urlscan.io logo urlscan.io
SecurityTrails logo

skuy.beritaandroid.com Open in urlscan Pro
216.239.34.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://skuy.beritaandroid.com/
Effective URL: https://skuy.beritaandroid.com/
Submission: On February 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 1 countries across 14 domains to perform 63 HTTP transactions. The main IP is 216.239.34.21, located in United States and belongs to GOOGLE, US. The main domain is skuy.beritaandroid.com.
TLS certificate: Issued by GTS CA 1D4 on January 31st 2023. Valid for: 3 months.
This is the only time skuy.beritaandroid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net
skuy.beritaandroid.com
2    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
skuy.beritaandroid.com
1    2607:f8b0:4006:824::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2607:f8b0:4006:80f::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
2    2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2607:f8b0:4006:81e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2607:f8b0:4006:816::2009 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
5    2607:f8b0:4006:81c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:80f::2002 (None, )

ASN- ()
partner.googleadservices.com
5    2607:f8b0:4006:81e::2001 (None, )

ASN- ()
tpc.googlesyndication.com
1    2607:f8b0:4006:808::2004 (None, )

ASN- ()
www.google.com
4    2607:f8b0:4006:80c::200e (None, )

ASN- ()
fundingchoicesmessages.google.com
1    2607:f8b0:4006:817::2002 (None, )

ASN- ()
www.googletagservices.com
1    2620:100:a001::3 (None, )

ASN- ()
rtb.va.us.criteo.com
1    2620:100:a001::24 (None, )

ASN- ()
ads.us.criteo.com
11    2620:100:a001::4 (None, )

ASN- ()
static.criteo.net
1    74.119.119.147 (None, )

ASN- ()
cat.va.us.criteo.com
3    2620:100:a001::a (None, )

ASN- ()
pix.us.criteo.net
1    2620:100:a001::16 (None, )

ASN- ()
csm.us.criteo.net
Domain Requested by
11 static.criteo.net ads.us.criteo.com
static.criteo.net
8 pagead2.googlesyndication.com skuy.beritaandroid.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 apis.google.com skuy.beritaandroid.com
apis.google.com
www.blogger.com
4 blogger.googleusercontent.com skuy.beritaandroid.com
3 pix.us.criteo.net ads.us.criteo.com
3 skuy.beritaandroid.com 1 redirects skuy.beritaandroid.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.blogger.com skuy.beritaandroid.com
apis.google.com
2 fonts.gstatic.com skuy.beritaandroid.com
1 csm.us.criteo.net ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 ads.us.criteo.com googleads.g.doubleclick.net
1 rtb.va.us.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net skuy.beritaandroid.com
1 www.googletagmanager.com skuy.beritaandroid.com
63 22

This site contains no links.

Subject Issuer Validity Valid
skuy.beritaandroid.com
GTS CA 1D4		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-21 -
2023-05-23		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-16 -
2023-05-14		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-16 -
2023-04-19		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://skuy.beritaandroid.com/
Frame ID: 565982ECA22EC7DCBA363F5F3AEE3357
Requests: 30 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7044809676465714049&blogName=SKUY.COM+-+BERITA+KEKINIAN&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://skuy.beritaandroid.com/search&blogLocale=in&v=2&homepageUrl=https://skuy.beritaandroid.com/&vt=-5494332715166724150&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
Frame ID: EE0D84AA0DC9AF3AF7E3AC73680E63AD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: 43018B493C2A0E844B1DFD0141DC9261
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&adk=1812271804&adf=3025194257&lmt=1674911577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309192&bpp=5&bdt=3646&idt=153&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=714786808613&frm=20&pv=2&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: 44DDEB08105D471D3DE1A059E2C62509
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Frame ID: 66019433DE00AD1AD2C3B5757672BC84
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=600&slotname=5251758531&adk=1490496867&adf=1444121022&pi=t.ma~as.5251758531&w=300&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=300x600&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309200&bpp=1&bdt=3653&idt=199&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C756x280&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wB55lKKa2G&p=https%3A//skuy.beritaandroid.com&dtd=202
Frame ID: 18D5AF479EEF2BBCF6B2E2CF2B4B33B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD066E46A39641C24AFD4D0DFDFD1BEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D47678F3E97B6E2F987405D32DCFC75E
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Frame ID: A8D3F3B27D301036A614ADAA14D45014
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SKUY.COM - BERITA KEKINIAN

Page URL History Show full URLs

  1. http://skuy.beritaandroid.com/ HTTP 301
    https://skuy.beritaandroid.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

63
Requests

98 %
HTTPS

86 %
IPv6

14
Domains

22
Subdomains

22
IPs

1
Countries

975 kB
Transfer

2287 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://skuy.beritaandroid.com/ HTTP 301
    https://skuy.beritaandroid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
skuy.beritaandroid.com/
Redirect Chain
  • http://skuy.beritaandroid.com/
  • https://skuy.beritaandroid.com/
167 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
GSE /
Resource Hash
b3eecffd16586b8bcc1666708fbc253cac61a60b0abed64b6e4f7b9396f5d98e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
39481
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 03:18:25 GMT
etag
W/"f93ead5be659ec2bf9334b61b78ec7ce715f9bed505e58e86e863f5c28f9b239"
expires
Tue, 28 Feb 2023 03:18:25 GMT
last-modified
Sat, 28 Jan 2023 13:12:57 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
178
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 03:18:25 GMT
Expires
Tue, 28 Feb 2023 03:18:25 GMT
Location
https://skuy.beritaandroid.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-250875990-1
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0a8d09d1a304f95db44b874019d504cea0988cf40baa1a0aedf3be9c61833a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44494
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Feb 2023 03:18:25 GMT
index.min.js
cdn.jsdelivr.net/npm/blogspot-clickfraud@0.0.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/blogspot-clickfraud@0.0.4/index.min.js
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40341d8a8325fc62107e85aad230746daebf26975b3333b4b0a5ce183bb8e77a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 03:18:25 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
500192
x-jsd-version
0.0.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1782
x-served-by
cache-fra-eddf8230095-FRA, cache-ewr18175-EWR
x-jsd-version-type
version
etag
W/"1234-vZMRwVF1idEQjgevzqrjtwVK6LI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
AVvXsEibdCAgW6Mn4BHBiu1TcXCKO-BOU7jnicJcRK_QXZ2W0YX853-65sr9scVC-TVJXpDE-PoQJgXPYMJomhmbYtfxM0tG4Mts_27Ws7v_I6ZEQQ3LlWTi0Sd6ZLwXmdwB_09lXq9xdFGrfFOsL_yMYaflo35PzVNZlMLsNg9KtNgKD7GA695tOANcodaj=w250
blogger.googleusercontent.com/img/a/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEibdCAgW6Mn4BHBiu1TcXCKO-BOU7jnicJcRK_QXZ2W0YX853-65sr9scVC-TVJXpDE-PoQJgXPYMJomhmbYtfxM0tG4Mts_27Ws7v_I6ZEQQ3LlWTi0Sd6ZLwXmdwB_09lXq9xdFGrfFOsL_yMYaflo35PzVNZlMLsNg9KtNgKD7GA695tOANcodaj=w250
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
11e4879219e6c4ae69fb9046efd9eaafb937bfcf8acb16eaa26ad32551a2da4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v18a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Web_capture_5-11-2022_104338_www.canva.com-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11413
x-xss-protection
0
expires
Wed, 01 Mar 2023 03:18:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Origin
https://skuy.beritaandroid.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 10:06:07 GMT
x-content-type-options
nosniff
age
407538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15736
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 10:06:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Origin
https://skuy.beritaandroid.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:12:58 GMT
x-content-type-options
nosniff
age
385527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15816
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 16:12:58 GMT
3%20Strategi%20Bisnis%20Digital%20di%20Indonesia%20yang%20Terbukti%20Ampuh.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghrmAfeDGgTXBN7Drt1E2pNWienarR4YDC-HfAEiY5DHYEuKMA50l_25EtG-2iFvEHjZYkUJ15w0uOdZ-36jOxFdMYNyNAIxZosaR4fF1f7ByInMlT25nFh5GjqozBdPTufKoJGlqDkPCr8sQ9... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghrmAfeDGgTXBN7Drt1E2pNWienarR4YDC-HfAEiY5DHYEuKMA50l_25EtG-2iFvEHjZYkUJ15w0uOdZ-36jOxFdMYNyNAIxZosaR4fF1f7ByInMlT25nFh5GjqozBdPTufKoJGlqDkPCr8sQ9wR0CEBVmMBthE1vLHt6460zpcZ1LfyWwxHNqMexU8A/w400-h400-p-k-no-nu/3%20Strategi%20Bisnis%20Digital%20di%20Indonesia%20yang%20Terbukti%20Ampuh.png
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02e97abec8819b9f3b360a8e809964955ed527452e476f9d3d830f34efccd162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:26 GMT
x-content-type-options
nosniff
server
fife
etag
"vb17"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3 Strategi Bisnis Digital di Indonesia yang Terbukti Ampuh.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12102
x-xss-protection
0
expires
Wed, 01 Mar 2023 03:18:26 GMT
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
/
skuy.beritaandroid.com/feeds/posts/summary/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skuy.beritaandroid.com/feeds/posts/summary/?max-results=10&alt=json-in-script&callback=artikelterbaru
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
blogger-renderd /
Resource Hash
bd8f8d68036591c3c4b0edd683b9eb666c0812e776d482daeba3e1a7b5e9e7a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 28 Jan 2023 13:12:57 GMT
server
blogger-renderd
etag
W/"732da6831acd5e667ffe50c47b12256d817fb0b62c12cd9ae72224aea21e5a05"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1991
x-xss-protection
0
expires
Tue, 28 Feb 2023 03:18:26 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d68890ba4c6bfa2417c5b97ab63489256913dcae1f94f232204b05d8fa4f5b1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 03:18:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"03884666a30c671f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:18:25 GMT
3455050996-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3455050996-widgets.js
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8949bc9ccc884e72a4e01641de6d291b7a41110106c790b1ed95332a58dacfad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 03:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56850
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 01:50:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 27 Feb 2024 03:55:25 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-250875990-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 02:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1861
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 28 Feb 2023 04:47:24 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=761091388&t=pageview&_s=1&dl=https%3A%2F%2Fskuy.beritaandroid.com%2F&ul=en-us&de=UTF-8&dt=SKUY.COM%20-%20BERITA%20KEKINIAN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2072975989&gjid=1496355615&cid=1386258489.1677554306&tid=UA-250875990-1&_gid=1639112922.1677554306&_r=1&gtm=457e32m0&z=1205690775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://skuy.beritaandroid.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 03:18:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://skuy.beritaandroid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/ 		179 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bf82b74d2ab235f5d6e9fa09d63143dddfc9523dd845306c21bc2b05cff910e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 15:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60741
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Feb 2024 15:52:16 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 15:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 15:06:30 GMT
navbar.g
www.blogger.com/ Frame EE0D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=7044809676465714049&blogName=SKUY.COM+-+BERITA+KEKINIAN&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://skuy.beritaandroid.com/search&blogLocale=in&v=2&homepageUrl=https://skuy.beritaandroid.com/&vt=-5494332715166724150&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2009 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3675035ff598739660e0a439b068a1cd8e0e558e19f268db9dccdb9fcd1f2e2
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2587
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 03:18:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame EE0D 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7044809676465714049&blogName=SKUY.COM+-+BERITA+KEKINIAN&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://skuy.beritaandroid.com/search&blogLocale=in&v=2&homepageUrl=https://skuy.beritaandroid.com/&vt=-5494332715166724150&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e2ae170de91fd88ef5cb157ee21d40358973ea8a71dc656c6b1e2ec73339c3a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 03:18:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21034
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d3f4ddc8d7573522"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:18:26 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/ Frame EE0D 		132 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa600bed093063b43fac4c3b10f1c06bb0ed9da1442b86d5725347f71520ebb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 15:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45340
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Feb 2024 15:52:16 GMT
3%20Strategi%20Bisnis%20Digital%20di%20Indonesia%20yang%20Terbukti%20Ampuh.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghrmAfeDGgTXBN7Drt1E2pNWienarR4YDC-HfAEiY5DHYEuKMA50l_25EtG-2iFvEHjZYkUJ15w0uOdZ-36jOxFdMYNyNAIxZosaR4fF1f7ByInMlT25nFh5GjqozBdPTufKoJGlqDkPCr8sQ9... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghrmAfeDGgTXBN7Drt1E2pNWienarR4YDC-HfAEiY5DHYEuKMA50l_25EtG-2iFvEHjZYkUJ15w0uOdZ-36jOxFdMYNyNAIxZosaR4fF1f7ByInMlT25nFh5GjqozBdPTufKoJGlqDkPCr8sQ9wR0CEBVmMBthE1vLHt6460zpcZ1LfyWwxHNqMexU8A/w400-h400-p-k-no-nu/3%20Strategi%20Bisnis%20Digital%20di%20Indonesia%20yang%20Terbukti%20Ampuh.png
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02e97abec8819b9f3b360a8e809964955ed527452e476f9d3d830f34efccd162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:27 GMT
x-content-type-options
nosniff
server
fife
etag
"vb17"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3 Strategi Bisnis Digital di Indonesia yang Terbukti Ampuh.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12102
x-xss-protection
0
expires
Wed, 01 Mar 2023 03:18:27 GMT
5%20Cara%20Menambah%20Follower%20Instagram%20Untuk%20Bisnis%20Anda.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjvjcGUR7CQySSqFOCPp8f-4ylJAwFRmJKmcdB0BNsMCL5RsqJk0J0nNhFQJo86g3I1BsgyxtXgtBVkqk56ca-SqdmXB3_BhsDpiJp3IrKbulV392QBV6AxNTd5s9kfzIWbJJ4HwXqvXZ3u8Qy... 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjvjcGUR7CQySSqFOCPp8f-4ylJAwFRmJKmcdB0BNsMCL5RsqJk0J0nNhFQJo86g3I1BsgyxtXgtBVkqk56ca-SqdmXB3_BhsDpiJp3IrKbulV392QBV6AxNTd5s9kfzIWbJJ4HwXqvXZ3u8QyaJaVFww4uioW7MjDIkJuTliDp-RIWUKuf5FtbXHWlA/w400-h225-p-k-no-nu/5%20Cara%20Menambah%20Follower%20Instagram%20Untuk%20Bisnis%20Anda.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
298f5f7e4cbde812e8d6b949e4aa082f9742197669ed6372565c9800841505ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:27 GMT
x-content-type-options
nosniff
server
fife
etag
"vb15"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="5 Cara Menambah Follower Instagram Untuk Bisnis Anda.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25426
x-xss-protection
0
expires
Wed, 01 Mar 2023 03:18:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8031091492724388
Requested by
Host: skuy.beritaandroid.com
URL: https://skuy.beritaandroid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ef245320113e01cf526d5c3b0d0eba39f809a8694a5d06c146f3e6a1eff1819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49414
x-xss-protection
0
server
cafe
etag
11925822754089118414
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:18:29 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 		366 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8031091492724388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3c1d5410a08f83b83593a866388d3518ea020048556d19c82de3ebc3d4614ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123263
x-xss-protection
0
server
cafe
etag
4293073755115697365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 03:18:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame 4301 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8031091492724388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
72367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 07:12:22 GMT
etag
2378337311435320485
expires
Mon, 13 Mar 2023 07:12:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		401 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=skuy.beritaandroid.com&callback=_gfp_s_&client=ca-pub-8031091492724388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
46325a422327bf00afadc905a2fa90b1b3c13a94d076fb2b2ac7e5ac7ced9802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=skuy.beritaandroid.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 44DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&adk=1812271804&adf=3025194257&lmt=1674911577&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309192&bpp=5&bdt=3646&idt=153&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=714786808613&frm=20&pv=2&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8d06e64a8fb1bd660a4b952bfc5dde5b62677c1a6059485a9be5b9fc400fe0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5092
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 03:18:29 GMT
expires
Tue, 28 Feb 2023 03:18:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230223&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d583efe145726b87ef4b5b1f77ebbddfedee100f6795d4d7af91ee008fc2a6a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11140
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6601 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77eb242f74367214d02f5251389936511f4d858bdfd7369610a039a58f4b3f8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10261
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 03:18:30 GMT
expires
Tue, 28 Feb 2023 03:18:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 18D5 		436 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=600&slotname=5251758531&adk=1490496867&adf=1444121022&pi=t.ma~as.5251758531&w=300&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=300x600&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309200&bpp=1&bdt=3653&idt=199&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C756x280&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wB55lKKa2G&p=https%3A//skuy.beritaandroid.com&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6a3190425275adc81f76011ea320ba276b20b0ba070d7ebd948067fc014f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 03:18:29 GMT
expires
Tue, 28 Feb 2023 03:18:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 03:18:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD06 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
49881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 13:27:08 GMT
expires
Tue, 27 Feb 2024 13:27:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D476 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
e71429a18f5b1b16eb1237af309e25a0af7aae4e8e4d0096c19dfecbde751790
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ydkFe0h4V-IZbBXshx7cWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skuy.beritaandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ydkFe0h4V-IZbBXshx7cWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 03:18:29 GMT
expires
Tue, 28 Feb 2023 03:18:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame DD06 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
464322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
ca-pub-8031091492724388
fundingchoicesmessages.google.com/i/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8031091492724388?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
9d17e14f2107c7407ed86663fb5177dec4528f10abd5136f17b2fba2c7c205bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rwSimJyFqseHh48-JeN9AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-rwSimJyFqseHh48-JeN9AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1470&su=skuy.beritaandroid.com&d=5000&pvc=2003130188113051&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 03:18:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D476 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230223&jk=2003130188113051&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
AGSKWxXSF94P8hAoePwZY6t_wels7PJQHMo2EEq8qtsY4ghEd1cT0tFWTrHPlxwiGbY7eh5JjrUEBxpHMqryEBPVoWM=
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXSF94P8hAoePwZY6t_wels7PJQHMo2EEq8qtsY4ghEd1cT0tFWTrHPlxwiGbY7eh5JjrUEBxpHMqryEBPVoWM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc3NTU0MzEwLDgxMDAwMDAwXSwiMzczRUE4Q0MtMzYzMy00NzRGLUFDMjMtNzZCMUU3NEJFMDQ4IixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9za3V5LmJlcml0YWFuZHJvaWQuY29tLyIsbnVsbCxbWzgsIkFrTU9fN20xRUZFIl0sWzksImVuLVVTIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.AkMO_7m1EFE.es5.O/d=1/rs=AJlcJMzYWk49Mc2t9t_p2tEX-PdleSztyQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
b5f77c91693e80c687cc0fab214520425df0ebc601d09802e57912ed0e45f189
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tRPXfLgtBG0tEcr3_RfizA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tRPXfLgtBG0tEcr3_RfizA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DD06 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?L2wlcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 6601 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 01:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 01:10:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 6601 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
49890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Mar 2023 13:27:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6601 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 03:18:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6601 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Civ5_hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE1gFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnbVNn4ptTMfthdfsvTYYLwvikAbQ8wWMWQ_xjaA5_7mHVbp6ZiLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDMxMDkxNDkyNzI0Mzg4GAA&sigh=lFw8ojSpQ2w&uach_m=[UACH]&cid=CAQSGwDUE5ym58tWf2Odu9fk4K7rUp-1whRmm-T3AxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Feb 2023 03:18:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Feb 2023 03:18:30 GMT
notify
rtb.va.us.criteo.com/google/auction/ Frame 6601 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOK0C836RPQFmALiIp0XAgAAALmttZ7GZhNbEIVy_WND8w27h_4Gqvm3AAASAAAKDkFRVUJDZ1lCQ2dFQkNn&wp=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
187071
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame A8D3 		120 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
7804a348327a310b3e0e8291894d6b8cf923a49f0198cd7f707c4787afc87427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 03:18:29 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=uzOtJcXu5hCPM_7i2bS9S6SdX58Ta1bmmvt3ytDE68OgU9L4N6-NKUJxZrJGmSCjVLVAFJbVtrW1hDkeDZKbWszIws_O001UNZSSLRk_NJRzsVqn423Rasggj2UHA71EUV0U2TNOOXqtHshIxaqRNLLWY6UT9iACZHNkXBfwBfssLLPrf54DMbNhUec5wU8bAYTOPU7xWA7-xksc08WNzu_18AyEXCxNha3e6bjQyCXtuAbFtrgszj7M1u7OyhLr2LU1jA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
46627946
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 6601 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
832cd6e57a2e075456f2f967a672af3cebf2ba48d3a9f990445d5fbd42ec8c34

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A8D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A8D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A8D3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 03:18:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A8D3 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 03:18:30 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame A8D3 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=EYvmUPSi-6wuDZl1oqp9hlgZl3yzt2fuDE_zTsz1tEsmbQq3bOGVk4Ykf0jFxWZnVYYl0z47X1qwEHsI7dI4-R_pg1tL1cBsn9MbJZA4GsVLLcL4KQB93X6cVkjS7KKDy2-XXfZ5kLDiA69jXZ-CATwVcytqjZfS54gWSXO6a_La6eg9lfFJ_07-GzjMj_Qsk-vAPtIo99pE4MBUb8xiUhqTzbNKmvWPYLlcAZ-Zk-C5phIfj0EDjBCkoJrRk_TS8A_pk3gxxGI5OKyV-rEmm6KSXe53ZbN7WBzUlGkQnNJOMcnEZM9Q_XShhsFg9EL8DegQMrRZr40s3Ivj0kTynCBIaiQbycH58zOGn0R7YmNW9o_EzDLomBA_bnFq-JgSpyQZ90KfHpEIaGDhAhoZvUt0HDv_KmIR0EKLMWznWgOsKhN4
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1894627
expires
Mon, 26 Jul 1997 05:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame A8D3 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame A8D3 		2 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
animejs.js
static.criteo.net/animejs/ Frame A8D3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
img
pix.us.criteo.net/img/ Frame A8D3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=556&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F51260%2F210618%2Ffecbb05ae05040e09ab7760b519211d4_logo_dark.png&v=3&w=380&s=lVQsAiI6EqptFa82VjyCY2hc
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
f4748e5e4e20512c4820e69778a230e607b8974834efba0cb447ad49129aeceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28424510
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8310
expires
Tue, 23 Jan 2024 03:00:21 GMT
img
pix.us.criteo.net/img/ Frame A8D3 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=1200&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F51260%2F210618%2F4c8e8cf7470b416eb2e0d4fb31748e33_img_square_1.jpg&v=3&w=1200&s=zu17pp6jDYEfmWeBJZDSGwWI
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
5e0e4b81dd689cc56a9b57982a949325c5c1911856f494535431fdecd136eaee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27402749
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
134600
expires
Thu, 11 Jan 2024 07:10:59 GMT
img
pix.us.criteo.net/img/ Frame A8D3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fimages.menswearhouse.com%2Fis%2Fimage%2FTMW%2FMWTSP19_WED_PSL_FML_1974_MAIN%3Fwid%3D600%26hei%3D600&v=3&w=400&s=3Ds7DXDO-Z3EzRP10d2TxNKq&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
c20e97c35be14eb6217d31cff298d78987ef5da29e4b4b7b2c82c1030864fcfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5894
expires
Tue, 28 Feb 2023 03:18:30 GMT
all
csm.us.criteo.net/ Frame A8D3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=uzOtJcXu5hCPM_7i2bS9S6SdX58Ta1bmmvt3ytDE68OgU9L4N6-NKUJxZrJGmSCjVLVAFJbVtrW1hDkeDZKbWszIws_O001UNZSSLRk_NJRzsVqn423Rasggj2UHA71EUV0U2TNOOXqtHshIxaqRNLLWY6UT9iACZHNkXBfwBfssLLPrf54DMbNhUec5wU8bAYTOPU7xWA7-xksc08WNzu_18AyEXCxNha3e6bjQyCXtuAbFtrgszj7M1u7OyhLr2LU1jA&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 03:18:30 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A8D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A8D3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_1yhQAKFX4FkUY7AAVbB6H8j3OG50JFnslU8w&u=%7C1lian%2BtCQ5vgofEEhujc2Gr0Pfx%2Bw23KfLRxURwdros%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78n0ZFpVwFrUBuLDMqrboUJYPurgbHDPrSsPDNjjlp7-oHIgQzgolSZKY1rhH5aaDYM12U_yW1rddAEY8ZWRq-bTq9DLNOmWDkMsBFmSvFpsvowynHpcbvRaC_OqJsj3YkgLwJhj-MqNSvhlnIAsVgA6PXJ4SYObJO5dmDjATAVWTi0VWD5MinEmKVvlN8hwaWqrzDUIVlUNraG3cmgeyxC239UCAH27_l3TcYUukb3elXH7XG-R-7iBZ5E8klkwIpyuGFClLnJoaPPOvU27necCsXKi2UDWuhvj8BZTneNObZ0uXRk2B_8ol13fSEaGxQwM5QsHlk-9CNj5l8-oleN2PBGyd_VKGPCgZqjNX3mwTe1IzwEKJaU2lvQ4OiDO4w3u4KW1SRfKYqs3EH7-WhvjEshmsigcNPQL8bP5eSjIi4-zggHZCc4-GF3L7gr0M7s8V4298pBfxy_MqvQmuvmfvn9xTneyyjW2JqiCOYbxr8vttzZkHXLsiTPJiL9zaOXwnufa52T0CxabbiN4-l-R4oOPovJlDrb6Uya0kqzx9tVhTFE4XjjumnaYV2jx9T&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBO7hXL9Y_6qKLuMxdwPh7aVuA6cge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItODAzMTA5MTQ5MjcyNDM4OMgBCagDAaoE2QFP0KDeBYOWpDdCyLUpvSyyi7GzL-MyeRMbRw3SPumiCPOpE-UkG90SumFGMoayZBEVbF3GVDUmiB2ONT2ojNMYlIgYIoxEHGFP9EvNkQMuS770ohuHIyfH6B6ulfP3POAMhfgXd2HCHbcji8s28f9lEvegS9Tsf-jS9UnS55owJOQTdM-Jg4HJC4Kd6al-w4GV2BFw1HPhiZyjjIaqlycmvRD3wJzG_TrgN6O652z9QnaXNF67HsGWttTW33gzGjXsPXwzSuIO9f_MvL9JWeDKBf8_eJhIKnuLgAa0neH0-fbo9ESgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_18lnJjEvmLx73FrUcHLFMtra5ZcQ%26client%3Dca-pub-8031091492724388%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame A8D3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame A8D3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 03:18:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230223&jk=2003130188113051&bg=!RUalRhLNAAZYlHKzeJQ7ADkAdvg8WvsB3YdfN04q6ztDp5ELmMiIKs4SQ9tawzgCciQ2fBf_et6P7hPySdMqcZF0cZxu4XESJ4ECAAABoFIAAAADaAEHCgAXVVUWMvDtRZs8CWXQMJgj9K-NgEZj0zWZAsF91xyIW0jZpIfTtIgKd_5gsUErgT86u8eA4Qr_fzDHNWHk5iYz7IdSaSNHdyH8k3zSrIoiHDzxcHwTm-Akf-fyrTkks791vQ2p3Icc6ODkixmmJEIOibE3Wc4c8Zh9TqjG_Ic763n_JbVc8sFgrkpJe5zTFsl307fPeUp-8HPQGyJgl6p_j0mg3-_AaocymIZ3A9oRTB20kkDyEdyKLsZg6K67WxeeA7iAF90sQFFvbSu0aAKMK1Vaen_SUyAx7zqzQqmkQ33Xmn_HzsbREj7nGRLsbYREPn6TsTM-WDz4Iv9McAwZtKbEcwaQU8C0bxZ8dvNiOny9-Q0ukquXijVdITai2RDJAeW35JHE2pyrkmerx4Iu1J7vLs1HrK9meRapCRCqVXe4em45hfQKbEOfTjVhp8snBy1K7ho3kqw9ipWgssYXJVENPsHRhUcZIO8fWhqvkmEMyfDY6GXmUs6fRYV5r3JP4WkwlRoQa7tfziAyIwMtgnBlUbHwMpqckESxIbgbniwHDT1H0b4uAbBWDSRk3YFVckEpb2HJk6GSnKgAk03Y2NRBuMsOSKXnZGN5Kn7MnzBhBCD6Ul3zYW6HRKg-cne587F0QpyxfQ-t3AqU7w0kVL7Ed2CtetAoCnk2KYcMvvbtQ-SqIb9tyrWIKRuIPyq8s1c6RhikqaCkW4-YUFSjbON666tFKS71JtnWsdrrpJ_igtqnGbCGeFx84KWh9Qj1uqEIqZEIzRQRK6fTZNrcqq5vNZ6XE3MnVAllDvJsg3ye6q7WWpBVbraG63PhEROHuqBXEAGd5Uic2v9kb7y_p6O66sFMGDI3ZJE_ifAcmM63tShAoOW06uHWLhOtBJorKliZRfK6CGug3HoOeFCKwXXOJBoMx8bhM2oGjJIdpFciHqAvIt-TZdIqPSxqR4Qb47UxGuYHnFqIMoo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.790687557845331
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-G7LkJo2h6mK4ymZQWQm0Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-G7LkJo2h6mK4ymZQWQm0Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.96450145490434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p2XVgDHLEo85cAax91ugSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://skuy.beritaandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 03:18:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-p2XVgDHLEo85cAax91ugSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUjBjLb2kpKP9-tHnQdFZtyhs_KE8fWbgbujLVAB0sBRJMewlWWqj2y5pmYHYgitjDxo0clGxWtrlGZOQqqV9L-954yoWsOv31pWiYGmGAw039HKc9kFg-U97APqA3T92D4AA9QBQ==
fundingchoicesmessages.google.com/el/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxUjBjLb2kpKP9-tHnQdFZtyhs_KE8fWbgbujLVAB0sBRJMewlWWqj2y5pmYHYgitjDxo0clGxWtrlGZOQqqV9L-954yoWsOv31pWiYGmGAw039HKc9kFg-U97APqA3T92D4AA9QBQ==

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless function| gtag object| dataLayer undefined| linkMagzSetting function| optionLinkMagz function| Defer string| uri undefined| clean_uri string| protocol undefined| url number| limitClick string| idAdsense function| preventBack object| adsbygoogle function| infeedAds function| artikelterbaru function| setCookie function| getCookie function| isCookieExist object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setAttributeOnload object| gapi object| ___jsl function| LMstickyMenu function| LMmobileMenu function| LMmobileMenuSubMenu function| LMsearchForm function| LMcheckCheckbox function| darkMode function| LMScrollTop object| infinite_scroll function| customFeaturedPostSnippet function| customPostSnippet function| SmoothScroll string| stickyClass function| InfiniteScroll function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests

6 Cookies

Domain/Path Name / Value
.beritaandroid.com/ Name: _ga
Value: GA1.2.1386258489.1677554306
.beritaandroid.com/ Name: _gid
Value: GA1.2.1639112922.1677554306
.beritaandroid.com/ Name: _gat_gtag_UA_250875990_1
Value: 1
.beritaandroid.com/ Name: __gads
Value: ID=b2d6d2b0d9dc30e4-22a9bd5f84de0075:T=1677554309:RT=1677554309:S=ALNI_Ma0yneMnj-acTw4MwXBu8Mvmxwpiw
.beritaandroid.com/ Name: __gpi
Value: UID=000009c331c439a7:T=1677554309:RT=1677554309:S=ALNI_MYd-gNdinmxIDHg8lDk5zhb82F6eA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8031091492724388&output=html&h=280&slotname=5251758531&adk=2947951996&adf=652959073&pi=t.ma~as.5251758531&w=756&fwrn=4&fwrnh=100&lmt=1674911577&rafmt=1&format=756x280&url=https%3A%2F%2Fskuy.beritaandroid.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677554309198&bpp=2&bdt=3652&idt=185&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=714786808613&frm=20&pv=1&ga_vid=1386258489.1677554306&ga_sid=1677554309&ga_hid=761091388&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44772269%2C31071975&oid=2&pvsid=2003130188113051&tmod=1907760336&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OZ9PLmPg92&p=https%3A//skuy.beritaandroid.com&dtd=193
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
apis.google.com
blogger.googleusercontent.com
cat.va.us.criteo.com
cdn.jsdelivr.net
csm.us.criteo.net
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.va.us.criteo.com
skuy.beritaandroid.com
static.criteo.net
tpc.googlesyndication.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
fundingchoicesmessages.google.com
2001:4860:4802:36::178
216.239.34.21
216.239.36.21
2607:f8b0:4006:808::2004
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2009
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2a04:4e42:200::485
74.119.119.147
02e97abec8819b9f3b360a8e809964955ed527452e476f9d3d830f34efccd162
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e2ae170de91fd88ef5cb157ee21d40358973ea8a71dc656c6b1e2ec73339c3a
11e4879219e6c4ae69fb9046efd9eaafb937bfcf8acb16eaa26ad32551a2da4a
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0
298f5f7e4cbde812e8d6b949e4aa082f9742197669ed6372565c9800841505ed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6a3190425275adc81f76011ea320ba276b20b0ba070d7ebd948067fc014f99
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ef245320113e01cf526d5c3b0d0eba39f809a8694a5d06c146f3e6a1eff1819
40341d8a8325fc62107e85aad230746daebf26975b3333b4b0a5ce183bb8e77a
46325a422327bf00afadc905a2fa90b1b3c13a94d076fb2b2ac7e5ac7ced9802
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4d68890ba4c6bfa2417c5b97ab63489256913dcae1f94f232204b05d8fa4f5b1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e0e4b81dd689cc56a9b57982a949325c5c1911856f494535431fdecd136eaee
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
77eb242f74367214d02f5251389936511f4d858bdfd7369610a039a58f4b3f8a
7804a348327a310b3e0e8291894d6b8cf923a49f0198cd7f707c4787afc87427
7bf82b74d2ab235f5d6e9fa09d63143dddfc9523dd845306c21bc2b05cff910e
832cd6e57a2e075456f2f967a672af3cebf2ba48d3a9f990445d5fbd42ec8c34
8949bc9ccc884e72a4e01641de6d291b7a41110106c790b1ed95332a58dacfad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9d17e14f2107c7407ed86663fb5177dec4528f10abd5136f17b2fba2c7c205bf
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3675035ff598739660e0a439b068a1cd8e0e558e19f268db9dccdb9fcd1f2e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b3eecffd16586b8bcc1666708fbc253cac61a60b0abed64b6e4f7b9396f5d98e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b5f77c91693e80c687cc0fab214520425df0ebc601d09802e57912ed0e45f189
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bd8f8d68036591c3c4b0edd683b9eb666c0812e776d482daeba3e1a7b5e9e7a8
c0a8d09d1a304f95db44b874019d504cea0988cf40baa1a0aedf3be9c61833a5
c20e97c35be14eb6217d31cff298d78987ef5da29e4b4b7b2c82c1030864fcfb
c3c1d5410a08f83b83593a866388d3518ea020048556d19c82de3ebc3d4614ef
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d583efe145726b87ef4b5b1f77ebbddfedee100f6795d4d7af91ee008fc2a6a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71429a18f5b1b16eb1237af309e25a0af7aae4e8e4d0096c19dfecbde751790
e8d06e64a8fb1bd660a4b952bfc5dde5b62677c1a6059485a9be5b9fc400fe0b
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f4748e5e4e20512c4820e69778a230e607b8974834efba0cb447ad49129aeceb
fa600bed093063b43fac4c3b10f1c06bb0ed9da1442b86d5725347f71520ebb7