2FtHWxIV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d67860919b-SIN
expires: Sun, 18 Jun 2023 11:29:42 GMT

GET
H2 200 htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 62 KB
63 KB 18ms
15ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509921
x-powered-by: Niagahoster
content-length: 63746
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHUXxxQRgvEPXhDextTbEcbwuhjxs3GDSnb%2B0uq2T2dJXEkj6O15sbX1SaQJ2K4bYEA%2BK0LlGZ2Omiy1akEwp5mAlQtqSqzfxlpGl%2FnN57d76HEPK7jVC2sYbTqMwOXV%2FPvltpThNnAuuEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d67861919b-SIN
expires: Sun, 18 Jun 2023 11:29:43 GMT

GET
H2 200 htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 78 KB
78 KB 29ms
27ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509921
x-powered-by: Niagahoster
content-length: 79469
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRdL2FVf2yx2JyIKCcGKbrOyntdhirdJKPy9dqvTwbr9Z8SlP0wre9O%2B3WddHYHudbFphZ%2BeULZMJO%2FZml3wMGWfuQ%2FrOJWvft0lcLUVnBuRtXVGzo4ljyRjljkzNJmNuEchNj7%2FZVFby0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d67863919b-SIN
expires: Sun, 18 Jun 2023 11:29:43 GMT

GET
H2 200 pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/ 34 KB
34 KB 28ms
26ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509922
x-powered-by: Niagahoster
content-length: 34306
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:55:01 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm4taDaHRPQHaeAJ3AxingGul2Q2xhj9N8%2Bd%2BWEv4pp7DQyrFLmljB7kmH2YXkf2oNiJ6D9Wr32siqUoP4Z750Fbx7N%2BXgfs9fAsf40NVFSW%2BlH8VsuFrXZ8sTnEFOgHe19sIZ1zRb4mBLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d67868919b-SIN
expires: Sun, 18 Jun 2023 11:29:42 GMT

GET
H2 200 htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 26ms
24ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509912
x-powered-by: Niagahoster
content-length: 83351
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoIdOuV6giBSaJXskqJyg85uI7Wisji0Wem48%2BIPxMPKp4qMiHBNwgQu26eyyYU7l%2BcNAGPAnJSMcp9UchcL5sS1FTy6zMX%2FL6eAIX7oH2WywR1KldafK%2B%2FCAWGnlY8lpQyqperGr40zz2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6786a919b-SIN
expires: Sun, 18 Jun 2023 11:29:52 GMT

GET
H2 200 htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 80 KB
81 KB 28ms
26ms Image
image/jpeg 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509890
x-powered-by: Niagahoster
content-length: 81955
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWkIWOF3HNuNwZLKfD7WY6BZr%2FGob48hc9U2HsHPM8RFF6cOMY5H7ULJkmQzwYvXI%2FZQ4LbgHsQvXWIjaIcyMvmMjmHjUTaUOb8JxsJfhS7pHxc15bVyigqbGSrJCg5InM7wsKPKdiH3rRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a25d6786e919b-SIN
expires: Sun, 18 Jun 2023 11:30:15 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 22B8 53 KB
30 KB 20ms
19ms Document
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=2k87zem9z0eg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8dc591f60d9cadf5dcad6b6beb707cba7128855e8bd40a437656a36eb7da36b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EcRRt5ut7cGW9dSRd7Uj2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30087
content-security-policy: script-src 'report-sample' 'nonce-EcRRt5ut7cGW9dSRd7Uj2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 22B8 55 KB
24 KB 12ms
4ms Stylesheet
text/css 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=2k87zem9z0eg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 08:02:37 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 22B8 424 KB
169 KB 13ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 02:43:23 GMT

GET
DATA 200
OK truncated
/ Frame 22B8 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 22B8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 22B8 2 KB
2 KB 4ms
4ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:55:54 GMT
x-content-type-options: nosniff
age: 112350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 01:55:54 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 22B8 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 10:32:04 GMT
x-content-type-options: nosniff
age: 254180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 10:32:04 GMT

GET
H2 200 8e606d93-713b-41ab-8a38-28505529c9a1 Show response
compass.adop.cc/RE/ Frame 7CE9 9 KB
4 KB 94ms
93ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 43fb517f060547233280e4780a2498bc866d35cd01178cb99d2ac76af139fdd8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
content-encoding: gzip
via: 1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3017
x-amz-cf-id: IVei3nr6CoSaS6yN2W-nqDWBEn5qF5EMyq4RzxddT05SKkY2qTQXlw==

GET
H2 200 ee2791d8-e821-4cfc-aae3-2e1c82f20b9d Show response
compass.adop.cc/RE/ Frame D4E3 9 KB
4 KB 108ms
108ms Script
text/html 13.224.249.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-124.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 8e0b6ca9a274dd36c85f13154c8233f423d757dfa1d82df88507889b9fbd8085

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
content-encoding: gzip
via: 1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3014
x-amz-cf-id: zhjwfv4mHWUiLvMegSsCBEEI6Wg3eHHha1JSg60CeUlVT3dVKMRymg==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 22B8 105 B
136 B 8ms
7ms Other
text/javascript 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=2k87zem9z0eg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 09:08:24 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 0081 7 KB
1 KB 12ms
10ms Document
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48aa4f93153ed64a9ac4bc6f05d51f71b91f40048e45aa97efb844b31249ae8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ed9pmULQFnFQgu5jmWP2Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1160
content-security-policy: script-src 'report-sample' 'nonce-Ed9pmULQFnFQgu5jmWP2Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 7CE9 18 KB
8 KB 536ms
176ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27887
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-bom4724-BOM
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7CE9 79 KB
26 KB 36ms
18ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15b962fd0f6c42ca9d69a86b3e2f0a5e97f1de729aec417d37364376fe6c51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26465
x-xss-protection: 0
server: cafe
etag: 457 / 19525 / m202306130101 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:08:25 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame D4E3 18 KB
8 KB 540ms
185ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27887
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-bom4724-BOM
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D4E3 76 KB
25 KB 47ms
34ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62133fb2a9e0ef4916944c4a74c03a29efff55eb0c4e4b99af8a4c2eb6bf00d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25366
x-xss-protection: 0
server: cafe
etag: 606 / 19525 / 31075345 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:08:25 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 0081 55 KB
24 KB 5ms
4ms Stylesheet
text/css 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 08:02:37 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 0081 424 KB
169 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 02:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 02:43:23 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame 7CE9 0
140 B 1314ms
84ms Image
text/html 2406:da12:fbe:4200:82eb:831e:204f:98bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjE3MDkwODI0IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYxNzA5MDgyNC01NTQyMjg2Yjk5NDA0MWNhIiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6IjhlNjA2ZDkzLTcxM2ItNDFhYi04YTM4LTI4NTA1NTI5YzlhMSIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTMzIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA2IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA2MTcwOTA4MjQiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=cfaae875-89ad-4624-b24f-4c6727e1192d&r=qAf7NYY
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:82eb:831e:204f:98bc Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ Frame 7CE9 408 KB
126 KB 24ms
4ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33118
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128933
x-xss-protection: 0
server: cafe
etag: 1396361306703029922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 23:56:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 7CE9 745 B
892 B 29ms
9ms XHR
application/json 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Sat, 17 Jun 2023 09:08:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7CE9 107 B
456 B 16ms
5ms Script
application/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 7CE9 732 B
557 B 709ms
706ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:08:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 35326
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bom4724-BOM
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame 7CE9 59 KB
17 KB 30ms
14ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: 8QN1H6FEJBACFCA3
age: 3387
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d8a25dcac2e3dad-SIN
x-amz-id-2: Rp0fMWSQCsY6/SubpbRfgnGoX+Y03qs+8YezTfokrP/urftRFIJqYbaxfWskdzezVY+EU/M3S9s=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame 7CE9 2 KB
2 KB 18ms
4ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 08:50:18 GMT
via: 1.1 google
age: 1087
x-guploader-uploadid: ADPycdu2QWR3EJBrdaFdDK-xYbGf-5WvEHe3yRhGs2uXVgZ-_c0a5m9feMS6_1yRLkl20CTkfWrtnw37MJSe8Wg00XxaulwqLJbt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:50:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame 7CE9 38 KB
12 KB 104ms
5ms Script
text/javascript 13.224.249.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-123.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 19:17:43 GMT
content-encoding: gzip
via: 1.1 0d4aa9f487883216469659ecf56a9a92.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 49843
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 6hVMzdbibquPZcC12h-Xmxvb8LmzZAMByXfb3ban86u-OHrkM2cmYQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame 7CE9 2 KB
2 KB 120ms
5ms Script
text/javascript 2600:9000:21b4:4200:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b4:4200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 17 Jun 2023 01:41:33 GMT
Via: 1.1 08244b1866fe32276ce5a76c3d8b5ec6.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN52-C2
Age: 26890
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: tZFgAHLz8vV9qLdwHjN-CAUMawp8GIxcXABBZZhXxmSxja0KR1fMiQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame 7CE9 24 KB
8 KB 63ms
4ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 06:24:48 GMT
content-encoding: gzip
age: 96217
x-guploader-uploadid: ADPycdtoPUrGeNPG-2ugLIcEUKsK8LCOoSeXiipPIZ_FOsQCdC6ZZBkJeQQKgSCTcPEosQa9t0V-fjooCCS46JtsOEHkrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 15 Jun 2024 06:24:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame 7CE9 42 KB
13 KB 16ms
6ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 09:08:25 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7CE9 30 KB
13 KB 612ms
611ms XHR
text/plain 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1127897759065780&correlator=3262822196627867&eid=31075066%2C31075351%2C31068367&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=1&adks=1873320356&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1686992905694&dlt=1686992904925&idt=736&adxs=632&adys=116&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=29odnraijt41&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=336x0&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=373067527.1686992906&ga_sid=1686992906&ga_hid=1415836068&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYz8vzxIwxSABSAghkEhkKCnB1YmNpZC5vcmcYz8vzxIwxSABSAghkEhcKCHJ0YmhvdXNlGM_L88SMMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPy_PEjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjPy_PEjDFIAFICCGQSFAoFb3BlbngYz8vzxIwxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjPy_PEjDFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d59b5b6643425635fbb2e19c31acc18c537e7fb4f35b1bbd9182758a92d1b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12738
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D09 6 KB
3 KB 25ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:25 GMT
expires: Sun, 16 Jun 2024 09:08:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ Frame 7CE9 221 B
315 B 310ms
309ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 29e03332871ec0163a10f48cf436d79cbb7cbdc9bb8a7f8515ad129b8b074054

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e7169cc4b41afc910c5deab4057e7a75
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 540ms
298ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mbantul.my.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://mbantul.my.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 09:08:26 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: c70f5ced641e1229f9ed71b45d96aa79

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9385 15 KB
6 KB 14ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 229903
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame 7CE9 0
322 B 1014ms
336ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mbantul.my.id
date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9385
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=brhfsHxDSDJNNU1EY2N3OUlIMUpCQ1R5aXV5bWR5S1BmTVYwOXRwa1BZaWlWTGtUdXZJZ0Z0TlJNaUpEdWlZWnVHaUFWa0ZrTVRwc0pnUlcyR3RUdTVTYzFrTkFPSy82dVg4b2M4VE90KzFydDNNV1Z2WjBmK2VHYzU1aE...

428 B
654 B

17ms
4ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=brhfsHxDSDJNNU1EY2N3OUlIMUpCQ1R5aXV5bWR5S1BmTVYwOXRwa1BZaWlWTGtUdXZJZ0Z0TlJNaUpEdWlZWnVHaUFWa0ZrTVRwc0pnUlcyR3RUdTVTYzFrTkFPSy82dVg4b2M4VE90KzFydDNNV1Z2WjBmK2VHYzU1aEN3emg4VnQ2K2w2dzFNL1MyMlc4dlE3V1JERTZmN2t0YXQ3V1NxaU9HLy9XWTdGdm1uU3VJek9NUzBseitMVll0MkZLVHEwWWlvcGNMQ2JUT1FldUFyR0NkeExWVUNrN3JoRXdvUEJZOTZvUnBhb0xHTHhTeTNndzdaeGhoU3dQQU4zY2VwSjUxdkRnZGZzd2YrTEhZZyt6ZXlVelIydz09fA&cppv=2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

66258465a711401792520526cba0c67dd4bbda62ecc4dceed42c712d0ed6ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1059050
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=brhfsHxDSDJNNU1EY2N3OUlIMUpCQ1R5aXV5bWR5S1BmTVYwOXRwa1BZaWlWTGtUdXZJZ0Z0TlJNaUpEdWlZWnVHaUFWa0ZrTVRwc0pnUlcyR3RUdTVTYzFrTkFPSy82dVg4b2M4VE90KzFydDNNV1Z2WjBmK2VHYzU1aEN3emg4VnQ2K2w2dzFNL1MyMlc4dlE3V1JERTZmN2t0YXQ3V1NxaU9HLy9XWTdGdm1uU3VJek9NUzBseitMVll0MkZLVHEwWWlvcGNMQ2JUT1FldUFyR0NkeExWVUNrN3JoRXdvUEJZOTZvUnBhb0xHTHhTeTNndzdaeGhoU3dQQU4zY2VwSjUxdkRnZGZzd2YrTEhZZyt6ZXlVelIydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 529199
content-length: 0
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/ Frame 7CE9
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

85 B
204 B

221ms
220ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 77d765c480fcf48afc83c3f78e793499a90eb1c28d80e8629023bd363128858a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ceuv1LVd+CJE+Dc89wRMFUUUbKA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mbantul.my.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 17 Jun 2023 09:08:25 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mbantul.my.id
location: /esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 7CE9 235 B
692 B 105ms
91ms XHR
application/json 13.250.241.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.241.73 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-241-73.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2205dae4df582cbdf957b3bdfe9710cce96d9550045fee05a2b1bf5c3df373bf

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache
x-server: 10.42.28.37
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F729 484 B
732 B 21ms
7ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 51ce3ba74372127b8d48ec46c36c0d2b88d0ab93f37d9547aceb252ffb5d2079

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 305
content-type: text/html
date: Sat, 17 Jun 2023 09:08:26 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F729
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&ttd_puid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0&gdpr_consent=

43 B
323 B

10ms
7ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&ttd_puid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&ttd_puid=ffefb80f-4198-752a-fc57-764aad58a8d8&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame F729
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14CsCo5sAAAHnAuXoAAAAA

43 B
61 B

9ms
8ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14CsCo5sAAAHnAuXoAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 17 Jun 2023 09:08:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.206","key":"ZI14CsCo5sAAAHnAuXoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad403"}
X-SO-Key: ZI14CsCo5sAAAHnAuXoAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad403
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14CsCo5sAAAHnAuXoAAAAA
Cache-Control: private
X-SO-HostName: m-ad403.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40002.dc2p.scaleout.jp
X-SO-IP: 103.254.153.206

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F729
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWdJcBGnqawBks8AD7MOpr062M8AAAGIyJzohQ

43 B
106 B

9ms
6ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWdJcBGnqawBks8AD7MOpr062M8AAAGIyJzohQ
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWdJcBGnqawBks8AD7MOpr062M8AAAGIyJzohQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: YrxQVkUCbONNlc7n5TvohFhI0yP_8v9j4vYdHcRjav-qk9YSZ7zXEQ==
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F729
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4&google_tc=

170 B
243 B

53ms
52ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDM4MDZiYzUtODhlZi0yYjhlLWU5YjctMmNmMzY3YmE2NmI4&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F729
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEcOISZNaOZGA7L9PsemYLw&google_cver=1

43 B
106 B

12ms
12ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEcOISZNaOZGA7L9PsemYLw&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEcOISZNaOZGA7L9PsemYLw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 07D7 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:25 GMT
expires: Sun, 16 Jun 2024 09:08:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 07D7 0
0 19ms
18ms Fetch
text/html 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDvhCCXiNZO6SLYGFoQPikLTADb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJ4AIAqAMBqgSkAk_Qp2bh9OvpHHUeLkIWZxcFUbtMiPyzkogmuLnaXBpbqzwhNo2N6QABz1IGRf0i8Q3gQsl9VODRV3GyoRj95LcwAqHGTeD6muLcIkSiXMCqGMk4XKEQowj977rraYIkKGS1CqyO0469ntG-3PGiLpZxm68mF3qPxpRgNZIokLFt6hi2qoqdPMoiCTrkrRJGmwiQQEN9r4GOy3E75udNq0OmuDQYliib001SVxCYORg_SLds5jIMcAnzkInO-iqpz7T0q4OyDNiGAiLkFFyAMJbcx1F1mDgwguxBJgqYwNTPCk5wMzC2CDYLK-ehRb9UDwKVx7ySHeXkOP-k-uAQrVg6qshIlA0M0eiOXiKY5x8rGLswpeQetLV9oHMdg7fnvvx9TSLgBAGABrH31NjboOj4ogGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MTExMTM3MTkxNTA2MDEzGNHUIg&sigh=txQs9pLqPqY&uach_m=[UACH]&cid=CAQSSwBygQiD6FG3BESolRPU-jL6QSYJWJ8qFV9cYCs5g9cqzqDMtTMOICnYLZqPdRnCmAzNZ6dDJ0gmPu51UhMtplKEoWw05nsaNr2VWxgB
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 07D7 0
0 549ms
180ms Fetch 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kNzLEojIC9ACmALgvNldAgAAAIXwaQj0k2FkEAl4jWTa_dUOvOZKtciuAAASAAAKCkFRVUJEUUVCRFE&wp=ZI14CQALSW4KaEKBAA0IYv1WoajLZB2K7OAugw

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154189
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 3626 154 KB
51 KB 98ms
74ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14CQALSW4KaEKBAA0IYv1WoajLZB2K7OAugw&u=%7CX9uaY6v3AUM5G3zck654Hctg8xamtbaD8Q0v2wI1%2FDo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq3KC7L9adrm4g6mOUED68zGJ0bMzxR1gN221qwmyHV109sUfhLrv3s-Dm7DHaBLtPHvNYNuyw99O3E20Pzy9sy7rkWaY9QJ8TEkqNkdxW61jtisROvS_863PX_I4GOa8FimKsmAxlN5HUWjdHgbY4o0VTJSoxpV1yOaQ0H9tPg31Bq_3RzAALWVSOvIWeXxZSGkUcXBJ8J85pJehGxPIwR5HCCmmDeUFrRPCLfML7bAO5EHvtX4ZE_02C1PJNpJHuaF5R6GGdcXjsp8KIt79WsI7PInZaCoKpXAwQtwZpnAiPooJ4t30oEiL3zqV-sW70ox22Q95nTWfMrkooXwH2dhJkAeu-ZpxzBhiIRd_A_ff47XFHtgbXPqxx0uyHlleCk7j5r2ugc9po8XTnFwvzYQeiZXTI71zvdbuipx-qSOUkSkXyocWRFoZaFQOY2Wts_CIFpmhO23RZY1dA90QH9Gg4VIfxwtzfyJ2NMioMQX_0i5PLh2TzqWhWtmk8Tc7a__YVtnRVW8thkiuHGJXKTuYzgvJpH47kakt-L-ekSpKs1Iw33rGfMM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjHyfCXiNZO6SLYGFoQPikLTADb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJ4AIAqAMBqgSnAk_Qp2bh9OvpHHUeLkIWZxcFUbtMiPyzkogmuLnaXBpbqzwhNo2N6QABz1IGRf0i8Q3gQsl9VODRV3GyoRj95LcwAqHGTeD6muLcIkSiXMCqGMk4XKEQowj977rraYIkKGS1CqyO0469ntG-3PGiLpZxm68mF3qPxpRgNZIokLFt6hi2qoqdPMoiCTrkrRJGmwiQQEN9r4GOy3E75udNq0OmuDQYliib001SVxCYORg_SLds5jIMcAnzkInO-iqpz7T0q4OyDNiGAiLkFFyAMJbcx1F1mDgwguxBJgqYwNTPCk5wMzC2CDYLK-ehRb9UDwKVx7ySHeXkOP-k-uAQ71obOEmDOWP2fJU_jg0tH1U8Ek45i_yOE31SFYGinZv_PRLII9h0WBfgBAGABrH31NjboOj4ogGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2mfOk79TYtKegCFye7KZIdDS9Jeg%26client%3Dca-pub-5111137191506013%26adurl%3D

Requested by

Host: bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e6da8c77d8097f1fd3044ac16738ebf8859f2cd951028a463bca37a879f6922c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=8UfQtdoHMZIs1H19_DBMkEBRmEALvqM73PPKg4u0b6i0rRpfIFMVBO4WAfOoNqKARgeQTsgK53VZHLuE9tXibi0RRvUfqlbGZFjABpcmWRx6Ty5J4tIW5uI_v2Tfu25HjmDr_a1RGVPXLGaSDv--gLXSaBfyZS6xe-vhNNkfHfP4eChP1S5Wb4dGPaaA3K97n8u24tWDHZ8gLMZNAl7czGlsMWG3MA-CRTQPsWoka1jS4Ig-pbTdRCNBeyw1euCiFwv6hg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66591122
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 07D7 3 KB
1 KB 23ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 02:16:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 07D7 19 KB
8 KB 22ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 22:06:50 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 07D7 24 KB
7 KB 23ms
6ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 22:06:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07D7 178 KB
56 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:08:26 GMT

GET
DATA 200
OK truncated
/ Frame 07D7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac867211e70e9bcf43c95d54d4b09659268ce36265093d276f4255feaa71fe9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 collect.php
data.adop.cc/ Frame D4E3 0
139 B 462ms
85ms Image
text/html 2406:da12:fbe:4200:82eb:831e:204f:98bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjE3MDkwODI0IiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYxNzA5MDgyNC01NTQyMjg2Yjk5NDA0MWNhIiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6ImVlMjc5MWQ4LWU4MjEtNGNmYy1hYWUzLTJlMWM4MmYyMGI5ZCIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTMzIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA2IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA2MTcwOTA4MjQiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=4ebca61b-8cf8-4b91-b33f-b5424c04a4e4&r=DhwIdf8
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:82eb:831e:204f:98bc Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/ Frame D4E3 385 KB
122 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37785
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124944
x-xss-protection: 0
server: cafe
etag: 5299556878430274508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 22:38:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame D4E3 745 B
533 B 6ms
5ms XHR
application/json 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Sat, 17 Jun 2023 09:08:26 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3626 2 KB
1 KB 6ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14CQALSW4KaEKBAA0IYv1WoajLZB2K7OAugw&u=%7CX9uaY6v3AUM5G3zck654Hctg8xamtbaD8Q0v2wI1%2FDo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEq3KC7L9adrm4g6mOUED68zGJ0bMzxR1gN221qwmyHV109sUfhLrv3s-Dm7DHaBLtPHvNYNuyw99O3E20Pzy9sy7rkWaY9QJ8TEkqNkdxW61jtisROvS_863PX_I4GOa8FimKsmAxlN5HUWjdHgbY4o0VTJSoxpV1yOaQ0H9tPg31Bq_3RzAALWVSOvIWeXxZSGkUcXBJ8J85pJehGxPIwR5HCCmmDeUFrRPCLfML7bAO5EHvtX4ZE_02C1PJNpJHuaF5R6GGdcXjsp8KIt79WsI7PInZaCoKpXAwQtwZpnAiPooJ4t30oEiL3zqV-sW70ox22Q95nTWfMrkooXwH2dhJkAeu-ZpxzBhiIRd_A_ff47XFHtgbXPqxx0uyHlleCk7j5r2ugc9po8XTnFwvzYQeiZXTI71zvdbuipx-qSOUkSkXyocWRFoZaFQOY2Wts_CIFpmhO23RZY1dA90QH9Gg4VIfxwtzfyJ2NMioMQX_0i5PLh2TzqWhWtmk8Tc7a__YVtnRVW8thkiuHGJXKTuYzgvJpH47kakt-L-ekSpKs1Iw33rGfMM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjHyfCXiNZO6SLYGFoQPikLTADb3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJ4AIAqAMBqgSnAk_Qp2bh9OvpHHUeLkIWZxcFUbtMiPyzkogmuLnaXBpbqzwhNo2N6QABz1IGRf0i8Q3gQsl9VODRV3GyoRj95LcwAqHGTeD6muLcIkSiXMCqGMk4XKEQowj977rraYIkKGS1CqyO0469ntG-3PGiLpZxm68mF3qPxpRgNZIokLFt6hi2qoqdPMoiCTrkrRJGmwiQQEN9r4GOy3E75udNq0OmuDQYliib001SVxCYORg_SLds5jIMcAnzkInO-iqpz7T0q4OyDNiGAiLkFFyAMJbcx1F1mDgwguxBJgqYwNTPCk5wMzC2CDYLK-ehRb9UDwKVx7ySHeXkOP-k-uAQ71obOEmDOWP2fJU_jg0tH1U8Ek45i_yOE31SFYGinZv_PRLII9h0WBfgBAGABrH31NjboOj4ogGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2mfOk79TYtKegCFye7KZIdDS9Jeg%26client%3Dca-pub-5111137191506013%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3626 2 KB
1 KB 7ms
6ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3626 308 B
636 B 6ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3626 293 B
621 B 5ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 3626 43 B
348 B 18ms
6ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=2XH9NjBYpvw0I2pGJFpz4TvMQIZEr4yXZNK1OWjXGdEsfJg5Odzv1-0TPyaCOdJNvRSCLY24zO8B0m68Hq3tJKdfHU33mnwoujpiR83nX7MgTH3_nTrUfzq8dLsvflaySX-wfx4Eo9318arUuJVxW5rJBWzudOkPo6GZ9yGBwAgQk5Xhib6lePR4v28mYUmPoIefXMFB_N_pshhx68mn6tpvG2KrJt1Pa7msbXOg10DrdPG3IvOED75xmOSY5UWIrI8GB5_seZVAdXl8HFKgMnI7Pk-lXf8agQ1Kwj2zEoM7tP1svB1GGFsA7qjL0ZGfCPB3LrLnx8K1aph-qkrfPIVO3Emg5vZWEDggPtAINBBSgB7UJNN7MTUrEYlOwITZE3-JWPw_onCKQhmtl8fDBPNCBMEmf2lG-57X9XsOsgnWhNtF20iMsZMzO3rm34EZpNS1sA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2275744
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3626 12 KB
5 KB 23ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 124406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt4Jx0I4KiBGy89y5CfSIxQaFz64wD5DNbh76dN535KIxd6d8TZkg%2FWjEvfhshQjZ7n1PlrOqYIQWykdXR9rdSK2O5DE1hma5BSJ0VrbbscWlENfch4HqwHyuPaOcV9fRqfo0PYmYi%2B81kYZdgs8rfr6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d8a25e198723fc5-SIN
expires: Thu, 06 Jun 2024 09:08:26 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3626 12 KB
6 KB 5ms
5ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 3626 3 KB
3 KB 22ms
4ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=44&m=0&partner=92780&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F92780%2F220127%2F015c259509f94095ab3ca9225d6d4fd8_logo_horizontal.png&v=3&w=668&s=lox_rtuULJRj_3YiKM2Fc7tF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f6d80351fc0acd3a6eed3e21da172496f2dbd7b39fc8093ea1c3d88546de1036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3012
expires: Wed, 01 May 2024 01:31:42 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 3626 104 KB
105 KB 27ms
9ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=1200&m=0&partner=92780&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F92780%2F4760978%2F17de3a193363449e92bbe34f3416d5f3_img_vertical_1.jpg&v=3&w=1200&s=ZaxqkoZBMe5LzHeTqy9iGX2z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

43399fbf479272363946815573c2bf900331022cc597eba94f5f530a9be0d3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 106792
expires: Wed, 29 May 2024 16:00:01 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 3626 13 KB
13 KB 22ms
5ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=92780&q=80&r=0&u=https%3A%2F%2Fwww.cellini.com.sg%2Fimage%2Fcache%2Fcatalog%2Ffurniture%2FDC%2FDansk%2FDansk-display-cabinet%2FDansk-sideboard-832x641.jpg&v=3&w=400&s=YUtZNLTCw6R2O70WKdEzQoer&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6a203453107a92a404bc9520ad7ad7c95ffc008a167157d1c458f266c04c5533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 13498
expires: Wed, 05 Jul 2023 10:25:30 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 3626 11 KB
12 KB 26ms
8ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=92780&q=80&r=0&u=https%3A%2F%2Fwww.cellini.com.sg%2Fimage%2Fcache%2Fcatalog%2Ffurniture%2FSB%2FBezel%2520Sideboard%2FBezel-Sideboard-832x641.jpg&v=3&w=400&s=ADOzWetMBgIUPgga6x3Flc2a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

300c716d8876e2b8dd5ba9ea9b101396feb3a07e64991d9db28a3f05a0b35d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 11742
expires: Wed, 05 Jul 2023 10:24:14 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 3626 16 KB
17 KB 25ms
8ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=92780&q=80&r=0&u=https%3A%2F%2Fwww.cellini.com.sg%2Fimage%2Fcache%2Fcatalog%2FProduct%2FTV%2520Console%2Fmax-amp-web1-832x641.jpg&v=3&w=400&s=gjutjNGL6QwzuEQPLTQovDxx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

559941de16c51c1c68465b24f308385384661b634f8f3f0fc928a17f2f912c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 16774
expires: Wed, 05 Jul 2023 10:29:04 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 3626 0
128 B 22ms
5ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=8UfQtdoHMZIs1H19_DBMkEBRmEALvqM73PPKg4u0b6i0rRpfIFMVBO4WAfOoNqKARgeQTsgK53VZHLuE9tXibi0RRvUfqlbGZFjABpcmWRx6Ty5J4tIW5uI_v2Tfu25HjmDr_a1RGVPXLGaSDv--gLXSaBfyZS6xe-vhNNkfHfP4eChP1S5Wb4dGPaaA3K97n8u24tWDHZ8gLMZNAl7czGlsMWG3MA-CRTQPsWoka1jS4Ig-pbTdRCNBeyw1euCiFwv6hg&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3626 2 KB
1 KB 3ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 3626 682 B
665 B 5ms
4ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 3626 682 B
665 B 6ms
6ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D4E3 107 B
165 B 7ms
6ms Script
application/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D4E3 36 KB
16 KB 296ms
296ms XHR
text/plain 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4222920612746232&correlator=4448787156275591&eid=31075345&output=ldjh&gdfp_req=1&vrg=202306130202&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_300x250-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3886445635&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D0389224eb4f28ee7%3AT%3D1686992905%3ART%3D1686992905%3AS%3DALNI_Mbgylwxc3ep3ugGbT0_PhfSC73Hcg&cdm=mbantul.my.id&gpic=UID%3D00000c1429878a8c%3AT%3D1686992905%3ART%3D1686992905%3AS%3DALNI_MZCyvfSKcQh4g5jg6Cpeo4xobeqIg&abxe=1&dt=1686992906569&dlt=1686992904933&idt=1609&adxs=650&adys=2104&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=1zvzpvybq8ft&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2031673926.1686992907&ga_sid=1686992907&ga_hid=363410501&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQGJlNmVhYmIzM2M5OTNiOTZhYzAzNWI3YmQ2MzcxNmQ1MzkzOGViNWU0NDViN2JhMjQzYjI3YTMyNjg0ZTFhM2UYsM3zxIwxSAASGQoKcHViY2lkLm9yZxjr0fPEjDFIAFICCGoSFwoIcnRiaG91c2UYz8vzxIwxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGM_L88SMMUgAUgIIZBIZCgp1aWRhcGkuY29tGM_L88SMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lURVZQU0ZaMVoyWlRkREp0WjJJMmFYbFlLMkpLVVQwOUluMD0Y28_zxIwxSAASGwoMaWQ1LXN5bmMuY29tGM_L88SMMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe5e1802c58cd1a32fecdeb748dec7b3385992e93dc074b1a28040ad904b8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 453438
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16821
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 748283
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEAD 6 KB
3 KB 17ms
13ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:26 GMT
expires: Sun, 16 Jun 2024 09:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 3626 23 KB
23 KB 24ms
7ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 3626 23 KB
23 KB 21ms
9ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H3 200 container.html Show response
e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B045 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:26 GMT
expires: Sun, 16 Jun 2024 09:08:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B045 0
0 19ms
19ms Fetch
text/html 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd-eqCniNZNGyJcuqwgP8iIh4_tP3r1zOz73Y6gLAjbcBEAEgAGC_BYIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJ4AIAqAMBqgSuAk_Qyqw7QFEGDwNpKGhoS_wG4NdumRgljrRhja6DGMSY8KrUEqORcXxEGz00_clCXGtppmPwsI93vc2MKo1YA03LQNsPY8Agf1acWsiaRtFjYR7pqEPELPWgLuwtkFEIc4ivtPN_DTap0oW99KOq31mDDD4BCxA4E-4pmn7XryTbzecnRxXFNfCwmRzpNRTJ6VCZaXHaLNPIeiqwf5GjD05EHAP_15w75MqdSyoqYHkqdIWC2KWiXIac9c8aiJPxtaZQeqIcTUlNmQjQ0osSf70EUKkrS4gFPa5Tn46IZ9wwxcw4kJj-289DQMR0Am3OBeaIFyhmEfKluijGveiWx3WE50SRAqjSTjw1npDog2A_wcf_tYd2XO4Kt69bX8vjddQtFRLqKHy8ylHxADR34AQBgAak1syH9rDjkGmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01MTExMTM3MTkxNTA2MDEzGNHUIg&sigh=ZEYlBVnIwto&uach_m=[UACH]&cid=CAQSOwBygQiDEYEN079t6cyy8VIuwbO-EIUFFGQkRyTiMupUYWys6w0snl0vueiQIz11di1V6VG7B0CYm9LYGAE&tpd=AGWhJmt2fLYmDruTLovtQf_4S4H8jD-41VcOXej9ODNm54ishOOjyXlQ-5bAnaehA5CdO7KrNFZIOYS9KM3Ua8zGAcxHkygFUzWJgps24ZCoaEwzZ3qoRcfEC7FvJZFE6CNkBOBHAqmRKG3SXmY986yN0s4yrb_yfjEYUDD3OmK_JHnuRNgACgs6i0s3xnjnZDpgePOuxolVNxmbzYXWc3tubNggxqtObRMKsWHdFex5lBQcpA_6Q9A1-o8yAP8assxD_IY0ZOC29pjUCMUgI7h2UKfjVKbhmroptt5HorPLoOgh8lIfhiPbxSU9P6e3lgt2w3sCVZjXd62jMX6d1LTb2nKGvng3YLB1WcMWZuMJckZiQSEqfUQkUJFv66e65yrPykrhAjDej-xzxc4QXEkaMQcXbz7Pgk0Z-b8x5lBBL7RqH5AWlcMa0_EXn-ecWsPYDXSxwbhvjLR3tPpTJP88kR9CwYhvxMQ6GNJnyBaU0h_HRfIWBeBsOPjUJo2pH2CCtVUT6COVYwjkDbJw_QHgG7slO5PLPdkiyDXqDtVLRC9SrWfEBbaBz92qdeiBS3lgg8lz-ojnoGqevbvh3MsvfSzVevm9VOaPsaHv3dGxAkwQ7ZYvZcW5bA3RQWaiwC8Qp__2dQS_hWs_vaj--WlEpa-i7z8q_JNIHjuwIFVHtlEUMqU2SeS9G7qNyMxs56XWso8cb04CiRIxMqGpYFCS_llYjYF32TaS_GtdibKqTL1EniQkd3qv5UX_AJlv3l9nIE0pYa_FitXSVFm6l0BsSLxdjkACtNuyAt1RSRD7dCb30jZu2EPN6OFGB4mRZbPk5Iu4LCi2B3TH44EZ3mUvOc45tmpxmFm47GdRjpUL67QJ9YVpU-CmUAfNgdzRzqr_3OF-geFc1tbyslgbdtV8JI2r-ZF92gLn-ZxCTPaanWONLLT6gSdhwFO4UA0AChSiR7qHzw4S0W6eHnoODhdhOgRwtSJOG-Ir_kVR9V0z1c5H-kV3JhBDzbScoMcDjEujka6Q3TbtOoXARrEkdBNYgBLdq6TfXYNF8S2apyq-Dm52R3zSsNq8Fai4UYPbLlKEFWnhFLU7qY9qGvtE3XUbCj8ZafK4nTD4lBBjOZct5Sf_iG0mstNlp9aWBtzHkvMaE8nKzvlMrV1Dqi3wwDpxkOgP5mAKSOT36e1NWsazI08nVYgD6EKhh4r3M6Pm8i8Q7M5n9QjPpJftCGXeiAXcnqvGji3J7T_4fKCHxGrgbnqEWRkVTLuf7hb6bHVXBMX6UHNmqfwZJtTLL9Num4jGauC7Dd2jRU0aqCtGspyZVCyhCKNolMpWxdj75gNblRrmF9RGxpjBgKyydzA3CA2h0fIpPbiQocf7OwlQ1JHoUm3CmokSTy-Aoud_nq4ojxbVMNb4onK7GuR0MqXJ07igsa3sHZv4alzodOXpGP4I0FA3-2Tzw3qHP5nDbVaDAI-aSmS_n7gyMuUJJy_e1qJqyx3_LJb-nQWoEziM0iE4qpw193UWbK96IILl3QjW1YDArVQP6nTG1V05EPkxDrjJcosyHEAyiAyxI3czhJetuv65J6J1T3J5zAKbgxssTy3Jxprht68T3YHZvySoNwO4Lv5S9ZK1axKc06-GXX-M_fp4pX2-K_u8NdWhsNenwDO2MhcuhSL0NG8eEJRUkNIa6rNIj_fLb4ho3uZjnKtwGjyAEwc9tpLBQw_5e1xUiPvmqR6TioS59fqox6e4EWJ_-omYmNgEnrMpQCm4rn7o2okqEkY4gawa2C7_TaYoLZgQz5ZNkTSToOPRl_yRkDpILe2rPoYDj1IA_QFaS48valPP7x0jiAXpqLwBS6jJ9SBb_IhjEqKGxmYBoXjFWOZiutb4cQHmLPGx6BBVkRfVfbfDMRUvo62N1Po6AE-FxSq5OK7gYrLxy9xZTjiRviXhs81KeDxl-_2BT-PwW8NZbnEImQT0FNQz_nr2E4HkzuVbjL3fGAJ2YaL3zN2qBCyRQJ2cbG4hKtYaz4kLhe3g4-7oukff8HVkvc7lCweCHUedBzrGgeXpFHnjw2iIpAx7nOlT7-Rn-1FHVsRJzr-5wFoovSTbrYUfsioqjWbWZ7K0AenuwmY8bDxMwjvEk4R3zOOaeG9-wm4oyk2XmsJHBuKrGgfDrpAKWJRPsTq6mOFbTYJl-IekHFMSWSVd1SlS0rwWMAfSv1s1eLu_RamuC-VS4wr42MhsWHO8R9VFaK905upAYgSEEejOxONcArRJEFLu3pWT3G9xt-_f-yJVPJv3a3QM6L2C6TyhIRMkzADVAFssqOtcgN8oZX343xIhk1d1gGFe6tUAKVehF48TrezRieM0X92jxr5J-z6mHUpxGZaVXCthxSfdVzA-xGAkm3dMkdH2KNEnBS0-D30o5DxxcIDbH4wlt7Nz7ZD_UffRRD51aEwUI0RYkuDvBjYh32JkimBSn8xovKcyDhNiYiRAODD7QDAf1qxNSHkmkNnHYKz0jELJLKMGApvG9zOBPiA40cFZq9foMqwR4ig7buzHkQJOjiJSFowsiv9NUkSOTclzLtHthMfEYY8Jukt7kop33kcrEyefhzFBFwc
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=RTKc0ZZEVIwApbsCadfEeFlgiHnikblFZOEtKNG9MNXNnV1k0SVorR25KZGttUTQyaTlYc2R1eTlrcEdMcDF2Yk1CR0ZVVTd4bWRROThrU0VnUWZ2bA==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame CC9C 137 KB
45 KB 66ms
65ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

81467fda94bff836c8cd12a29937fd2c579d8319bc5c72ac3e629dee98b84cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Blvba9oHMZIs1H195vYLp-Blg-iZovwECF4Mh3DNzkaCGHAqEAruPzcYbu7dZiHduRDmIhI_ppuKbJ_XXTlBajpmSqjBfZhxCz33oJcVbKGsc3KWHUlQ-qoYXP15qzc0pa7Dds5yebXZZ94vqlJMc5an92Zec1OELMUTd80NEcbVgzg-13MyrZZGr2vMttJYZO9lixjozaSEDUph_sphkRhe9V1Tu3O355tZhRRs4I9AaEfTBVKwXnViChoRanQZUtIUIg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58540257
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame B045 6 KB
3 KB 29ms
5ms Script
text/javascript 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/873648/analytics.js?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&gt=sg&c1=2595830&c2=15&sr=magnite.com&dt=8736481481318196516000

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

36c777d85163ebf68e8accff4f9299a53451d2aeb52240ec16421f87af2901cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2874
Expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D674 281 B
554 B 129ms
36ms Document
text/html 23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 17 Jun 2023 09:08:27 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame B045 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 02:16:29 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A2FD 1 KB
1001 B 20ms
2ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 33081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 23:57:05 GMT
etag: 48472445140208031
expires: Sat, 17 Jun 2023 23:57:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame B045 19 KB
8 KB 7ms
2ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 22:06:50 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame B045 0
632 B 452ms
5ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LIZS0PMB-1F-EI9V
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 l
www.google.com/ads/measurement/ Frame B045 0
0 55ms
53ms Image
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-pwPF7NUWsa-iJOylFW3-1w41C7K716YS8RgxxdwZjznbsFrkO3Pj1DalffT-8YavJsdIYx4SftLa_qcPrX4JUuLY4A
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B045 24 KB
6 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 22:06:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B045 178 KB
56 KB 12ms
8ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:08:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7CE9 15 KB
11 KB 22ms
12ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c03764482092651fbd9d556911af9e226f67c84ebc8db51e5e9dfbd920ef98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11335
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B045 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72ae2d68476f1679e85a6c200588b5abc4dda79699d1a77394e7e65f3cfcc17c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7CE9 17 KB
6 KB 2712ms
2711ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:08:29 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A2FD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1&google_push=ATf1kGPvB53PtDJHSbMhPGLR13Rs0HSXPp0y3K7DYt8Yie5J_WdqX4NUMHq2AIseqM6f1WgML_W9OonZ4I1IPz3e4AC72zD0Isvbg...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE0NjM2NjM3NjQ0Nzk4NjkwMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1

43 B
398 B

377ms
33ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBZVl_Z8Ge8j5E3VfzrXvtA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0bRKpArGXY4Mka...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0...

170 B
188 B

50ms
50ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0bRKpArGXY4Mkaj1Vd9Gypk&google_hm=AeJ3Vk1FRsIiks8AD7MOpr062MA

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
via: 1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ATf1kGOohOnyauV2qndElJfYHZn4Km9O09Vmfau7Hye1q5F1Cib53k_8fzcacH1xiy1tqQKrSIuEuo_zodI5dNh30ZGAZz1x2G74JsSTAWccjuc3clczlmB8nkxEc4FaGsDy0bRKpArGXY4Mkaj1Vd9Gypk&google_hm=AeJ3Vk1FRsIiks8AD7MOpr062MA
cache-control: no-cache
content-length: 0
x-amz-cf-id: L56MKgRxaJGXs6GYaG1Rirp6Bk9jffc9mPNGcdv17uBULiWfj0GAnA==
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA90CJutY8QDiJN3Uf9Fhz8&google_cver=1&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA90CJutY8QDiJN3Uf9Fhz8&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88Jq...

170 B
188 B

57ms
57ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88JqL6Dlixu6_hyDrmjADU2w5xg8&google_hm=T3Z1WkdDZ2xkRUV5TjdQNVp0UEI=

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGOACMh4MiAdah1-L5vLkUrFH35SwPYUk8xjO0pp5TQvisdwSloxPGNJIImcwLCkLfnnLmsHy0Xm2_u3_MPq88XGk98JbYu7G2PrVp2-zHrkLdYQWW1DiSU6hcT88JqL6Dlixu6_hyDrmjADU2w5xg8&google_hm=T3Z1WkdDZ2xkRUV5TjdQNVp0UEI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 291
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHYPSAgRHeMCuJ6hon0BpQM&google_cver=1&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLdVxL9LzQZ8aEDCS2Y0bXIO28h9EsyhBmtCAz6Rjrx...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=80ceee02&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLd...

170 B
188 B

53ms
53ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=80ceee02&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLdVxL9LzQZ8aEDCS2Y0bXIO28h9EsyhBmtCAz6RjrxjDufdB7EjcxLSJmb1rdQrW0R19VnMG4kLppFjY2kC-mU3-iySVRbUKStp2q5j22I2g

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 09:08:26 GMT
via: 1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=80ceee02&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ATf1kGPpH3NLHnqShtecKcjuh_WBC6rSdq7onN_fTVpU-HLdVxL9LzQZ8aEDCS2Y0bXIO28h9EsyhBmtCAz6RjrxjDufdB7EjcxLSJmb1rdQrW0R19VnMG4kLppFjY2kC-mU3-iySVRbUKStp2q5j22I2g
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3cpHGOu-ODlof87SiFt7CoCOIW4H7inZXkP78whyDoIwbQpDFMCH3A==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiyS...
https://sync.targeting.unrulymedia.com/csync/RX-0cd0b23e-fd3a-4db8-a682-5694e08df8ec-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO2qcIs1mdy3Q_azWBo2...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo...

170 B
188 B

56ms
56ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA&google_hm=BAzQsj79Ok24poJWlOCN-Ow

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO2qcIs1mdy3Q_azWBo2tEBj8-Wc3OcBU506FBumAFuHrl6_PefJMBqqYZI2_Wcnua8PfS4ojlzN75ipcuxxnMsJ8s4gTp7l2c2S8gWFf7Y3hENW5swltTr4aWFiySd_Kmo3VxF46nIUTqmb7dvlA&google_hm=BAzQsj79Ok24poJWlOCN-Ow
date: Sat, 17 Jun 2023 09:08:27 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0cd0b23efd3a4db8a6825694e08df8ec004
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEKKbb_fCgZ16O01mRX-OR4s&google_cver=1&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe-XuZzvaXg2_DB4mJPVqLdRaH3GjaM...

170 B
188 B

54ms
54ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe-XuZzvaXg2_DB4mJPVqLdRaH3GjaMegaznpHy4SG6KixWL7YS9CQ1c&google_hm=9db8f58238b1e7a4f2116c7264e5daac

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGMR0JVF_qEZwr4eDflLhFkcMoKJB5y7E1jJ7H_tE3CRyhh4CK5SrI3XvRpqapVzkOaMgJqZEAcxhOlKwmBEvKj7yJGonNTqe-XuZzvaXg2_DB4mJPVqLdRaH3GjaMegaznpHy4SG6KixWL7YS9CQ1c&google_hm=9db8f58238b1e7a4f2116c7264e5daac
date: Sat, 17 Jun 2023 09:08:27 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2FD
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEAG0jpEoINf0_UluhaSjPrc&google_cver=1&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEWmz2N5m-WJoDwWuAceMFGU41Bt...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTA0YTM1YzYtYmNjMS00ZjUzLWI1MTgtNTM3ZTFiNjIwZTBl&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEW...

170 B
188 B

57ms
56ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTA0YTM1YzYtYmNjMS00ZjUzLWI1MTgtNTM3ZTFiNjIwZTBl&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEWmz2N5m-WJoDwWuAceMFGU41BtMIycYTGnsuZ20dDxJfGwsm0O_qsAecCEtSno4QwaLvVp5pC_cHG47rB_adwe3nJmIuK

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OTA0YTM1YzYtYmNjMS00ZjUzLWI1MTgtNTM3ZTFiNjIwZTBl&google_push=ATf1kGNKW12lKEO4fZauB_gkllgbhOex226ylGcn31E0xFYjJ3CUGCRIqmkgoDEWmz2N5m-WJoDwWuAceMFGU41BtMIycYTGnsuZ20dDxJfGwsm0O_qsAecCEtSno4QwaLvVp5pC_cHG47rB_adwe3nJmIuK
date: Sat, 17 Jun 2023 09:08:26 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A2FD 0
12 B 8ms
6ms Image
text/html 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiNK5qF3vVayJc_2lYFRgAMwGW8Qyp3CO-A1_678GFAyaIr5SrwId3FP08kukKPqx3Rg3CBw

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 17ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?oz_pl=1&ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&psv=2.96.0&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&gt=sg&c1=2595830&c2=15&sr=magnite.com&dt=8736481481318196516000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.rubiconproject.com/2/2.96.0/ Frame B045 176 KB
53 KB 6ms
4ms Script
text/javascript 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/2.96.0/main.js

Requested by

Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&gt=sg&c1=2595830&c2=15&sr=magnite.com&dt=8736481481318196516000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:08:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54224
Expires: Tue, 23 Feb 2055 05:30:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CC9C 2 KB
1 KB 7ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame CC9C 2 KB
1 KB 8ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CC9C 308 B
636 B 8ms
6ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CC9C 293 B
621 B 7ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame CC9C 43 B
347 B 7ms
5ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=xxlGxswj6bd6O0fl6sDhvEhziXm9hqOhE9dEQWIoNaSX5t2PwX0u8VAQfbYdaDpLH28RHfc8sro-FKaxfrlpAXlUA4yMpM8H7i8CxHF7GsqcM7KEbl_aSDJ2mgpnzOKClXkbFbT3TyWmiRgjVJqbfiydM_YAeTSDPxXaBBqJnLsfWAeCf8Om8-fTnEkZrJ0lBUbddPLH6UjJuWpOLl8OcxXoc9xAvwVcy93auZOFevF1OMRsIPsARGXJoSJCvlRllvoiNjvGAWvg0U9Q8NJv7idDSv-n7i8OOyPkYvfh2Z12BSKKbJO3blogpo35jcw5mQy9-p4oaSkbHtyKrUkQ7aZb4SY0PPXnxpvn2D1uvuuu_8RI1YbpQGITwnsARQp9DEQWQ90sCo0pUnZJO4YpCdnFswcv4tc9_NM_lZswSlYt_spj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2193561
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.sg1.as.criteo.com/dis/ Frame A0F3 6 KB
3 KB 23ms
6ms Document
text/html 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sg1.as.criteo.com/dis/dis.aspx?pu=65968&cb=648d780a8739c374428da1a8be4fd521&r=https%3a%2f%2fe877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f7948f9a30ae2ed3b3b8475355e4e71a7dcb6c60d6c7bc5bde65f84bafcb8d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 17 Jun 2023 09:08:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2215563
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CC9C 12 KB
5 KB 14ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 124406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rYnkg43aZLooQPOHdqr7FFVN5qGbRLhDbP2f8t3FbLx0K%2FyU4cyNmgPZYli71KxV7pOUM7Ywzk4h6Ynle2u0SY2txaPEoeaqL6%2F2Cyix%2Fww2xWYkBh0wVzi8%2FGPe3Z6AMZzNMdGbRSUjCYEE%2Bj4h3Pj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d8a25e4bb443fc5-SIN
expires: Thu, 06 Jun 2024 09:08:26 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CC9C 12 KB
6 KB 8ms
7ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:26 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame CC9C 3 KB
3 KB 4ms
4ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=76&m=0&partner=76643&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F21260%2F180129%2Fd81d2eb3d2a54076a9762dfd925af804_logo_all_horizontal.png&v=3&w=596&s=sW9O62w6yHN3mO4OAFwyDR8M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b582044ee23d53d3eb2c463f266c8806af95ca4b57df6f12cb6780494646a907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 2956
expires: Wed, 01 May 2024 03:15:10 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame CC9C 38 KB
38 KB 7ms
6ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F5ad342e8-cc72-46c4-8ea6-9df1e76eaeb2%2Fimage.png&v=3&w=400&s=53MA8qGfcbx2AhnTyZa3f8Ge&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

637d0538383080c3f883d261ade0cde40bfc5257b909dd8da47831866c957fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 38508
expires: Wed, 12 Jul 2023 11:39:32 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame CC9C 39 KB
39 KB 9ms
9ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2Ff4bd6923-5f37-4a6d-b02f-1236a8243d33%2Fimage.png&v=3&w=400&s=NJjoVZTaS8PVugyUYR0pxFt2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8d20530014dbf162307171b951413080942a560547cc4434bb940fda5809c2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 39585
expires: Sun, 25 Jun 2023 02:18:41 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame CC9C 41 KB
41 KB 5ms
4ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F3088e009-84cb-4b29-8ec8-611080e87186%2Fimage.png&v=3&w=400&s=NxsfsC5Yt_3CExlvWUv29uKK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

17f1430f10fa1b442024916072a54da77fdb3cba8f8c57884b3194cab9a9b56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 41632
expires: Wed, 05 Jul 2023 10:29:13 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame CC9C 0
127 B 5ms
5ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=Blvba9oHMZIs1H195vYLp-Blg-iZovwECF4Mh3DNzkaCGHAqEAruPzcYbu7dZiHduRDmIhI_ppuKbJ_XXTlBajpmSqjBfZhxCz33oJcVbKGsc3KWHUlQ-qoYXP15qzc0pa7Dds5yebXZZ94vqlJMc5an92Zec1OELMUTd80NEcbVgzg-13MyrZZGr2vMttJYZO9lixjozaSEDUph_sphkRhe9V1Tu3O355tZhRRs4I9AaEfTBVKwXnViChoRanQZUtIUIg&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CC9C 2 KB
1 KB 6ms
6ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:27 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?oz_pl=1&ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&psv=2.96.0&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&gt=sg&c1=2595830&c2=15&sr=magnite.com&dt=8736481481318196516000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D674 34 KB
10 KB 37ms
36ms Script
text/html 23.75.85.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-85-227.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 745a4dd4a9310b7959f7e1cb0724027ae9c41ec9b2854a65f1534afbd4c674c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:08:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Jun 2023 02:53:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63877
Connection: keep-alive
Content-Length: 10112
Expires: Sun, 18 Jun 2023 02:53:04 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
3ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907059&oz_l=240&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame CC9C 2 KB
841 B 6ms
6ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:27 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame CC9C 2 KB
842 B 4ms
3ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:27 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 822E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30

43 B
510 B

88ms
87ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:08:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-soKwfFrJPW7tH4hw-EYJs0lsY0ArRTG1mUXyAA&expires=30
Date: Sat, 17 Jun 2023 09:08:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 822E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_cm&google_hm=ay1OUWliN1ZySlBXN3RINGh3LUVZSnMwbHNZMEFVSXZ1a...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_gid=CAESENWBdfzwlSljmhdrgYSPNy8&google_cver=1&google_ula=913071,0

43 B
370 B

13ms
4ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_gid=CAESENWBdfzwlSljmhdrgYSPNy8&google_cver=1&google_ula=913071,0

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 629934
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-NQib7VrJPW7tH4hw-EYJs0lsY0AUIvuhoCF5fw&google_gid=CAESENWBdfzwlSljmhdrgYSPNy8&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 822E
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=945636454347791631

43 B
370 B

7ms
7ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=945636454347791631

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3570642
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 09:08:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.206; 103.254.153.206; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0a590b51-3eff-4869-ae1f-349d3356d83e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=945636454347791631
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 822E
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg

43 B
1 KB

181ms
181ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
AN-X-Request-Uuid: 7ef47783-39b5-46ca-86b1-c9a34fa9ef75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.206; 103.254.153.206; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
AN-X-Request-Uuid: 78dc19b2-9d5e-44e9-a156-bea45ee7a181
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ph2Vb1rJPW7tH4hw-EYJs0lsY0CmEauAI-PAqg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.206; 103.254.153.206; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 822E 61 B
794 B 97ms
74ms Image
image/gif 23.207.188.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ULukN1rJPW7tH4hw-EYJs0lsY0DuXglNfR-fJw

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.188.21 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-188-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 09:08:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Sat, 17 Jun 2023 09:08:27 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 822E 42 B
786 B 127ms
6ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k--kcJxFrJPW7tH4hw-EYJs0lsY0B2oh30yRV-pQ&expires=30
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 822E 68 B
605 B 12ms
5ms Image
image/png 13.251.84.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-jbtaflrJPW7tH4hw-EYJs0lsY0DtV2NWlmKS5g
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.84.9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-84-9.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 822E 43 B
688 B 21ms
5ms Image
image/gif 23.106.127.165
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-bPcKHFrJPW7tH4hw-EYJs0lsY0BqtTn-ofKwPw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 09:08:26 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 822E 0
230 B 27ms
10ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tDRL-lrJPW7tH4hw-EYJs0lsY0DEWuQWpompUA
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2865

GET
H2 200 um
criteo-sync.teads.tv/ Frame 822E 23 B
277 B 225ms
115ms Image
image/gif 23.199.77.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-UWWN5FrJPW7tH4hw-EYJs0lsY0AYaUK_SHDcAw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.77.124 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-77-124.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 09:08:27 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 822E
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

7ms
6ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-WxJop1rJPW7tH4hw-EYJs0lsY0BPEXDB5UkxVQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 822E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg&verify=true

0
121 B

8ms
8ms

Image
text/plain

13.228.126.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg&verify=true

Requested by

Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IfRyBlrJPW7tH4hw-EYJs0lsY0BQ0UcyCjapQg&verify=true
date: Sat, 17 Jun 2023 09:08:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame 822E 43 B
828 B 295ms
125ms Image
image/gif 124.146.153.150
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.153.150 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Sat, 17 Jun 2023 09:08:27 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.206","key":"ZI14C8Co8IwAAPDDwbIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40049"}
X-SO-Key: ZI14C8Co8IwAAPDDwbIAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40049
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40049.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 12
Content-Length: 43
X-SO-LB-Hostname: m-ng40.dc4p.scaleout.jp
X-SO-IP: 103.254.153.206

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 822E 43 B
869 B 76ms
76ms Image
image/gif 202.241.208.57
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-qG5NuVrJPW7tH4hw-EYJs0lsY0CxD6rDyBmaXg
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.57 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Sat, 17 Jun 2023 09:08:27 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-qG5NuVrJPW7tH4hw-EYJs0lsY0CxD6rDyBmaXg","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.206","key":"ZI14C8Co5sAAAHnAuiEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad254"}
X-SO-Key: ZI14C8Co5sAAAHnAuiEAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad254
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad254.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: a-tgng40002.dc2p.scaleout.jp
X-SO-IP: 103.254.153.206

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 822E
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=MsEZwzsuR1sOlZslCddas81BygCxVsOE

62 B
548 B

214ms
181ms

Image
image/gif

23.73.13.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=MsEZwzsuR1sOlZslCddas81BygCxVsOE
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 23.73.13.201 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 17 Jun 2023 09:08:27 GMT
content-length: 62
bk-server: b514
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=MsEZwzsuR1sOlZslCddas81BygCxVsOE
date: Sat, 17 Jun 2023 09:08:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 588705
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 822E
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g&C=1

43 B
766 B

45ms
45ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-fMBqmFrJPW7tH4hw-EYJs0lsY0BZmFhMBh8Q0g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 pixel
adx.dable.io/ Frame 822E 0
141 B 251ms
83ms Image
text/plain 15.164.246.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-8NvGhFrJPW7tH4hw-EYJs0lsY0DdN4X0iAx6RQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 15.164.246.88 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-164-246-88.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame 822E 43 B
413 B 233ms
75ms Image
image/gif 35.74.143.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-YjbhUFrJPW7tH4hw-EYJs0lsY0ASbs60VBKdyQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.143.220 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-143-220.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 822E 43 B
659 B 118ms
42ms Image
image/gif 42.99.140.177
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-sBJJyFrJPW7tH4hw-EYJs0lsY0CK6acosPnQhw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.177 Central, Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-177.pacnet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1686992907303038-46
Expires: Sat, 17 Jun 2023 09:08:27 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 822E
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg

43 B
447 B

6ms
5ms

Image
image/gif

54.255.66.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 54.255.66.79 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-66-79.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:08:27 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YzmEtVrJPW7tH4hw-EYJs0lsY0ArcagOk06GGg
access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:08:27 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 822E 42 B
440 B 234ms
209ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-tA7tRFrJPW7tH4hw-EYJs0lsY0BwZhlEgtnQWg
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 822E 0
879 B 481ms
159ms Image
text/html 35.159.42.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-FC0ATVrJPW7tH4hw-EYJs0lsY0D2QGfeODKm1Q
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.159.42.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-159-42-9.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 822E 42 B
668 B 52ms
38ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-anWvZ1rJPW7tH4hw-EYJs0lsY0DI3SNDBOrd5A
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C9DC08D18A7486DA97619E3F13CC26A Ref B: SIN30EDGE0518 Ref C: 2023-06-17T09:08:27Z
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 822E 0
287 B 726ms
183ms Image
text/plain 38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-9Vrnk1rJPW7tH4hw-EYJs0lsY0BdOIDz_lUcUA&initiator=partner
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:08:28 GMT
Cache-Control: no-cache
X-TraceId: 953e232281c75695f7b597359ea1e322
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 822E 42 B
580 B 15ms
4ms Image
image/gif 67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-HtWPLVrJPW7tH4hw-EYJs0lsY0AYTYX9-uGpsQ
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 /
s.ad.smaato.net/c/ Frame 822E 0
553 B 7ms
4ms Image
text/plain 2600:9000:223b:3600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-0QSKU1rJPW7tH4hw-EYJs0lsY0DAAhO7Gw18vw
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
via: 1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: CF5PhO2wNtJiSO576cYdhG2-ZkSnURPijDQr6we3lQedc3gUwnXaiA==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 822E 68 B
259 B 83ms
69ms Image
image/jpeg 2600:1413:b000:1c::17d1:2ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-9a4H_VrJPW7tH4hw-EYJs0lsY0BTAJO3oRMjXQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1413:b000:1c::17d1:2ecc , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Sat, 17 Jun 2023 09:08:27 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.83.151:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 822E 43 B
595 B 17ms
6ms Image
image/gif 54.169.214.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-EpWirVrJPW7tH4hw-EYJs0lsY0D8mitddhu_CA&pn_id=criteo&ext=1
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.214.108 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-214-108.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 put
e1.emxdgt.com/ Frame 822E 0
142 B 16ms
4ms Image
text/plain 54.169.75.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-OP19_FrJPW7tH4hw-EYJs0lsY0AAXJtMam92bg
Requested by: Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=9CCAF0A3E05CA10B&u=%7Cpxoyg72D67EOM5WuefRHe0pqsRIUEqvkWINPy4Gc2RY%3D%7C&c1=glLBMxGOcDnqwL7aIYswbyGZl6Bg4FUCpp33Uz4ZEh0llhZkI4yVor_TNnGe9aBaW1913elbmeeNKnGGjV9bscor9UvuxaM9g7EU0vQ05ODdePUf1A7iX3-ReAcne2wqrFVJq8FidUVyOb5z9Ua2nlbNEB7JO6xcGwZnZQGJMMTwbUIUK5PH2JSrSkSMXOh5KBWpzdNnB3fCLI4rLakeA8qqTyoEHAFrsN_Dub45m3Z4bkv994xCfs9yyJscGuX3eqaaDNIeKeuIGospqergjAhQtbj9lKSZy75qUS_cWZj9rMnzyv3WMxFXq-dwFwcUJHLxo35FNjQcOvEOZGLp47rwh0mjC4Us3PnfSgwDAqmcjHdY4C0bJDrU0YO5jGCtvC7ux9zb9x_nr9-ZY7NKnDy_Pvdf2xKuM9CMSjpozVtOuUdDKFHk1gAAmPnR-DMmovtJuZsyjt1J6otD55-w3QqRhLFSZWXWZ7e8qzT0_QCRqb7XOJG9cJpOnQLCHuv5-E3PXyddONoeZSWef-ji1z4_cKVDK1DooIDxRNbB8W1zOal4f3s7E48_99F89t__EVo12QCPHrXjk58-IjTGWtkkwB7kmg-oOC0aAdNKo--8UqEjTPXi7LxbEOt58Z_CuW2_iJwTl5J9GT5VPXbz0BlRP3e2vD0S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.75.79 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-75-79.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame CC9C 15 KB
16 KB 11ms
7ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:08:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D674 284 B
921 B 223ms
5ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
BLOB 200
OK d5613ca7-768d-4a25-bbd2-4b4978280240
https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/ Frame 0834 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907222&oz_l=4834&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 822E
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PVYe1idM3OMf9BdnvVZMcWeF4wkJxUJt

0
337 B

614ms
203ms

Image
text/plain

35.85.211.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PVYe1idM3OMf9BdnvVZMcWeF4wkJxUJt
Requested by: Host: e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
URL: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 35.85.211.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-211-154.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: beacon-n007-pdx-prod.krxd.net
date: Sat, 17 Jun 2023 09:08:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1686992907
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PVYe1idM3OMf9BdnvVZMcWeF4wkJxUJt
date: Sat, 17 Jun 2023 09:08:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1141931
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D4E3 14 KB
11 KB 11ms
10ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a595fc68ba4645f67690e871bdedd4740a1e808be52211b8a4569875ff1c7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11186
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D4E3 17 KB
6 KB 2292ms
2292ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130202/pubads_impl.js?cb=31075345

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:08:29 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 5ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907383&oz_l=3112&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07D7 42 B
64 B 6ms
6ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvcX4cYQ6RQIB2g-38DU9VqHn6CsI0Shwo2H95b_16hCi7z9vtlUqHDpZwOq1OVSEQx2Yr1YKmSrYy_kYIzX1diNo&sig=Cg0ArKJSzN4AbQmJMRRsEAE&id=lidar2&mcvt=1000&p=116,632,396,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1873320356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686992906328&rpt=106&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D674
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElaUzBRNTMtNS05QzhM
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDzi7nqCN5E5DYAnqabxHd0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaUzBRNTMtNS05QzhM&google_push=

170 B
188 B

52ms
52ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaUzBRNTMtNS05QzhM&google_push=

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElaUzBRNTMtNS05QzhM&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D674
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cW3syXNdR66DWW7Q9Fz_xQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cW3syXNdR66DWW7Q9Fz_xQ

43 B
479 B

190ms
190ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cW3syXNdR66DWW7Q9Fz_xQ

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PB8RBSYRRRCXS4PWSV09
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=cW3syXNdR66DWW7Q9Fz_xQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D674
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

5ms
4ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc3af9a3-968b-4edc-b3a3-230cc8b894c1&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D674
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZS0Q53-5-9C8L

0
733 B

225ms
214ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZS0Q53-5-9C8L
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:26 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A447A48746B44824B1C5217B45E8F127 Ref B: SIN30EDGE0714 Ref C: 2023-06-17T09:08:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+T6T+ttR8KsGL7XlHKQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIZS0Q53-5-9C8L
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcqOCrKDmuvDh_J19mWzBo&google_cver=1

42 B
678 B

5ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcqOCrKDmuvDh_J19mWzBo&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIcqOCrKDmuvDh_J19mWzBo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D674
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/2z6WJU3OeM7I6mSd70pWmA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-T2gQzElE2oLIZsJlKHF8h70uVJ1Ugnmxn99XSw--~A

42 B
678 B

5ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-T2gQzElE2oLIZsJlKHF8h70uVJ1Ugnmxn99XSw--~A
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 17 Jun 2023 09:08:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-T2gQzElE2oLIZsJlKHF8h70uVJ1Ugnmxn99XSw--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D674
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODk2YTdmY2MwMWMwNGE2ODI4NmFjM2FiOWU0MjI4ZTdhMzVmNDMwOA

170 B
188 B

57ms
56ms

Image
image/png

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODk2YTdmY2MwMWMwNGE2ODI4NmFjM2FiOWU0MjI4ZTdhMzVmNDMwOA

Protocol

Server

74.125.130.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODk2YTdmY2MwMWMwNGE2ODI4NmFjM2FiOWU0MjI4ZTdhMzVmNDMwOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D674
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rQXFhrBRQYewr1z7yeud9g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQXFhrBRQYewr1z7yeud9g

43 B
479 B

256ms
255ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQXFhrBRQYewr1z7yeud9g

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 09:08:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NP4X6W80AG8GA91GW4GG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=rQXFhrBRQYewr1z7yeud9g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 all
csm.as.criteo.net/ Frame 3626 0
127 B 4ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:08:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
3ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907543&oz_l=396&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK fc2b5df5-c68e-4afb-b3d0-79ed765b42ac
https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/ Frame B045 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/fc2b5df5-c68e-4afb-b3d0-79ed765b42ac
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 817
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907703&oz_l=723&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:27 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/ Frame B045 0
145 B 4ms
4ms XHR
text/plain 3.0.25.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhEVuEUCDePYZ4TF/postback?ti=3f2bba0a-d793-4f97-bea4-bb8cff87d7e9&gt=sg&c1=2595830&c2=15&sr=magnite.com&ci=873648&dt=8736481481318196516000&si=448214&di=mbantul.my.id&ap=&ui=LIZS0PMB-1F-EI9V&pp=24940&pv=b82e0ba2-bb1a-4121-8c4e-4d93039ebae3&sid=AhEVuEUCDePYZ4TF&oz_sc=d38637de56091ec443ea46e9&oz_df=1686992907932&oz_l=2033&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.0.25.35 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-25-35.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 17 Jun 2023 09:08:27 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE23 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 126100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 22:06:49 GMT
expires: Fri, 14 Jun 2024 22:06:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C1B 783 B
535 B 12ms
11ms Document
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34718ed03e3bf8985b5814795a76db7df3c22df3b2679161a8c0254dca422c7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hoBF3LTkw6YygMxuCGcIEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hoBF3LTkw6YygMxuCGcIEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:29 GMT
expires: Sat, 17 Jun 2023 09:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CAA 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 126100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 22:06:49 GMT
expires: Fri, 14 Jun 2024 22:06:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D62 783 B
534 B 15ms
13ms Document
text/html 2404:6800:4003:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

221c2f3980f6318b98d9d6ca01e7d98c2caef4d44c85b21670ee5cb6e0e15fc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-12Dq94lrx5OO6atLac5ewA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-12Dq94lrx5OO6atLac5ewA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:08:29 GMT
expires: Sat, 17 Jun 2023 09:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C1B 0
0 6ms
6ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130101&jk=1127897759065780&rc=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame AE23 37 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 04:59:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D62 0
0 7ms
6ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130202&jk=4222920612746232&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CAA 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 04:59:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AE23 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ueW3Hw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5CAA 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6rmFYw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
compass.adop.cc/	1970-01-20 12:37:05	Name: ADOP_P_U Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/	1970-01-20 14:46:08	Name: ADOP_CID Value: SG-230617090824-dea89e02dd424a7c
.criteo.com/	1970-01-20 21:58:08	Name: uid Value: 601dbdb1-5894-4eea-8694-26c4914158bd
.mbantul.my.id/	1970-01-20 21:58:08	Name: cto_bundle Value: qjxewV9iSUVTQmVaZHlMVEslMkZnQjE5VXFLTzRHZkhOYnZCNmhLV05LNHg4Rmt5V2NNZnF4cHRqSk1TOWFPVWxOJTJCMm1PR3YyNEo4aXRlYXZiS0U2b1Y1R0VjRGtLcExhaFUyYjZES2x3TTcwM0t1ZFVJdlBoYyUyQm1NaTRmamROJTJCQ1RJRFM3WHNORXVkaTBWQVNiTzRGdG9GSVRVdyUzRCUzRA
.mbantul.my.id/	1970-01-20 12:36:32	Name: lotame_domain_check Value: mbantul.my.id
.crwdcntrl.net/	1970-01-20 19:05:20	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:05:20	Name: _cc_id Value: 66a30b07546e0add2526c8417133eff2
.mbantul.my.id/	1970-01-20 19:05:20	Name: _cc_id Value: 66a30b07546e0add2526c8417133eff2
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaId_expiry Value: 1687597705816
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaId Value: be6eabb33c993b96ac035b7bd63716d53938eb5e445b7ba243b27a32684e1a3e
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaIdType Value: panoIndiv
.openx.net/	1970-01-20 21:22:08	Name: i Value: 2c438756-e81f-4add-a681-bea2c97f9b25\|1686992905
.openx.net/	1970-01-20 12:58:08	Name: pd Value: v2\|1686992906\|jElYiuvOhI
.adsrvr.org/	1970-01-20 21:23:35	Name: TDID Value: fc3af9a3-968b-4edc-b3a3-230cc8b894c1
.openx.net/	1970-01-20 12:58:08	Name: univ_id Value: 537072971\|fc3af9a3-968b-4edc-b3a3-230cc8b894c1\|1686992906254185
.mbantul.my.id/	1970-01-20 21:58:08	Name: __gads Value: ID=0389224eb4f28ee7:T=1686992905:RT=1686992905:S=ALNI_Mbgylwxc3ep3ugGbT0_PhfSC73Hcg
.mbantul.my.id/	1970-01-20 21:58:08	Name: __gpi Value: UID=00000c1429878a8c:T=1686992905:RT=1686992905:S=ALNI_MZCyvfSKcQh4g5jg6Cpeo4xobeqIg
.ladsp.com/	1970-01-20 12:36:36	Name: cr Value: 1
.doubleclick.net/	1970-01-20 22:12:32	Name: IDE Value: AHWqTUl-6-qOZ5hfmPHjBFhN2Xin9HeS0zBsXQZbv_K4Xc63HsUbdFANJFSZVXo42O8
.ladsp.com/	1970-01-20 22:12:32	Name: smn_uid Value: 9MxDDSQQyRJ5kXWahvSaMQ-zDqa9Otg
.socdm.com/	1970-01-20 22:12:32	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg2OTkyOTA2fQ
.smaato.net/	1970-01-20 13:06:47	Name: SCM Value: 80ceee02
.smaato.net/	1970-01-20 12:51:40	Name: SCMg Value: 80ceee02
.sharethrough.com/	1970-01-20 13:19:44	Name: stx_user_id Value: 904a35c6-bcc1-4f53-b518-537e1b620e0e
.ladsp.com/	1970-01-20 22:12:32	Name: lum Value: CITW88SMMRIFCAEQqAESBQgDEKgE
.smaato.net/	1970-01-20 12:51:40	Name: SCM1001851 Value: 80ceee02
match.sharethrough.com/	1970-01-20 12:46:37	Name: AWSALBCORS Value: ekSkguQonBKQkilB6qb/mzksv+sCi2RWZe/KEX2R+4dxTUWC7roVkJb3N12ju9wHrFg/QVRUOJlpaNzypgxVUolfwOrEet5IAyVQ706CHxfUYJ2RaxjhE42yLWW2
.smartadserver.com/	1970-01-20 22:08:13	Name: pid Value: 5699105784722523195
.smartadserver.com/	1970-01-20 22:08:13	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:23:35	Name: csync Value: 79:k-bPcKHFrJPW7tH4hw-EYJs0lsY0BqtTn-ofKwPw
.taboola.com/	1970-01-20 21:22:08	Name: t_gid Value: f2988f23-6dac-4549-a3a3-325153ca7de0-tuctb86fd8b
.3lift.com/	1970-01-20 14:46:08	Name: tluid Value: 1907633764031269729665
.1rx.io/	1970-01-20 21:22:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0cd0b23e-fd3a-4db8-a682-5694e08df8ec-004%22%7D
.yahoo.com/	1970-01-20 21:22:30	Name: A3 Value: d=AQABBAt4jWQCEEbikNaVYDgVbUFn1zJbpaEFEgEBAQHJjmSXZK9E8HgB_eMAAA&S=AQAAArmLzKk_mqVajDP1GfMtWCU
.analytics.yahoo.com/	1970-01-20 21:22:08	Name: IDSYNC Value: 18zh~2c9l
.adingo.jp/	1970-01-20 13:19:44	Name: ID Value: 9db8f58238b1e7a4f2116c7264e5daac
.media.net/	1970-01-20 21:22:08	Name: visitor-id Value: 3299945073876638000V10
.media.net/	1970-01-20 13:19:44	Name: data-c-ts Value: 1686992907
.media.net/	1970-01-20 13:19:44	Name: data-c Value: k-ULukN1rJPW7tH4hw-EYJs0lsY0DuXglNfR-fJw~~3
.360yield.com/	1970-01-20 14:46:08	Name: tuuid Value: 54fd25c9-3d96-4902-aa49-fe0cc0197bcb
.360yield.com/	1970-01-20 14:46:08	Name: tuuid_lu Value: 1686992907
.targeting.unrulymedia.com/	1970-01-20 21:22:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0cd0b23e-fd3a-4db8-a682-5694e08df8ec-004%22%7D
.360yield.com/	1970-01-20 14:46:08	Name: um Value: !38,yaU21SWnqoAiDmF8K8g36pVdOYIS3NYO8csCft3rYBOD4XH.y1-wmMdGN1wv8A7yyjwr5GD-,1694768907
.360yield.com/	1970-01-20 14:46:08	Name: umeh Value: !38,0,1749200907,-1
.teads.tv/	1970-01-20 21:20:42	Name: tt_viewer Value: eb5c6c3e-4a17-44fe-a161-100ce685fca5
.bluekai.com/	1970-01-20 16:55:44	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 16:55:44	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1L4D+5G63g0GreE/L2LIJvL8hEAkJnnRy5vo15bT/vdjlOxeRdCqC
.bluekai.com/	1970-01-20 16:55:44	Name: bku Value: uUW999+TMVxprQ1M
.rubiconproject.com/	1970-01-20 21:22:08	Name: khaos Value: LIZS0Q53-5-9C8L
.bidswitch.net/	1970-01-20 21:22:08	Name: tuuid Value: b9b68183-47ad-4f3b-91d2-834b6b57f7bb
.bidswitch.net/	1970-01-20 21:22:08	Name: c Value: 1686992907
.bidswitch.net/	1970-01-20 21:22:08	Name: tuuid_lu Value: 1686992907
.bing.com/	1970-01-20 21:58:08	Name: MUID Value: 12F3DF00E59060360210CC33E491611D
.c.bing.com/	1970-01-20 12:46:37	Name: MR Value: 0
.socdm.com/	1970-01-20 22:12:32	Name: SOC Value: ZI14C8Co8IwAAPDDwbIAAAAA
.dable.io/	1970-01-20 15:00:32	Name: uid Value: 43304018.1686992907390
.adingo.jp/	1970-01-20 13:19:44	Name: criteo_dsp Value: k-YjbhUFrJPW7tH4hw-EYJs0lsY0ASbs60VBKdyQ
.pubmatic.com/	1970-01-20 13:19:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-HtWPLVrJPW7tH4hw-EYJs0lsY0AYTYX9-uGpsQ&KRTB&23144-uid:k-HtWPLVrJPW7tH4hw-EYJs0lsY0AYTYX9-uGpsQ&KRTB&23286-uid:k-HtWPLVrJPW7tH4hw-EYJs0lsY0AYTYX9-uGpsQ&KRTB&23287-uid:k-HtWPLVrJPW7tH4hw-EYJs0lsY0AYTYX9-uGpsQ
.pubmatic.com/	1970-01-20 13:19:44	Name: PugT Value: 1686992907
.yieldmo.com/	1970-01-20 21:22:08	Name: yieldmo_id Value: 3hMEGVZCCAZm2rbJYrVR%7C1686960000000%7C0
.ads.yieldmo.com/	1970-01-20 21:22:08	Name: ptrcriteo Value: k-EpWirVrJPW7tH4hw-EYJs0lsY0D8mitddhu_CA
.adsrvr.org/	1970-01-20 21:23:35	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMjJjp6Ox_c7EAUYBSACKAIyCwiE8re_pMf3OxAFOAE.
.rlcdn.com/	1970-01-20 21:22:08	Name: rlas3 Value: ZYkncXcmOk6EZQgD/6JWWuhCuuZGakc8WdAVgGktwxE=
.rlcdn.com/	1970-01-20 14:02:56	Name: pxrc Value: CAA=
.casalemedia.com/	1970-01-20 21:22:08	Name: CMID Value: ZI14C5kw8CxjDBQu1.i.5gAA
.casalemedia.com/	1970-01-20 14:46:08	Name: CMPS Value: 5011
.casalemedia.com/	1970-01-20 14:46:08	Name: CMPRO Value: 5011
.adnxs.com/	1970-01-20 14:46:08	Name: uuid2 Value: 945636454347791631
.linkedin.com/	1970-01-20 21:22:08	Name: bcookie Value: "v=2&ba677a39-6c4d-4537-83cb-49e26bb885fb"
.linkedin.com/	1970-01-20 12:37:59	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3084:u=1:x=1:i=1686992907:t=1687079307:v=2:sig=AQE2W1RGoHPpMVweb4WQKGzhbtRo1vuH"
.zemanta.com/	1970-01-20 21:22:08	Name: zuid Value: OvuZGCgldEEyN7P5ZtPB
.turn.com/	1970-01-20 16:55:44	Name: uid Value: 3146366376447986902
exchange.mediavine.com/	1970-01-20 12:56:42	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22858c2c90-0cee-11ee-9bb5-25d40822dd77%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:56:42	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22858c2c90-0cee-11ee-9bb5-25d40822dd77%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:56:42	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22858c2c90-0cee-11ee-9bb5-25d40822dd77%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:56:42	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22858c2c90-0cee-11ee-9bb5-25d40822dd77%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 12:56:42	Name: criteo Value: %7B%22id%22%3A%22k-FC0ATVrJPW7tH4hw-EYJs0lsY0D2QGfeODKm1Q%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 14:46:08	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C''d@Zfx!]tbPl@/D!9hy6]/Cv[#dcM]^kNA?lv>WG/gsZw5>ET].O'6MchG#_113#5t+`TC*m+7jl8/J%nugO%v4VB%nqRt+V3<F
.krxd.net/	1970-01-20 16:55:44	Name: _kuid_ Value: PntM0t8d
.amazon-adsystem.com/	1970-01-20 17:21:40	Name: ad-id Value: A9llvjPm_E1KkumsBf7aiD8
.amazon-adsystem.com/	1970-01-20 22:12:32	Name: ad-privacy Value: 0
.rubiconproject.com/	1970-01-20 21:22:08	Name: audit Value: 1\|mJD1HO5nMhOWpVw1ntTPcqUUyWxOT54MOaX3FSNMPoV80O40QVPQDSJheiRJluA7iTmiFzbwVcciZ07GJqnMno4BjqNRGrmz

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	error	URL: blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240 Message: Mixed Content: The page at 'blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240 Message: Mixed Content: The page at 'blob:https://e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com/d5613ca7-768d-4a25-bbd2-4b4978280240' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ade.clmbtech.com
adgen.socdm.com
ads.as.criteo.com
ads.stickyadstv.com
adservice.google.com
adx.dable.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bf9c608260c5e5a0332a52144bb63a72.safeframe.googlesyndication.com
c.bing.com
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
compass.adop.cc
contextual.media.net
cr-p1.ladsp.com
cr-p3.ladsp.com
criteo-sync.teads.tv
cs.adingo.jp
csm.as.criteo.net
data.adop.cc
dis.criteo.com
e1.emxdgt.com
e877622696b1ef670f314b7e1250c673.safeframe.googlesyndication.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
imageproxy.as.criteo.net
invstatic101.creativecdn.com
jp-u.openx.net
link.deimoney.com
match.adsrvr.org
match.sharethrough.com
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.casalemedia.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.update.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
widget.sg1.as.criteo.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.254.151.120
104.254.151.60
124.146.153.150
13.224.249.123
13.224.249.124
13.228.126.19
13.250.241.73
13.251.84.9
13.33.88.32
139.5.84.243
141.226.229.48
15.164.246.88
162.19.138.118
182.161.73.132
182.161.73.136
182.161.73.146
2001:df2:a300:bbbb::135
202.241.208.57
23.106.127.165
23.199.77.124
23.207.188.21
23.73.13.201
23.75.85.227
2404:6800:4003:c01::9b
2404:6800:4003:c01::9d
2404:6800:4003:c02::5e
2404:6800:4003:c02::68
2404:6800:4003:c02::84
2404:6800:4003:c03::5e
2404:6800:4003:c03::9c
2404:6800:4003:c06::84
2404:6800:4003:c0f::9c
2404:6800:4003:c1a::5f
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::9
2406:2600:7:100::f
2406:da12:fbe:4200:82eb:831e:204f:98bc
2406:da18:929:5a03:1507:ab6c:c908:2148
2600:1413:b000:1c::17d1:2ecc
2600:9000:21b4:4200:a:e047:753:be1
2600:9000:223b:3600:1b:5138:8a40:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:16d
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:c11::200
2a02:4780:3:c141::17
2a04:4e42::485
3.0.25.35
34.102.146.192
34.120.107.143
34.96.70.87
35.159.42.9
35.190.39.111
35.190.60.146
35.213.12.39
35.244.159.8
35.74.143.220
35.85.211.154
38.133.127.31
42.99.140.177
50.31.142.127
52.223.2.229
52.223.40.198
52.46.128.147
54.169.214.108
54.169.75.79
54.255.66.79
54.64.237.165
67.199.150.86
67.220.226.233
69.173.158.64
74.118.186.107
74.125.130.157
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d59b5b6643425635fbb2e19c31acc18c537e7fb4f35b1bbd9182758a92d1b23
0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
17f1430f10fa1b442024916072a54da77fdb3cba8f8c57884b3194cab9a9b56b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
2205dae4df582cbdf957b3bdfe9710cce96d9550045fee05a2b1bf5c3df373bf
221c2f3980f6318b98d9d6ca01e7d98c2caef4d44c85b21670ee5cb6e0e15fc2
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
29e03332871ec0163a10f48cf436d79cbb7cbdc9bb8a7f8515ad129b8b074054
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1
2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5
300c716d8876e2b8dd5ba9ea9b101396feb3a07e64991d9db28a3f05a0b35d4e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34718ed03e3bf8985b5814795a76db7df3c22df3b2679161a8c0254dca422c7d
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
36c777d85163ebf68e8accff4f9299a53451d2aeb52240ec16421f87af2901cc
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c03764482092651fbd9d556911af9e226f67c84ebc8db51e5e9dfbd920ef98a
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43399fbf479272363946815573c2bf900331022cc597eba94f5f530a9be0d3cf
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
43fb517f060547233280e4780a2498bc866d35cd01178cb99d2ac76af139fdd8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48aa4f93153ed64a9ac4bc6f05d51f71b91f40048e45aa97efb844b31249ae8e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51ce3ba74372127b8d48ec46c36c0d2b88d0ab93f37d9547aceb252ffb5d2079
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559941de16c51c1c68465b24f308385384661b634f8f3f0fc928a17f2f912c6c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5ac867211e70e9bcf43c95d54d4b09659268ce36265093d276f4255feaa71fe9
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62133fb2a9e0ef4916944c4a74c03a29efff55eb0c4e4b99af8a4c2eb6bf00d3
637d0538383080c3f883d261ade0cde40bfc5257b909dd8da47831866c957fdf
63d2f1bd44add3fdb170079ac23b7954eab7c2c746c3f1c6080e68443c2374a1
66258465a711401792520526cba0c67dd4bbda62ecc4dceed42c712d0ed6ae40
6a203453107a92a404bc9520ad7ad7c95ffc008a167157d1c458f266c04c5533
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ae2d68476f1679e85a6c200588b5abc4dda79699d1a77394e7e65f3cfcc17c
745a4dd4a9310b7959f7e1cb0724027ae9c41ec9b2854a65f1534afbd4c674c9
77d765c480fcf48afc83c3f78e793499a90eb1c28d80e8629023bd363128858a
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
81467fda94bff836c8cd12a29937fd2c579d8319bc5c72ac3e629dee98b84cf0
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8c00b81c6bf51adc887df0e8e2642b723c611b77ae476ad864c18a04c93e8f5a
8d20530014dbf162307171b951413080942a560547cc4434bb940fda5809c2e3
8dc591f60d9cadf5dcad6b6beb707cba7128855e8bd40a437656a36eb7da36b5
8e0b6ca9a274dd36c85f13154c8233f423d757dfa1d82df88507889b9fbd8085
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a595fc68ba4645f67690e871bdedd4740a1e808be52211b8a4569875ff1c7d3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9fe5e1802c58cd1a32fecdeb748dec7b3385992e93dc074b1a28040ad904b8d0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270
b582044ee23d53d3eb2c463f266c8806af95ca4b57df6f12cb6780494646a907
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032
d15b962fd0f6c42ca9d69a86b3e2f0a5e97f1de729aec417d37364376fe6c51d
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6da8c77d8097f1fd3044ac16738ebf8859f2cd951028a463bca37a879f6922c
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45
f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f6d80351fc0acd3a6eed3e21da172496f2dbd7b39fc8093ea1c3d88546de1036
f7948f9a30ae2ed3b3b8475355e4e71a7dcb6c60d6c7bc5bde65f84bafcb8d4b
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

mbantul.my.id Open in urlscan Pro 2606:4700:20::681a:16d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

84 %HTTPS

38 %IPv6

55 Domains

85 Subdomains

70 IPs

9 Countries

2932 kBTransfer

5799 kBSize

82 Cookies

0 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:16d Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

84 %
HTTPS

38 %
IPv6

55
Domains

85
Subdomains

70
IPs

9
Countries

2932 kB
Transfer

5799 kB
Size

82
Cookies

215 HTTP transactions
4 data transactions