urlscan.io logo urlscan.io
SecurityTrails logo

cek.bukaberita.com Open in urlscan Pro
2a00:1450:4001:809::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://cek.bukaberita.com/
Submission: On April 17 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 17 domains to perform 111 HTTP transactions. The main IP is 2a00:1450:4001:809::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is cek.bukaberita.com.
TLS certificate: Issued by GTS CA 1D4 on March 17th 2022. Valid for: 3 months.
This is the only time cek.bukaberita.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 74.121.143.246 30419 (MEDIAMATH...)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
2 94.130.102.164 24940 (HETZNER-AS)
2 23.35.228.210 16625 (AKAMAI-AS)
4 46.4.10.47 24940 (HETZNER-AS)
4 138.201.63.116 24940 (HETZNER-AS)
8 37.157.4.29 198622 (ADFORM)
26 37.157.2.249 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
111 26
2    2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cek.bukaberita.com
4    2a00:1450:4001:811::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
11    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
3.bp.blogspot.com
6    74.121.143.246 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
9    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
2    23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
4    138.201.63.116 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
8    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
26    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
34 adform.net
track.adform.net — Cisco Umbrella Rank: 4449
s1.adform.net — Cisco Umbrella Rank: 9664
416 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
221 KB
10 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31596
hal90002.redintelligence.net — Cisco Umbrella Rank: 279937
hal90004.redintelligence.net — Cisco Umbrella Rank: 273108
12 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632
csm.eu.criteo.net — Cisco Umbrella Rank: 7420
7 KB
8 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2919
pixel.mathtag.com — Cisco Umbrella Rank: 1233
6 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
39 KB
4 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9202
186 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11325
ads.eu.criteo.com — Cisco Umbrella Rank: 7422
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555
17 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
109 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
91 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 8645
3.bp.blogspot.com — Cisco Umbrella Rank: 11466
4 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 gstatic.com
fonts.gstatic.com
47 KB
2 bukaberita.com
cek.bukaberita.com
78 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 794
646 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682
7 KB
111 17
Domain Requested by
26 s1.adform.net track.adform.net
s1.adform.net
cek.bukaberita.com
10 pagead2.googlesyndication.com cek.bukaberita.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 track.adform.net hal90002.redintelligence.net
hal90004.redintelligence.net
s1.adform.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 static.criteo.net ads.eu.criteo.com
6 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
4 hal90004.redintelligence.net hal9000.redintelligence.net
hal90004.redintelligence.net
4 hal90002.redintelligence.net hal9000.redintelligence.net
hal90002.redintelligence.net
4 www.blogger.com cek.bukaberita.com
3 www.googletagservices.com googleads.g.doubleclick.net
2 s0.2mdn.net s1.adform.net
2 pixel.mathtag.com tags.mathtag.com
2 hal9000.redintelligence.net cek.bukaberita.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 fonts.gstatic.com cek.bukaberita.com
2 cek.bukaberita.com cek.bukaberita.com
1 www.google.com tpc.googlesyndication.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 3.bp.blogspot.com cek.bukaberita.com
1 1.bp.blogspot.com cek.bukaberita.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 maxcdn.bootstrapcdn.com cek.bukaberita.com
111 27

This site contains links to these domains. Also see Links.

Domain
get.bukaberita.com
www.blogger.com
Subject Issuer Validity Valid
cek.bukaberita.com
GTS CA 1D4		 2022-03-17 -
2022-06-15		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://cek.bukaberita.com/
Frame ID: 45232987EE5B1EFD469D201971B0822C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 8A9557BB6713E0595EE917C2A6A5D612
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&adk=1812271804&adf=3025194257&lmt=1649723718&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcek.bukaberita.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097299&bpp=161&bdt=107&idt=162&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7932573861304&frm=20&pv=2&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: C2B6DA4C3AC773E03BC71D49402E194B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Frame ID: 2C0E247628FB958F8F553501659F4330
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Frame ID: 68288DDAB6B25D167CF8FA2288263C89
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Frame ID: 178AC2B143F2025C747E17E16B228B7D
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Frame ID: 762B18838B7C39E2EF261675D1FD95AA
Requests: 11 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
Frame ID: C1B0FFA0C299509783936EE7D9CC65F2
Requests: 10 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
Frame ID: E16173C35697FC21180DF575810E5878
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10999340/10999340.js?ADFassetID=10999340&bv=258
Frame ID: 31C27FA358D8B19D1729B03E543EEB98
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10999322/10999322.js?ADFassetID=10999322&bv=258
Frame ID: 48335338E049C4DE596209E1A9EB9E5A
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E952E39B4EA62176F1E42747911BD4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC369044AE020C7777EF521420C673B5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cek Stok

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

111
Requests

100 %
HTTPS

60 %
IPv6

17
Domains

27
Subdomains

26
IPs

4
Countries

1244 kB
Transfer

2676 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cek.bukaberita.com/ 		267 KB
75 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03c65effad542b3debc9401840fbb61ac428834ea93260da4b1aaa9d7cf54451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
76940
content-type
text/html; charset=UTF-8
date
Sun, 17 Apr 2022 00:24:57 GMT
etag
W/"a0256a8d7251413886b2ea43c304ebaa552b7bb2c8cfefab490fef54d99fc6a9"
expires
Sun, 17 Apr 2022 00:24:57 GMT
last-modified
Tue, 12 Apr 2022 00:35:18 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 02:29:21 GMT
x-content-type-options
nosniff
age
510936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30597
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 15:48:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 11 Apr 2023 02:29:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9878832386223683
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
842fcbd008378fca6e033eca2004b5547bfecd1dde673ba476325c23d23768f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Origin
https://cek.bukaberita.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54295
x-xss-protection
0
server
cafe
etag
6839107739853452613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Apr 2022 00:24:57 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 		303 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9878832386223683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93984adff71c5720735c377ebbb184f0ad5e6f9b355b41680034679a1957291d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110910
x-xss-protection
0
server
cafe
etag
3845817491184810140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Apr 2022 00:24:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 8A95 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9878832386223683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 20:59:15 GMT
etag
14837630671339829333
expires
Sat, 30 Apr 2022 20:59:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
7380770
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
cf-ray
6fd1054f3e9c9b2b-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8299103060510270295&zx=847d3ad5-0b85-40ac-878b-779a0bd3693b
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 17 Apr 2022 00:24:57 GMT
server
GSE
date
Sun, 17 Apr 2022 00:24:57 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
6xKodSZaM9iE8KbpRA_pkHEYT8L5.woff
fonts.gstatic.com/s/quicksand/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v9/6xKodSZaM9iE8KbpRA_pkHEYT8L5.woff
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb7eb8d3f5c604927ea14ede72119b64e8795af4ad671aeb5ac772f2663e90a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Origin
https://cek.bukaberita.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 22:04:44 GMT
x-content-type-options
nosniff
age
267613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23356
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:36:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 22:04:44 GMT
6xKtdSZaM9iE8KbpRA_hK1QL.woff
fonts.gstatic.com/s/quicksand/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v9/6xKtdSZaM9iE8KbpRA_hK1QL.woff
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ae842d198676f7c61f6a27d17956ae80f4eb681a4c6bc1228ef7a50e35f914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Origin
https://cek.bukaberita.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 19:43:03 GMT
x-content-type-options
nosniff
age
362514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23880
x-xss-protection
0
last-modified
Tue, 19 Feb 2019 22:34:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 19:43:03 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cek.bukaberita.com&callback=_gfp_s_&client=ca-pub-9878832386223683
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b5b36997df9e0a27607646998ba8f1f486adcf999cfcc16e01dd1024fdf00902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cek.bukaberita.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cek.bukaberita.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcek.bukaberita.com%2F&tn=HEADER&cls=header-wrap&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C2B6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&adk=1812271804&adf=3025194257&lmt=1649723718&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcek.bukaberita.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097299&bpp=161&bdt=107&idt=162&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7932573861304&frm=20&pv=2&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f0efa7e70db94c77ca165852c845c7821053cf6d580a637de0a246f7589a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
4609
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:57 GMT
expires
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2C0E 		24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09c7d9c62a4f68af0ce5a92f5f66045dc00d5113a080e4cde4587a3ac45fde40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10419
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:57 GMT
expires
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
stik-ps5.webp
1.bp.blogspot.com/-kN3gfLFNLL0/YTEEtlWZ4PI/AAAAAAAAANM/n_A1sxI9ONUwrL3Sc1XTD1Vw_2EvoLY4ACLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kN3gfLFNLL0/YTEEtlWZ4PI/AAAAAAAAANM/n_A1sxI9ONUwrL3Sc1XTD1Vw_2EvoLY4ACLcBGAsYHQ/w72-h72-p-k-no-nu/stik-ps5.webp
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1cff68d252472b6d6aea7476615c26764dc19106d1662b52a6c42613a39ced51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
x-content-type-options
nosniff
server
fife
etag
"vd4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="stik-ps5.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3260
x-xss-protection
0
expires
Mon, 18 Apr 2022 00:24:58 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6828 		24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eae920615f4109a1529b43459843820fa66bdcf1a17332e91e96063f18d30dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10395
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:57 GMT
expires
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 23:47:47 GMT
x-content-type-options
nosniff
age
2230
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
362
x-xss-protection
0
server
fife
etag
"v1764"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 13:19:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 178A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
360acf601e885590aa305b9e9a2b5a460397c1f7cc367ee03181f217ba69d454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9670
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:57 GMT
expires
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookienotice.js
cek.bukaberita.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cek.bukaberita.com/js/cookienotice.js
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Apr 2022 20:50:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 24 Apr 2022 00:24:57 GMT
1699748815-widgets.js
www.blogger.com/static/v1/widgets/ 		155 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1699748815-widgets.js
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72bf5888f5929c5c158dd551cc83d19ba4d77fd678e96999aeff7c7d5ccb69f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 01:54:10 GMT
x-content-type-options
nosniff
age
513047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158939
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 00:50:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 11 Apr 2023 01:54:10 GMT
js
tags.mathtag.com/notify/ Frame 6828 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODMzMzY4MDg3NTUwNDkzMzMvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM5V0tzWlJ2WWdsRDZheFJxSEJ0cDAwLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU4MzMzNjgwODc1NTA0OTMzMy9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/wpzJRZq_FQdmqEsVIf__qT5G4ZM&nodeid=2825&group=cdg&auctionid=8583336808755049333&shardkey=8583336808755049333&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%26client%3Dca-pub-9878832386223683%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
ac550f882b1eddc84ad4a11743561c4e200963eb9f4fd2526fd614951c6b981e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1650155097
Last-Modified
Sun, 17 Apr 2022 00:24:57 GMT
Server
MMBD/3.308.0
x-mm-latency
288 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x77, cdg-bidder-x174
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sun, 17 Apr 2022 00:24:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 6828 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:18:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6828 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Apr 2022 00:24:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 6828 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:14:08 GMT
js
tags.mathtag.com/notify/ Frame 2C0E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzE2NTA3OTAzMjc2NjE0MDQvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanMtUXZJbDRqeVdCY2NkUHIxQjFPTDVVLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk3MTY1MDc5MDMyNzY2MTQwNC9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/2DSchqJn2TpDhRDbEpaHJM09Vdg&nodeid=2825&group=cdg&auctionid=3971650790327661404&shardkey=3971650790327661404&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%26client%3Dca-pub-9878832386223683%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
a038cf8122c3c8ab03e33d347f49d42cbd0a4f8164e64868b4d12998db3fb15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1650155097
Last-Modified
Sun, 17 Apr 2022 00:24:57 GMT
Server
MMBD/3.308.0
x-mm-latency
144 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x99, cdg-bidder-x174
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sun, 17 Apr 2022 00:24:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2C0E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:18:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C0E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Apr 2022 00:24:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 2C0E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:14:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6828 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUhB9WV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLkBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHy_bnZxnaNDc4pISiK_TAtzNvjz_Yry2u3T6CqEKan60SHw1eRC3WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk4Nzg4MzIzODYyMjM2ODMYAA&sigh=-9uhFMBexjA&uach_m=[UACH]&cid=CAQSGwCNIrLMRRWpKtDyfMGXMt7Obc7NwhramyHEmRgB&tpd=AGWhJmtwsYv3TsDcmotZ-acFbL9Q9gMYa9EL-unqK68tZkXoi3fEpRhWrYZKvzf96cR6mk3kFcfz0Xt2bJUbMv6MuRggPlySPuIaWdIOJev5ZqCLVjCLQcazSySERPKM71fWWkSLyYBv8iSLP6pYEU6fAZh0f45EhKBBN4Nn1SBWGU8VFC_PiA8AEKq4nHeIBbvJTyYMqRaideVcyzXIKNQzpn6G_WDVohEDd7biiEp5Gx1zEQSOcWOF5NGgSG_nKemLV42qOXEMXDjERg7qD0G7rhC3U4MXqpgnuVL4-Z4L7EUAwb2ygB9MHMMXoMbZwr_vNOlVCl0bQswo9Dsaz1ne0fBX0gGqJ_018gBvM4W1DT09GsPY091vOt5HtIe8tvuwq53o_KxU6hjXqzwwBjBaeYSmMN92r1tF5-Hgj6uxccPBdY4p2qYh_nJyuJK3HZzco6lkD5fCdTUZLMZ7YnJmwi-iV8fMauf0FB9bHvm_5VA0tjHMF6lsO6RTP6C4b1keRUHrQ8px1XdLHcEma3NHpOLg8iAC6nwFWSiEj-6cnOoV7hu8QQZQnif0abCZOQZWizS3sMVxJYBiF-ADC_KRnrUOGWyhFNOHkCwiYFTgtJ-OOoT8NMPP38I4S2LfMDP4j0Z26cZprFONxnlsdaR9C8OGdpX3BAM2v-UR0vhpEiChoTozrk1yz2PLVa7-LCNgEFJDsWBDedHVkERuszP5qHRsrfy9XXflRqh59WgDd8Xq6pyrCfBu5trrvgjdvjEvlRGbGdoAjqLzu6yT0n52alEDsn7ROc_nB9NbqgGzUZ8UN8CTxn6ZvO6bMrEXEW9NvNPbU0clA5E8Wjb5sdOXEFWLXxBD46BebqzqhY_3Rporsiu7SnFTm5Ns2G5aJ0iGm8eDSnLcp159jFFOvbG44urJagxUfeKXyH0_0SpY0EIpZVTUcTK_ELtko8ObQupWYlRboli3qAjjsohvN4z5z7bEnFgyVXjhkKfHYwv8Ky3WFAlUvZHBPtR93JlV4LdDCN9L1ympbfMzkTNgPz6hvvBYgU6rsTV9C6ePvDY5A10xYPIVVHYeXv2dAhoyIF9jO9UHFdtnBJVYX0BUeiaz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=8832090482&adk=1017603385&adf=4181163231&pi=t.ma~as.8832090482&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097509&bpp=5&bdt=317&idt=5&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=630&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U4g9VdfSLJ&p=https%3A//cek.bukaberita.com&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 17 Apr 2022 00:24:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 178A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:18:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 178A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Apr 2022 00:24:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 178A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 May 2022 00:14:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2C0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClxnvWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS5AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbPPklahH6kOihjEjh8b7Jj7XzmY6u_6HpoxNYHsX2hTkqfUgG-e_gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05ODc4ODMyMzg2MjIzNjgzGAA&sigh=ZMhOpFeZ3KY&uach_m=[UACH]&cid=CAQSGwCNIrLMN7FYboP8fpG_dSz_FhiaV1knTWqSLhgB&tpd=AGWhJmuflSMMm8hvYJOlLLcVBpx7nLSVGnFdGgRZBINFCvCy98DyavXFnRWpHgVzGs5RitB0TTCGi6XsdC0XAu5CE1Kfo5x-Qw5J3Vo99V_aHFFxETH-wlGqKa4BW2UlLXej3pJVw7jbdGfUOr_v_hkBzIQ-N3kcu2zthucgSFDiRAa9_TRfDsxUKh_yciljEuzF0P5WraKfwb9DUcsSobSEi4htakfZekBK0FQV3AwExOhgcSX70BoJ0PGsbaIxVAr4ZCf1u17d_NJiFR7dTPCrPBBeLyz9d6zef_prc4KDSvbOm7ZeYRWL7jRWnXJQVuODnKxHqT9DqPAenJsHy4dqNCTMP3M6rVV9lR7EQbxTcmU3KErZSrkhZbM-RYLU1bSwOi80s2U_CpKahk4OYwfxBTQmqArJ9nt9s10avOG7ZmDvzC0dLdWMz3yrIAly9VZTcnJp5Ue2aQIhCCX_x6Wwec7u4NwoWWdq2mMmpxe3h9BKADnkSputopT5F3GWfp3ZSJRHN3OQ6L__Biip0Guj9Pgo98NdNG9AFBtMRgnf5_gDOqojzONtvq_XgadS_48ny50Ah6zr1Vzdq61k19fRphngZwB3nUN7xNzgjxbeORgrc9Zr4KbIfLBsLoYYd64eAeE1VBKpZIgSCwS_RhZuFO8qoPzdEWHSEZiWsF3HIS2KBjW7uCK57Y5-uVYcbuxQclektm-WbhoPiKQJQhc5Xp2yD36HASEeEUIB6WwEUv-Po-KzO66NG4pNxCiPaGLMBqP268HjgwlWm-InT6KhkP3ybMlsknfoCLpkK_TkHT_BxXSgiO7e2VDt47QYms7E6Ur_JcfpBNTuyGCAK-q8CmRuot6MDFXCyXYC9GTQWzup5uctS4hn1963Y7VYkJ_vIrOLrLTsW2A-ST5RDYPQgedGYTQLqRSSuQDcJ41Gyyjz0N3U5GO68klER0DSto5eHzebe3nNDekAP3l2tCQj9JD4xBV_Q1w5Pzgqasex9rDT1Bs_4Uz6n8fNfJf_bLmBi1siANQ_NSsIdv6PrXMjc_leLi1DTU3NDN4zLx1CbLcaSlKZUwkaw74PmuNKyjnGsbS-XOSfJsUYFAUoDjIN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=7628472412&adk=2324414275&adf=2198289079&pi=t.ma~as.7628472412&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097485&bpp=1&bdt=292&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=1&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hXmhwoIWC5&p=https%3A//cek.bukaberita.com&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 17 Apr 2022 00:24:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 178A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQHhaWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLgBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ4daNNGHQu1U-nOaESsf2-OqWE2NIdtOl_G12_9_7yX8UeWJfMKaoAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTg3ODgzMjM4NjIyMzY4MxgA&sigh=DTdfiqQbJX0&uach_m=[UACH]&cid=CAQSGwCNIrLMOBiNrmJqj66aGwUuzbl2Ci-XUVidCBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Apr 2022 00:24:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 17 Apr 2022 00:24:57 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 178A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEuGBMNACmAKdg2ICAgAAAIeFazJgCFgSEFleW2JPurwY6ZqLhpm5_QAS&wp=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:56 GMT
server
Kestrel
server-processing-duration-in-ticks
414927
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 762B 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9878832386223683&output=html&h=280&slotname=6205927143&adk=1922151930&adf=2556019162&pi=t.ma~as.6205927143&w=336&lmt=1649723718&psa=0&format=336x280&url=https%3A%2F%2Fcek.bukaberita.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650155097520&bpp=1&bdt=328&idt=1&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280%2C336x280&nras=1&correlator=7932573861304&frm=20&pv=1&ga_vid=564091310.1650155097&ga_sid=1650155097&ga_hid=648349933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067131&oid=2&pvsid=1653470247667103&pem=869&tmod=1276011560&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mepGNfxUyy&p=https%3A//cek.bukaberita.com&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4c7977c3be0d51567f87014fd3ec84752dcbabcd01a7a189b700dbfd7bcfd815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AiTsTijbzzX2WIk7e3fLZzCLpGfiMCoYhf1_pUxyDjd1U78gWh1eKhBhGQHcpJqqxgoQIJRVxDJqGZ-5mBb6FixDx45nDHZtNJ1ONvpBTyCJV5POwfO3vaCb6HGnD-C8qP9Q0sA0vmwUCDZTNg6Cfi-LSHDdlDG3_eqJkWwAB0XZFMpRR7PNWy10haPavmxviPY-_e2GPxY5uCZlaLKfhnrt4dkLILdR2VvY-JN7cDxJeF8vVlqkACtHEOfrBUKhsRhM6_Q-F5W_p-4S"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3381173
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame 762B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Apr 2023 00:24:57 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 762B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Apr 2023 00:24:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 762B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 12 Apr 2023 00:24:57 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 762B 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 12 Apr 2023 00:24:57 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 762B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=sUTYHSC1FSYz-WCjs-znaKGb1tpI1olheDN4gHnrnAnSMC7mLhhIaUCMOtU1QBZL1Yk8mOR8VYZKwYgP1xdoIB238Nle7BZ44jW9ULKbe9INLgu37evhie4RvBS795bbvc-NMALEfdhDfWXNhW12afNA99W7ua8M5mLd5TRG1DiwrCRMRecMKPYurBpYFbi4iOWV2-uB6we0jyc9q9qsGmQMZLf_Qrrp71sKWxnRUu22gZIanf3U4MIsfNU7bZdayMHTebVEXZx4xVrN4FMkgHqywKakEoIRlajIBeBcvkrSoDKTEIppUYYLXmQgIAlCK62n2oUAEXnmHEwJ43qrlU87HVMHmXrrUpyyJvab_1ntLAAC4xw1go9A7Aln-KCn6Vm5zGmjUqDePjN1spa0-cVDvfv1JvAau5K5oscTKq8GOAZqrnJNH-QgxSwJVigmfq7h1Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:57 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3033964
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg
static.criteo.net/design/dt/90764/220415/ Frame 762B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220415/1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame 178A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83163eff5b71d6c2076ad6cde039910a02afbadfe269da9e58471feae662bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame 762B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AiTsTijbzzX2WIk7e3fLZzCLpGfiMCoYhf1_pUxyDjd1U78gWh1eKhBhGQHcpJqqxgoQIJRVxDJqGZ-5mBb6FixDx45nDHZtNJ1ONvpBTyCJV5POwfO3vaCb6HGnD-C8qP9Q0sA0vmwUCDZTNg6Cfi-LSHDdlDG3_eqJkWwAB0XZFMpRR7PNWy10haPavmxviPY-_e2GPxY5uCZlaLKfhnrt4dkLILdR2VvY-JN7cDxJeF8vVlqkACtHEOfrBUKhsRhM6_Q-F5W_p-4S&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Apr 2022 00:24:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 762B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Apr 2023 00:24:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 762B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:57 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Apr 2023 00:24:57 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8299103060510270295&zx=847d3ad5-0b85-40ac-878b-779a0bd3693b
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 17 Apr 2022 00:24:58 GMT
server
GSE
date
Sun, 17 Apr 2022 00:24:58 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
uten8uck00se
hal9000.redintelligence.net/zone/ Frame 2C0E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=1&gdpr_consent=li&rnd=3971650790327661404&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI8P4Ke4DWgw66Sw%26exch_seat%3D20035004448%26mt_aid%3D3971650790327661404%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_cid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
255469b359ed2338fe4088ba8c5535ca136ba74eb0e8d112d4e23af5a831b676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3315
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 2C0E 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3971650790327661404&node_id=2825&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzE2NTA3OTAzMjc2NjE0MDQvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanMtUXZJbDRqeVdCY2NkUHIxQjFPTDVVLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk3MTY1MDc5MDMyNzY2MTQwNC9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/2DSchqJn2TpDhRDbEpaHJM09Vdg&nodeid=2825&group=cdg&auctionid=3971650790327661404&shardkey=3971650790327661404&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
MMBD/3.308.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x90, cdg-bidder-x174
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 17 Apr 2022 00:24:57 GMT
img
pixel.mathtag.com/event/ Frame 2C0E 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3971650790327661404&v3=1129274&v4=11142481&v5=10406292&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzE2NTA3OTAzMjc2NjE0MDQvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanMtUXZJbDRqeVdCY2NkUHIxQjFPTDVVLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk3MTY1MDc5MDMyNzY2MTQwNC9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/2DSchqJn2TpDhRDbEpaHJM09Vdg&nodeid=2825&group=cdg&auctionid=3971650790327661404&shardkey=3971650790327661404&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-210.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master zrh-pixel-x31 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
MT3 4335 2c68c00 master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 17 Apr 2022 00:24:57 GMT
img
tags.mathtag.com/event/ Frame 2C0E 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3971650790327661404&st=11142481&time=1650155098&nodeid=2825
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NzE2NTA3OTAzMjc2NjE0MDQvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanMtUXZJbDRqeVdCY2NkUHIxQjFPTDVVLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk3MTY1MDc5MDMyNzY2MTQwNC9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/2DSchqJn2TpDhRDbEpaHJM09Vdg&nodeid=2825&group=cdg&auctionid=3971650790327661404&shardkey=3971650790327661404&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
MMBD/3.308.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x97, cdg-bidder-x174
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 17 Apr 2022 00:24:57 GMT
request.php
hal90002.redintelligence.net/ Frame 2C0E 		612 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=16b4e59741&subid=&uid=081cbe1ebae85c21&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI8P4Ke4DWgw66Sw%26exch_seat%3D20035004448%26mt_aid%3D3971650790327661404%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_cid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fnpa%3D1%26client%3Dca-pub-9878832386223683%26output%3Dhtml%26h%3D280%26slotname%3D7628472412%26adk%3D2324414275%26adf%3D2198289079%26pi%3Dt.ma~as.7628472412%26w%3D336%26lmt%3D1649723718%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fcek.bukaberita.com%252F%26host%3Dca-host-pub-1556223355139109%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650155097485%26bpp%3D1%26bdt%3D292%26idt%3D1%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7932573861304%26frm%3D20%26pv%3D1%26ga_vid%3D564091310.1650155097%26ga_sid%3D1650155097%26ga_hid%3D648349933%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D632%26ady%3D198%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067131%26oid%3D2%26pvsid%3D1653470247667103%26pem%3D869%26tmod%3D1276011560%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D1%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DhXmhwoIWC5%26p%3Dhttps%253A%2F%2Fcek.bukaberita.com%26dtd%3D5&ancestorOrigins=null&random=1357832092776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=1&gdpr_consent=li&rnd=3971650790327661404&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI8P4Ke4DWgw66Sw%26exch_seat%3D20035004448%26mt_aid%3D3971650790327661404%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_cid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
2243820087895d7efefb9c3bd80962838ec53736d9175d9c7ccbae112f60d364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
69037200012273504380390011932002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Sun, 17 Apr 2022 01:24:58 +0200
uten8uck00se
hal9000.redintelligence.net/zone/ Frame 6828 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=1&gdpr_consent=li&rnd=8583336808755049333&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI944K4EsT5w4KsQ%26exch_seat%3D20035004448%26mt_aid%3D8583336808755049333%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_cid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
b68451f8c72b099d252307e2baacf923ad212831d23155bf4cba58469411b62e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3313
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 6828 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8583336808755049333&node_id=2825&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODMzMzY4MDg3NTUwNDkzMzMvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM5V0tzWlJ2WWdsRDZheFJxSEJ0cDAwLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU4MzMzNjgwODc1NTA0OTMzMy9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/wpzJRZq_FQdmqEsVIf__qT5G4ZM&nodeid=2825&group=cdg&auctionid=8583336808755049333&shardkey=8583336808755049333&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:59 GMT
Server
MMBD/3.308.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x48, cdg-bidder-x174
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 17 Apr 2022 00:24:58 GMT
img
pixel.mathtag.com/event/ Frame 6828 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8583336808755049333&v3=1129274&v4=11142481&v5=10406292&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODMzMzY4MDg3NTUwNDkzMzMvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM5V0tzWlJ2WWdsRDZheFJxSEJ0cDAwLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU4MzMzNjgwODc1NTA0OTMzMy9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/wpzJRZq_FQdmqEsVIf__qT5G4ZM&nodeid=2825&group=cdg&auctionid=8583336808755049333&shardkey=8583336808755049333&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-210.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master cdg-pixel-x13 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
MT3 4281 354de82 master cdg-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 17 Apr 2022 00:24:57 GMT
img
tags.mathtag.com/event/ Frame 6828 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8583336808755049333&st=11142481&time=1650155098&nodeid=2825
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTlRjeE1UazJNMlV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODMzMzY4MDg3NTUwNDkzMzMvMTA0MDYyOTIvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM5V0tzWlJ2WWdsRDZheFJxSEJ0cDAwLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU4MzMzNjgwODc1NTA0OTMzMy9hbXMvMC85NTI1LzQxLzk5OS8yNTgvMmEwMjo2ZWEwOmM3MWI6Oi8wLjAwMC8xNjUwMTU1MDk3LzE2NTAxNjc2OTcvNC9wdWItOTg3ODgzMjM4NjIyMzY4My8/wpzJRZq_FQdmqEsVIf__qT5G4ZM&nodeid=2825&group=cdg&auctionid=8583336808755049333&shardkey=8583336808755049333&sid=11142481&cid=10406292&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.61&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.308.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:59 GMT
Server
MMBD/3.308.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x31, cdg-bidder-x174
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 17 Apr 2022 00:24:58 GMT
request_content.php
hal90002.redintelligence.net/ Frame C1B0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=16b4e59741&subid=&uid=081cbe1ebae85c21&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI8P4Ke4DWgw66Sw%26exch_seat%3D20035004448%26mt_aid%3D3971650790327661404%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_cid%3D0fc6625b-5e5a-4b01-81c8-bae20e582311%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCDK-XWV5bYr2oIN2Fx_APzYOHiA7Ph46bXMCG2YLGAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzyAEJqAMBqgS8AU_QIu_Tppv79OwHmiT98HC80JupzGhNsziFS8yC2OdJXRC9svc1_-ZL_prcSPBJVeOA-vWe5AIeqk2uQlbYFf1r8e3d-X0IWHnvBH3NFKXrFvJ5WpBfAWjBzDwun_x9NgwzDW9zOFgFTk9kexwDVUQ9jbcHOSlR7ZvBm0u2kdnsJ-5-9ifPKIxIqLJIsU2SOqBBbLHmtDrrVuelC5VrLB67ic7K2myGsdCfRzGNINTtewrIsVu5p-Ay4dc-gAbB186O1p6j5nugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2lDj3bu9n-af457_ZVV3LJhCh0-Q%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fnpa%3D1%26client%3Dca-pub-9878832386223683%26output%3Dhtml%26h%3D280%26slotname%3D7628472412%26adk%3D2324414275%26adf%3D2198289079%26pi%3Dt.ma~as.7628472412%26w%3D336%26lmt%3D1649723718%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fcek.bukaberita.com%252F%26host%3Dca-host-pub-1556223355139109%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650155097485%26bpp%3D1%26bdt%3D292%26idt%3D1%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7932573861304%26frm%3D20%26pv%3D1%26ga_vid%3D564091310.1650155097%26ga_sid%3D1650155097%26ga_hid%3D648349933%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D632%26ady%3D198%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067131%26oid%3D2%26pvsid%3D1653470247667103%26pem%3D869%26tmod%3D1276011560%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26cms%3D1%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DhXmhwoIWC5%26p%3Dhttps%253A%2F%2Fcek.bukaberita.com%26dtd%3D5&ancestorOrigins=null&random=1357832092776&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
48bac6ad89c62a0eb1669163380c1d1262ad175f4e1b27d28b17af381f57aa95

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1421
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Apr 2022 00:24:58 GMT
Expires
Sun, 17 Apr 2022 01:24:58 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 2C0E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b1b2a21be1477b4477a7f23b6a344ac537add4af1ea6042b3d3955d0b4473f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal90004.redintelligence.net/ Frame 6828 		612 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=0c4977d1ff&subid=&uid=c548d8cc89a7bbd1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI944K4EsT5w4KsQ%26exch_seat%3D20035004448%26mt_aid%3D8583336808755049333%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_cid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fnpa%3D1%26client%3Dca-pub-9878832386223683%26output%3Dhtml%26h%3D280%26slotname%3D8832090482%26adk%3D1017603385%26adf%3D4181163231%26pi%3Dt.ma~as.8832090482%26w%3D336%26lmt%3D1649723718%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fcek.bukaberita.com%252F%26host%3Dca-host-pub-1556223355139109%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650155097509%26bpp%3D5%26bdt%3D317%26idt%3D5%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C336x280%26nras%3D1%26correlator%3D7932573861304%26frm%3D20%26pv%3D1%26ga_vid%3D564091310.1650155097%26ga_sid%3D1650155097%26ga_hid%3D648349933%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D632%26ady%3D630%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067131%26oid%3D2%26pvsid%3D1653470247667103%26pem%3D869%26tmod%3D1276011560%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DU4g9VdfSLJ%26p%3Dhttps%253A%2F%2Fcek.bukaberita.com%26dtd%3D7&ancestorOrigins=null&random=3171170437622&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=1&gdpr_consent=li&rnd=8583336808755049333&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI944K4EsT5w4KsQ%26exch_seat%3D20035004448%26mt_aid%3D8583336808755049333%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_cid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
260bcdf504daa0d258441b3648caedb419b9342f8c90659f4fcbfef7460c62af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Apr 2022 00:24:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
15318800011367304380390011932004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Sun, 17 Apr 2022 01:24:58 +0200
/
track.adform.net/adfscript/ Frame C1B0 		745 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54583810;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fpihvq3q89a9h7hf%3Ftprde%3D
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
868604d7e3b583ff1853f5c8843684e2d626b18cc63418826ec67fa9ceb39a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
548
expires
-1
viewability
hal90002.redintelligence.net/ Frame C1B0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=69037200012273504380390011932002&a=9892e969&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame C1B0 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54583810;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fpihvq3q89a9h7hf%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Apr 2022 04:08:43 GMT
request_content.php
hal90004.redintelligence.net/ Frame E161 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=0c4977d1ff&subid=&uid=c548d8cc89a7bbd1&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlteWQAI944K4EsT5w4KsQ%26exch_seat%3D20035004448%26mt_aid%3D8583336808755049333%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_cid%3D10c6625b-5e5a-4601-8aa4-ca99f1af8360%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC0DtDWV5bYt7hIM-B7gPEtLfQAc-HjptcwIbZgsYCwI23ARABIABglYKAgLAHggEXY2EtcHViLTk4Nzg4MzIzODYyMjM2ODPIAQmoAwGqBLwBT9CX93hf2uYc863p9eGxLqrqsv0OPUCydecQd0HPM_vae72NNo0_9abHNui_5HSO8KDG5CxJam1Aef70x_huPTvcv_jDiZVxny3TVr0-sAOjtRUYFfGT-aXNCIs0rzk4J9PPNiW2uEESqTbpUxuayNNf66Ta7ueSpORGtUSozxHpZ0iLx20sOeSJf6dZ4taRmhHyv7v4VNoxqcmkhWAhJXCCPMb3xUoh5XNW8mDqv1wG9Wifbc4tDPgNN-WABsHXzo7WnqPme6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0cchR3d0p3NOV2JmLomMPLoQ6sfw%2526client%253Dca-pub-9878832386223683%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fnpa%3D1%26client%3Dca-pub-9878832386223683%26output%3Dhtml%26h%3D280%26slotname%3D8832090482%26adk%3D1017603385%26adf%3D4181163231%26pi%3Dt.ma~as.8832090482%26w%3D336%26lmt%3D1649723718%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fcek.bukaberita.com%252F%26host%3Dca-host-pub-1556223355139109%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1650155097509%26bpp%3D5%26bdt%3D317%26idt%3D5%26shv%3Dr20220413%26mjsv%3Dm202204140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C336x280%26nras%3D1%26correlator%3D7932573861304%26frm%3D20%26pv%3D1%26ga_vid%3D564091310.1650155097%26ga_sid%3D1650155097%26ga_hid%3D648349933%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D632%26ady%3D630%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067131%26oid%3D2%26pvsid%3D1653470247667103%26pem%3D869%26tmod%3D1276011560%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DU4g9VdfSLJ%26p%3Dhttps%253A%2F%2Fcek.bukaberita.com%26dtd%3D7&ancestorOrigins=null&random=3171170437622&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8a4c9741ef220715e40f19e807cf8073ab6991038650e279689a9f1974246a49

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1419
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Apr 2022 00:24:58 GMT
Expires
Sun, 17 Apr 2022 01:24:58 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 6828 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c55d0da43a79f1c16a6ca573be83526d474713c5a69c6b08b527c8dc584df765

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame E161 		740 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54583803;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fpu4j6hkg3488qh4%3Ftprde%3D
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ad7c4abf57652bc2eca4af364b9bb54bbeac82c043c94ff46b3f42ea1b12e66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
543
expires
-1
viewability
hal90004.redintelligence.net/ Frame E161 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=15318800011367304380390011932004&a=6ab1daef&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:58 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E161 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54583803;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fpu4j6hkg3488qh4%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Apr 2022 04:08:43 GMT
/
track.adform.net/adfserve/ Frame C1B0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54583810;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fpihvq3q89a9h7hf%3Ftprde%3D;js=1;adfxid=1x;4306;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fcek.bukaberita.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
81e329320a6f0d76c07eebf26a428d5bf89d9dd19e4feba2263aa28b996534de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2016
expires
-1
/
track.adform.net/adfserve/ Frame E161 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=54583803;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fpu4j6hkg3488qh4%3Ftprde%3D;js=1;adfxid=1x;3284;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fcek.bukaberita.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b05f4c077130ec908c4486422f66838a7cfc600aec703dfdf4c4fa0488ae6157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2009
expires
-1
truncated
/ Frame C1B0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame E161 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 178A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsdXvCWL8psn497-Ky8lZbJzCzd06Ie7YqOIMtd9p7G3-C6Bewgn760Cec-qb9oX2vIwH62n9GuYo2MJQstk-u&sig=Cg0ArKJSzHjIt0-B7Ca_EAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1922151930&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650155097523&rpt=223&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 762B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AiTsTijbzzX2WIk7e3fLZzCLpGfiMCoYhf1_pUxyDjd1U78gWh1eKhBhGQHcpJqqxgoQIJRVxDJqGZ-5mBb6FixDx45nDHZtNJ1ONvpBTyCJV5POwfO3vaCb6HGnD-C8qP9Q0sA0vmwUCDZTNg6Cfi-LSHDdlDG3_eqJkWwAB0XZFMpRR7PNWy10haPavmxviPY-_e2GPxY5uCZlaLKfhnrt4dkLILdR2VvY-JN7cDxJeF8vVlqkACtHEOfrBUKhsRhM6_Q-F5W_p-4S&sds=2&rev=81123&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlteWQAIRVsK4DGZAApkGrOcs9CyW38pljy7Ig&u=%7Ce%2FAcxltV4nHoytHZMxB3dP99%2FSIl5kV3ZVMPpJ3256U%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wcohA0vLtSERka47-lxfUC78eoUneFgASM4BGMztCV5R6SdKbgZVpgPO3NWDVAMY7WKThlkerK_gfZGHGXvk9gjtoq5hzC106_kmnZ209bkvJzOjuWqYFrvAQkryjXNmbYXSuRb0-5JjnbTwO3karsdT7Vw5el3o0DmekIaI1qbASoIeW2B60DagFkiPJuT4s0ZkkUW4bIR_tKSTp8nS9y39shIekGwFlDYVDobsZkYSGLJvIGX77Im2KoQNCogvlx7NQmvj6pWo2NASvJldW0eSZAp6qxKyOn1n_u0CIgflRCmeha7pAqmy7dXQLmsSJ8GiA70h1uh5ZyHruTZAd6H0FudNVpoZlzAXzvhJc6F6_vDFr-GWUmaCcT9qX9PT95HcdQUh7NVVtBWDY9SPlrR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC66jvWV5bYtuKIZnjgAeayKkQyZ7SsVzVnZH3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05ODc4ODMyMzg2MjIzNjgzoAHVttLqA8gBCakCX_01J_cksj6oAwGqBLsBT9CPfSftFC6IJUOZZnKadgHNvrCzZCovdeZwwcEUdtaV7xckgPS_iK9FqP4dq5a7B4ECqfDp9Xt9LDuSc5tDZshC3uZzJKidf7_3CinqPi8hl6JpGpWEW-kJtKz_wUjOsMOOUClaa2bJDr8cBlvDpuspm4t-NxkVgihMfH8UL4fm5KVMKz0aVIFRLfKxfK42VJ5favLUmoQpQFZSfOd8Qsl2oHU8go1DIt1yH1JbDQOJ3V8Tj3cZ1fuQ3YAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_25r8aqmGcUgsLtlNQkpi5Vy6QxDA%26client%3Dca-pub-9878832386223683%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Apr 2022 00:24:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame C1B0 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Apr 2022 04:09:43 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame E161 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 18 Apr 2022 04:09:43 GMT
/
track.adform.net/csimpr/ Frame C1B0 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54583810&csi=xm2TLFaFxvKEDPkG-7KXS0GFcldmoBUrKiMPUVEJZ6frygPkIxxfkzvBeEynusTCG7uXEWU89YTRQfwChc1PE96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90002.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90002.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame E161 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54583803&csi=Ca_4BOs0ZhxU2DszwQrMizH7eybyvO28KiMPUVEJZ6frygPkIxxfkw4l2PBnH_L-l68fseWffkEBfOX8URa_3t6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90004.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90004.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
10999340.js
s1.adform.net/Banners/Elements/Files/160090/10999340/ Frame 31C2 		105 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/10999340.js?ADFassetID=10999340&bv=258
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
31a9d9db5034787039dea20df50ae395863fe409517c96739f6ffc7ab8287717
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
W/"622b2576-1a590"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
10999322.js
s1.adform.net/Banners/Elements/Files/160090/10999322/ Frame 4833 		105 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/10999322.js?ADFassetID=10999322&bv=258
Requested by
Host: cek.bukaberita.com
URL: https://cek.bukaberita.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ef9726a329bab863c4a956d5c23b32ab54c220a4a185690ad9d92eb167b7a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 10:33:20 GMT
server
nginx
etag
W/"622b2570-1a578"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 31C2 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:38 GMT
server
nginx
etag
W/"609e6e9a-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Enabler.js
s0.2mdn.net/ads/studio/ Frame 31C2 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Apr 2022 00:32:45 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 4833 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:58 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:38 GMT
server
nginx
etag
W/"609e6e9a-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Enabler.js
s0.2mdn.net/ads/studio/ Frame 4833 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Apr 2022 00:32:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed6d66d5d1a86bf5d2c209f62f8f45fcef082ec00ddf531cbb542f9c9b935df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Apr 2022 00:24:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10635
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9878832386223683&plah=cek.bukaberita.com&bust=31067131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Apr 2022 00:24:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6252
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Apr 2022 22:40:47 GMT
expires
Sun, 16 Apr 2023 22:40:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AC36 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fe14c551ea5b4d76fd84ace574b579add749ab0381b909a69df8fa728230c0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nYsBSEm2RFWz0g9xoUWtxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cek.bukaberita.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-nYsBSEm2RFWz0g9xoUWtxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 00:24:59 GMT
expires
Sun, 17 Apr 2022 00:24:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame 6E95 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 17:56:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
109697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 17:56:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AC36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=1653470247667103&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6E95 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BazHIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:24:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C0E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmGEU0AH2CwGFejVI4wOtEhYMN7bz3qhtdAs4FlFox16loYi-MFJBNd7bx1Z4Cmrdqwxnr0KnW-fVAMqXzb08JFw&sig=Cg0ArKJSzMzVVqfvF8i9EAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=2324414275&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650155097491&rpt=967&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90002.redintelligence.net/ Frame C1B0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=69037200012273504380390011932002&a=9892e969&vb=v
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=69037200012273504380390011932002&a=a9707169
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 6828 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNaLSzvkcLaxm9HzcXMF21MSds0OcPuwiPcgS10MU3x2qMFUMn-tTAI4jAQr1lASewoo0c-_kg7o8tAB36UAjAyQ&sig=Cg0ArKJSzLXsKeLHyliyEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1017603385&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650155097516&rpt=1080&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:24:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90004.redintelligence.net/ Frame E161 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=15318800011367304380390011932004&a=6ab1daef&vb=v
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=15318800011367304380390011932004&a=1407a5b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 00:24:59 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=1653470247667103&bg=!_f6l_rrNAAZvJBiFTyQ7ACkAdvg8WjtwEV2g7zBRDY7tqq7-yA6rARPwZ_vV_4yJoSDvO1D2j5T-sAIAAABQUgAAAAJoAQcKACZaM94TFyxrwTbasTyiT1oJjdQgx1S_8BV0ayw5Og3RyDuj4yAbC5kCqHFrDnwUYLw0IiuPYBpPbvxtOWnv-9-jCT7PFfck6YtPCOTZsNqKHqqXMA5fzlUTkSAmNktUy0jAC0JdYcJXvd4NSOogvdRcxIj7cqGuB9kJp6JGVfz-1w_hy9Wks9iA0_lBmjkCsqnHymQjIcN8ttTSDpv2p0txl1xqlqvWuRAy_90Ph1N7YgD6tsNQYeCTvenNKOX-_5vCp8jcfCk2VliQ25ITfIfOmlVBt9XQ9QHNQPHEpIT004_ziG59uWFNXj8nJQUuNLVg9NIFL4Cqv_skKClayASmfF1yM1g4au6DP0NqeFC_wdNzLX13EisfJxAiQPRRcE2PDgb3Mt58gazpCJLZIVN_SFqPzdsGwTbzOpjMlmhtD4UPtWfbhgselOAy_uJloe7LFgKzj-9BG5sVUqikf8yp-56Ff807LW8tac1kvSBCCs3tNUMW1pspTdxABGhFb8E5FND5hwNYz-6fiwQJfSp2lTBiOF4hnhRrmY3vTnT6JWX266KASDtVT9ZSAi399F-IW3tJTuMfmgPPXZbMAACwXLIG1k61XRvUmEANnsozWmreJ-pSDpE56Ezk0ODUS0mgPLU-_w5cZi03tMffHQQ4ES_lxkTh1YuMSW5dIith1LiwMSEE337_MfV02WcDWjclSHIvjQbHEvuLumqL_qJ_i_d7kvhujWeVhVln7BJUvx76O0JiWXJM78NmPkIIg2JgHyxnREfNYEEOsw8vT9wlTtCa42c6OcdvI-dBwOsu-elclw8ydh-vYewY9Nm-MrD2a0qPbHfuACpHunFm1kG5_Fi6jgJWVqy5UWzRPTMpaN1c2b1e7W3XG4HO76xKJsZCtLjc4Ifb-g2EaE6Krc4vHJYhvNn5100uvWO95TMs6ISTxY-FxtkoP8V4DkI3BIFp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cek.bukaberita.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
/
track.adform.net/serving/unload/ Frame C1B0 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6882406042282107901@@54583810,3389512530883929681,99|1099|0|0|0|0|0|0|0||53|1|||||1|0|0|hGE4xj7ydytcPlakbYq96f3xElMQKpPJRsxd4nS7VJg2IOXi2Zotj_L_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90002.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:25:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90002.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E161 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5419439813821906576@@54583803,1517115396179959446,100|1200|0|0|0|0|0|0|0||59|1|||||1|0|0|BNXvtPxkdUFcPlakbYq96cIpebE5gnpG6USMNhXBimZA3C4UUoSDDfL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90004.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Apr 2022 00:25:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90004.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cta2.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/cta2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-1788"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6024
yellowtext.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/yellowtext.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ad53478fce8c2a557a66c44e2ee58c3b784ab8f8c94ac0725f35a01492eb6518
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-3210"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
12816
t.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/t.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-2588"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9608
badges.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/badges.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fe693718caee42a00814b122bc3ad7b98d4432004522755e808d1c273a8ca0de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:23 GMT
server
nginx
etag
"622b2573-1687"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5767
text_1.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/text_1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-186b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6251
logo2.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/logo2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0c8ab0c6681a22d510d8c160fd774a5e290a50c77fd0d2008b7e3bbcb0625ee5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-2386"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9094
pic.jpg
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/pic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
791c62c77db9b8a6820812a6e16e915f9502137f510a36228d69f7ee353c4ef1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:23 GMT
server
nginx
etag
"622b2573-6938"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
26936
logo1.png
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/logo1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-371a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
14106
bg.jpg
s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/ Frame 31C2 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999340/bvpath_258/bg.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
43265755803fb71a6973a294e82d49478ef21ff36848b47535c2da61413de767
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:26 GMT
server
nginx
etag
"622b2576-15ad"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
5549
cta2.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/cta2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:17 GMT
server
nginx
etag
"622b256d-1788"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6024
yellowtext.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/yellowtext.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0f3fd0ed90baa4ff0c2a2d85c05154a32a9e8cb1d5e3d254dfde552f1dfc18df
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:21 GMT
server
nginx
etag
"622b2571-360a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13834
t.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/t.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:20 GMT
server
nginx
etag
"622b2570-2588"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9608
badges.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/badges.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8fb6affc01bf27eadca684fb07fa0229dad3fa641b355fb344da2313c228c783
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:17 GMT
server
nginx
etag
"622b256d-3287"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
12935
text_1.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/text_1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:17 GMT
server
nginx
etag
"622b256d-186b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6251
logo2.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/logo2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44f6695c51586cc0b4a547993c48a26f782854827d7def03baae806268fd2596
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:20 GMT
server
nginx
etag
"622b2570-2441"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9281
pic.jpg
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/pic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a269d42d95b2870e7d8f4d657ea60cfa7f726b0e0987a4e2aab7d4ba0706eec2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:21 GMT
server
nginx
etag
"622b2571-ca2c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
51756
logo1.png
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/logo1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:21 GMT
server
nginx
etag
"622b2571-371a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
14106
bg.jpg
s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/ Frame 4833 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10999322/bvpath_258/bg.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
43265755803fb71a6973a294e82d49478ef21ff36848b47535c2da61413de767
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:25:01 GMT
last-modified
Fri, 11 Mar 2022 10:33:20 GMT
server
nginx
etag
"622b2570-15ad"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
5549

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots string| google_user_agent_client_hint function| google_sa_impl function| loadCSS function| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| google_lpabyc function| closeModal function| openModal function| WhatsApp object| reg function| toggleVideo number| containerHeight number| x object| accordion function| WOW function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| multiTg object| googletag object| GoogleGcLKhOms

6 Cookies

Domain/Path Name / Value
.bukaberita.com/ Name: __gads
Value: ID=cf6a51ebe500b08c-22ee57be77cd0035:T=1650155097:RT=1650155097:S=ALNI_MYKZrML55lX8TgoidqCJK3sxHqCPA
.doubleclick.net/ Name: IDE
Value: AHWqTUk0qNnIKmZ864eJACUMuAVOK2JFuc6O1rwZ34UUuOKlZuzIsno5WnFYT6xgntA
.mathtag.com/ Name: uuid
Value: 10c6625b-5e5a-4601-8aa4-ca99f1af8360
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5419439813821906576
.adform.net/ Name: TPC
Value: 1650155098716

1 Console Messages

Source Level URL
Text
network error URL: https://static.criteo.net/design/dt/90764/220415/1a8a9bfb5ec440129392e4a99020418b_image_ad_336x280.jpeg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cek.bukaberita.com
csm.eu.criteo.net
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
hal90004.redintelligence.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
rtb.nl.eu.criteo.com
s0.2mdn.net
s1.adform.net
static.criteo.net
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
www.blogger.com
www.google.com
www.googletagservices.com
138.201.63.116
142.250.186.98
178.250.0.162
178.250.2.148
23.35.228.210
2606:4700::6812:acf
2a00:1450:4001:800::2004
2a00:1450:4001:809::2013
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2009
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
37.157.2.249
37.157.4.29
46.4.10.47
74.121.143.246
94.130.102.164
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03c65effad542b3debc9401840fbb61ac428834ea93260da4b1aaa9d7cf54451
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c7d9c62a4f68af0ce5a92f5f66045dc00d5113a080e4cde4587a3ac45fde40
0c8ab0c6681a22d510d8c160fd774a5e290a50c77fd0d2008b7e3bbcb0625ee5
0f3fd0ed90baa4ff0c2a2d85c05154a32a9e8cb1d5e3d254dfde552f1dfc18df
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cff68d252472b6d6aea7476615c26764dc19106d1662b52a6c42613a39ced51
1fe14c551ea5b4d76fd84ace574b579add749ab0381b909a69df8fa728230c0c
2243820087895d7efefb9c3bd80962838ec53736d9175d9c7ccbae112f60d364
255469b359ed2338fe4088ba8c5535ca136ba74eb0e8d112d4e23af5a831b676
260bcdf504daa0d258441b3648caedb419b9342f8c90659f4fcbfef7460c62af
26f0efa7e70db94c77ca165852c845c7821053cf6d580a637de0a246f7589a91
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
31a9d9db5034787039dea20df50ae395863fe409517c96739f6ffc7ab8287717
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
360acf601e885590aa305b9e9a2b5a460397c1f7cc367ee03181f217ba69d454
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
43265755803fb71a6973a294e82d49478ef21ff36848b47535c2da61413de767
44f6695c51586cc0b4a547993c48a26f782854827d7def03baae806268fd2596
48bac6ad89c62a0eb1669163380c1d1262ad175f4e1b27d28b17af381f57aa95
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4c7977c3be0d51567f87014fd3ec84752dcbabcd01a7a189b700dbfd7bcfd815
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
72bf5888f5929c5c158dd551cc83d19ba4d77fd678e96999aeff7c7d5ccb69f4
791c62c77db9b8a6820812a6e16e915f9502137f510a36228d69f7ee353c4ef1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1b2a21be1477b4477a7f23b6a344ac537add4af1ea6042b3d3955d0b4473f1
81e329320a6f0d76c07eebf26a428d5bf89d9dd19e4feba2263aa28b996534de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842fcbd008378fca6e033eca2004b5547bfecd1dde673ba476325c23d23768f2
868604d7e3b583ff1853f5c8843684e2d626b18cc63418826ec67fa9ceb39a2e
8a4c9741ef220715e40f19e807cf8073ab6991038650e279689a9f1974246a49
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fb6affc01bf27eadca684fb07fa0229dad3fa641b355fb344da2313c228c783
93984adff71c5720735c377ebbb184f0ad5e6f9b355b41680034679a1957291d
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
a038cf8122c3c8ab03e33d347f49d42cbd0a4f8164e64868b4d12998db3fb15a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a269d42d95b2870e7d8f4d657ea60cfa7f726b0e0987a4e2aab7d4ba0706eec2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac550f882b1eddc84ad4a11743561c4e200963eb9f4fd2526fd614951c6b981e
ad53478fce8c2a557a66c44e2ee58c3b784ab8f8c94ac0725f35a01492eb6518
ad7c4abf57652bc2eca4af364b9bb54bbeac82c043c94ff46b3f42ea1b12e66b
b05f4c077130ec908c4486422f66838a7cfc600aec703dfdf4c4fa0488ae6157
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ae842d198676f7c61f6a27d17956ae80f4eb681a4c6bc1228ef7a50e35f914
b5b36997df9e0a27607646998ba8f1f486adcf999cfcc16e01dd1024fdf00902
b68451f8c72b099d252307e2baacf923ad212831d23155bf4cba58469411b62e
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c55d0da43a79f1c16a6ca573be83526d474713c5a69c6b08b527c8dc584df765
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae920615f4109a1529b43459843820fa66bdcf1a17332e91e96063f18d30dcc
eb7eb8d3f5c604927ea14ede72119b64e8795af4ad671aeb5ac772f2663e90a5
ed6d66d5d1a86bf5d2c209f62f8f45fcef082ec00ddf531cbb542f9c9b935df9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9726a329bab863c4a956d5c23b32ab54c220a4a185690ad9d92eb167b7a3c6
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f83163eff5b71d6c2076ad6cde039910a02afbadfe269da9e58471feae662bfd
fe693718caee42a00814b122bc3ad7b98d4432004522755e808d1c273a8ca0de