urlscan.io logo urlscan.io
SecurityTrails logo

your.adsterra.com Open in urlscan Pro
185.215.4.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Effective URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Submission: On December 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 5 countries across 29 domains to perform 77 HTTP transactions. The main IP is 185.215.4.66, located in London, United Kingdom and belongs to DDOS-GUARD DDOS-GUARD LTD, RU. The main domain is your.adsterra.com.
TLS certificate: Issued by R11 on December 26th 2024. Valid for: 3 months.
This is the only time your.adsterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.186.60 13335 (CLOUDFLAR...)
1 1 192.243.59.12 39572 (ADVANCEDH...)
1 185.215.4.66 57724 (DDOS-GUAR...)
1 5.181.161.181 205282 (tilda-ie-...)
14 2a03:90c0:41:... 199524 (GCORE G-C...)
1 2a00:1450:400... 15169 (GOOGLE)
5 192.243.61.239 39572 (ADVANCEDH...)
4 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2620:1ec:33::10 8075 (MICROSOFT...)
2 162.159.153.247 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2a04:4e42:600... 54113 (FASTLY)
3 157.240.253.1 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.245.86.4 16509 (AMAZON-02)
1 18.66.102.51 16509 (AMAZON-02)
1 2400:52e0:1e0... 60068 (CDN77 Dat...)
5 2.18.64.15 20940 (AKAMAI-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
1 13.33.187.19 16509 (AMAZON-02)
1 52.42.84.19 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
6 12 2a02:6b8::1:119 13238 (YANDEX YA...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 157.240.0.35 32934 (FACEBOOK)
1 142.250.184.226 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 193.3.17.197 210753 (tildapubl...)
77 34
1    172.67.186.60 (United States)

ASN13335 (CLOUDFLARENET, US)
sitera.kendali.my.id
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
laserharasslined.com
1    185.215.4.66 (London, United Kingdom)

ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU)
your.adsterra.com
1    5.181.161.181 (Ashburn, United States)

ASN205282 (tilda-ie-1 Tilda Publishing Ltd., IE)
PTR: 181-161.addr.tildacdn.net
neo.tildacdn.com
14    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE G-Core Labs S.A., LU)
static.tildacdn.one
optim.tildacdn.one
static.tildacdn.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    192.243.61.239 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
an.adsterra.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net
fonts.gstatic.com
2    2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
consent.cookiebot.com
2    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
q.quora.com
2    2a02:26f0:3500:2b::17cf:d253 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.245.86.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-4.fra60.r.cloudfront.net
cdn.amplitude.com
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
survey.survicate.com
5    2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    13.33.187.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-19.fra60.r.cloudfront.net
script.hotjar.com
1    52.42.84.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-84-19.us-west-2.compute.amazonaws.com
api.amplitude.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.webvisor.org
mc.yandex.com
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.net
4    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
2    2606:4700:10::ac43:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
track.segmentstream.com
1    193.3.17.197 (Russian Federation)

ASN210753 (tildapublishing-ru-1 Tilda Publishing LLC, RU)
PTR: 197-17.addr.tildacdn.net
stat.tildacdn.com
Apex Domain
Subdomains		 Transfer
13 tildacdn.one
static.tildacdn.one — Cisco Umbrella Rank: 278925
optim.tildacdn.one — Cisco Umbrella Rank: 372845
302 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
6 KB
6 adsterra.com
your.adsterra.com
an.adsterra.com
41 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
139 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
425 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
2 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4433
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5051
imgsct.cookiebot.com — Cisco Umbrella Rank: 5232
35 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
381 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
79 KB
3 tildacdn.com
neo.tildacdn.com — Cisco Umbrella Rank: 81095
static.tildacdn.com — Cisco Umbrella Rank: 64088
stat.tildacdn.com — Cisco Umbrella Rank: 80333
3 KB
2 segmentstream.com
track.segmentstream.com — Cisco Umbrella Rank: 347612
365 B
2 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
751 B
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 27270
868 B
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 8327
464 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
761 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3096
api.amplitude.com — Cisco Umbrella Rank: 2614
23 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
22 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 6981
q.quora.com — Cisco Umbrella Rank: 5280
15 KB
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 survicate.com
survey.survicate.com — Cisco Umbrella Rank: 5182
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
88 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 laserharasslined.com
laserharasslined.com
256 B
1 kendali.my.id
sitera.kendali.my.id
1 KB
77 29
Domain Requested by
12 static.tildacdn.one your.adsterra.com
8 mc.yandex.ru 4 redirects your.adsterra.com
cdn.jsdelivr.net
5 analytics.tiktok.com sitera.kendali.my.id
analytics.tiktok.com
5 an.adsterra.com your.adsterra.com
an.adsterra.com
4 www.facebook.com your.adsterra.com
4 www.googletagmanager.com your.adsterra.com
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 connect.facebook.net sitera.kendali.my.id
connect.facebook.net
2 track.segmentstream.com www.googletagmanager.com
2 mc.yandex.com 1 redirects your.adsterra.com
2 mc.webvisor.org 1 redirects your.adsterra.com
2 bat.bing.net bat.bing.com
your.adsterra.com
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 bat.bing.com www.googletagmanager.com
bat.bing.com
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 stat.tildacdn.com static.tildacdn.one
1 static.tildacdn.com static.tildacdn.one
1 imgsct.cookiebot.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 optim.tildacdn.one your.adsterra.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 px4.ads.linkedin.com your.adsterra.com
1 api.amplitude.com cdn.amplitude.com
1 script.hotjar.com static.hotjar.com
1 alb.reddit.com your.adsterra.com
1 pixel-config.reddit.com www.redditstatic.com
1 q.quora.com your.adsterra.com
1 survey.survicate.com sitera.kendali.my.id
1 static.hotjar.com sitera.kendali.my.id
1 cdn.amplitude.com sitera.kendali.my.id
1 cdn.jsdelivr.net sitera.kendali.my.id
1 a.quora.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com your.adsterra.com
1 neo.tildacdn.com your.adsterra.com
1 your.adsterra.com sitera.kendali.my.id
1 laserharasslined.com 1 redirects
1 sitera.kendali.my.id
77 40

This site contains links to these domains. Also see Links.

Domain
adsterra.com
facebook.com
twitter.com
www.instagram.com
t.me
www.linkedin.com
Subject Issuer Validity Valid
kendali.my.id
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
your.adsterra.com
R11		 2024-12-26 -
2025-03-26		 3 months crt.sh
*.tildacdn.com
GlobeSSL DV CA		 2024-02-07 -
2025-02-20		 a year crt.sh
*.tildacdn.one
GlobeSSL DV CA		 2024-10-23 -
2025-11-13		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
an.adsterra.com
R11		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
quora.com
WR1		 2024-12-13 -
2025-03-13		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2024-12-02 -
2025-12-01		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-06 -
2025-01-04		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M03		 2024-11-14 -
2025-12-13		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.survicate.com
Sectigo RSA Domain Validation Secure Server CA		 2024-08-19 -
2025-09-19		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-27 -
2025-04-25		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
segmentstream.com
E6		 2024-12-24 -
2025-03-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Frame ID: EC7CC081172788DC00CAAB63AF0558D2
Requests: 75 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C22CF6CC232AE2A03F9FBD72C2D81031
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 73DC8B5B54180DC0AAAD87564F9C6CCE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fyour.adsterra.com
Frame ID: F73FE17EE8675AB00F11185495E5961D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error

Page URL History Show full URLs

  1. https://sitera.kendali.my.id/ratnadewi02/link/directlink.html Page URL
  2. https://laserharasslined.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false HTTP 301
    https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+tilda(?:cdn|\.ws|-blocks)
  • tilda(?:cdn|\.ws|-blocks)
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

77
Requests

94 %
HTTPS

44 %
IPv6

29
Domains

40
Subdomains

34
IPs

5
Countries

1276 kB
Transfer

3691 kB
Size

49
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sitera.kendali.my.id/ratnadewi02/link/directlink.html Page URL
  2. https://laserharasslined.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false HTTP 301
    https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&e_ipv6=AQKlRgz4_typQwAAAZQL2A9BP4CfhucmRpWygmbPMA6z6K8F33EXyAiJaYaqVKoD
Request Chain 43
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A281835021337%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A724583642%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Ast%3A1735365497&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A281835021337%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A724583642%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Ast%3A1735365497&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Request Chain 45
  • https://mc.yandex.ru/watch/49659877?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A909591698989%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A572154477%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Arqnl%3A1%3Ast%3A1735365497%3At%3AError&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009348)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/49659877/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A909591698989%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A572154477%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Arqnl%3A1%3Ast%3A1735365497%3At%3AError&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009348%29ti%281%29&redirnss=1
Request Chain 61
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10608.yNQmB4b_n-B8V-ESNdt-xjeFO6C6U-ArpBmV4P8A1GReWkj6ntFDpO3A7WRSyZwv.XslXpzMUn1p_SnGrBoobsnzodEQ%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10608.x7hEluKTFE0PBYY-bq6EGYrR7c5999ovuJyGXrzovrec4pcU423SqonaSOrhX2CEY2ktQ0xQ2PLH3MfcBT9KeSnbkXimybjEh3ooxRwx8x6vnV4NYQHvlemsR5L4aPqvkItjrCDHtPejwe5mBswqXhHn9BLUszkauZTyzMuPx-nWsTaTYhB39ja0Cr1z7ic3M80Tc1-MmlD4lKHmbze8F-TbxmENTQZ2mBCK63wWvdM%2C.ofSxkT4W4LnGF84UkIL3MMEVz5E%2C
Request Chain 62
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.BVhTGiuHCO14UDhV6InpGbsE_Bch9MfY5tsaPaFAYVt-2z9CudYPLptLChsBup0j.h4uFUxPfZf8JNMvHqqxI5ylZxes%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10608.OyolnJj03qVU1raxl4_yRvhB_Gdxc1Nahas3IpC8Fy6SOHQ506Xt02fPXIwfGjDtxTlfHPCTEIp1W03xdLO8ledIh-bkdz727lEGYaqDjL-LAHveH5kOWtYPgD_XThBAJD3GHqDy_IfR7XQhrPYPB2Wgbv6c5VVIjK45tAmungpQWx0igZurlgG0vdpHCxHAjVtMMrU5UpAKdWG0VV8RNYMocgUsh2gRdyNGyE4ORJM%2C.KofSseIU68b6sSlN13yezM4G_W4%2C

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
directlink.html
sitera.kendali.my.id/ratnadewi02/link/ 		834 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f8f514a5850dc94-FRA
content-encoding
zstd
content-type
text/html
date
Sat, 28 Dec 2024 05:58:15 GMT
last-modified
Tue, 14 Dec 2021 12:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZB4KxbrBIrkCyw3KwHuG4ke1XBkNFcFaaR3IFbPwZlrcMyIE45nbbtB3SNsWAgwMP36XvqIUJ1DH8KDHgxXJCguXHdwxpVfJuvlsOh4vQyWzqzspNeqQKY6YkwIM7%2Frb4iQG1PTumg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6388&min_rtt=6177&rtt_var=1171&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4513&delivery_rate=878&cwnd=12000&unsent_bytes=0&cid=37c02d15e18c0134&ts=322&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
Primary Request s5e0amv2
your.adsterra.com/
Redirect Chain
  • https://laserharasslined.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
  • https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.215.4.66 London, United Kingdom, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
Software
ddos-guard /
Resource Hash
af8d10fe6f00f3db27f21ce2541e08aab7e76911a2a1ab161571ecc2b1bd873d

Request headers

Referer
https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 28 Dec 2024 05:58:16 GMT
etag
W/"90be-622ca9f2adbd0"
last-modified
Mon, 23 Sep 2024 14:58:29 GMT
server
ddos-guard
x-tilda-server
30

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Sat, 28 Dec 2024 05:58:15 GMT
Location
https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Server
nginx/1.19.5
tilda-fallback-1.0.min.js
neo.tildacdn.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neo.tildacdn.com/js/tilda-fallback-1.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.181.161.181 Ashburn, United States, ASN205282 (tilda-ie-1 Tilda Publishing Ltd., IE),
Reverse DNS
181-161.addr.tildacdn.net
Software
/
Resource Hash
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-tilda-server
7
content-encoding
gzip
etag
W/"66f2bc2d-77e"
access-control-allow-methods
GET
access-control-allow-origin
*
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 13:18:37 GMT
tilda-grid-3.0.min.css
static.tildacdn.one/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/css/tilda-grid-3.0.min.css
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"63f4be99-11a2"
age
2639176
traceparent
00-4bb13f196b32ea1d33acd77ee3eb9ee7-5bbf3ccb4f2c0ad0-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 21 Feb 2023 12:52:41 GMT
x-id
fr5-hw-edge-gc57
x-id-fe
fr5-hw-edge-gc28
t-server
or-10
access-control-allow-origin
*
x-cached-since
2024-11-27T20:39:55+00:00
server
nginx
tilda-blocks-page32972371.min.css
static.tildacdn.one/ws/project2017500/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/ws/project2017500/tilda-blocks-page32972371.min.css?t=1727103507
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
7d1f682a383e6c87bb09c6754f1275127393e740f886c96ac35a070cdc3e2fcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
x-host
tilda.ws
content-encoding
br
age
403672
traceparent
00-25b3aaf5a157faabb2525e60723124f1-bb578896c8d6242e-01
x-id-shield
am3-hw-edge-gc93
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 14:58:29 GMT
tserver
13
x-id
fr5-hw-edge-gc56
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-23T14:07:14+00:00
server
nginx
css2
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700&subset=latin,cyrillic&display=swap
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ad32774421f1ec5b4d110973d4969be5fa6f73f29ef8590567128a2bbb30dc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Dec 2024 05:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 28 Dec 2024 05:58:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery-1.10.2.min.js
static.tildacdn.one/js/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/jquery-1.10.2.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"60852438-16b88"
age
812341
traceparent
00-76b5f5fdd9225cf0cbad71b748dfa251-f610aab24baa16a4-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 25 Apr 2021 08:11:36 GMT
tserver
13
x-id
fr5-hw-edge-gc31
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-18T20:29:26+00:00
server
nginx
tilda-scripts-3.0.min.js
static.tildacdn.one/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-scripts-3.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
3cfe7b9774eb6a3a105fb8e94afaed289d2be963d8f94ba72ae1d01a4bea2508

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"676274eb-5187"
age
859313
traceparent
00-7d402c36e8a417d11dd2bc4a009b8d27-97d62837f1e8df40-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 07:08:27 GMT
tserver
13
x-id
fr5-hw-edge-gc32
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-18T07:16:44+00:00
server
nginx
tilda-blocks-page32972371.min.js
static.tildacdn.one/ws/project2017500/ 		347 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/ws/project2017500/tilda-blocks-page32972371.min.js?t=1727103507
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
36ece1053eae9ea99922317ecd344665310d69e96916c7c0d7f5eba6f1b25b1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
x-host
tilda.ws
content-encoding
br
age
3090582
traceparent
00-27e54ff96299117dcbfe3ec80cb46801-61008fbd8191edbe-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 14:58:30 GMT
tserver
8
x-id
fr5-hw-edge-gc32
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-11-22T16:04:19+00:00
server
nginx
tilda-lazyload-1.0.min.js
static.tildacdn.one/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-lazyload-1.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
68de40611264822b9a752f4e79adc4eea3d1e2bd168a93c888c1789225b08a8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"65c62f6c-5ea8"
age
812595
traceparent
00-bebfdefd1b1cc2cb0d2f8de2293d30a5-824aff65d5f41d16-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 09 Feb 2024 13:58:04 GMT
tserver
8
x-id
fr5-hw-edge-gc12
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-18T20:24:21+00:00
server
nginx
tilda-zero-1.1.min.js
static.tildacdn.one/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-zero-1.1.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
9a0d6b6b0ff41ddb4f57ffde273fb9149aa39f967399d32042216807b62bb270

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"676a88c9-6f93"
age
329909
traceparent
00-cba2ddac42b3ac33a7b9ea8fc74d6cb7-0b9668091a543a86-01
x-id-shield
am3-hw-edge-gc88
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 10:11:21 GMT
tserver
9
x-id
fr5-hw-edge-gc22
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-24T10:20:34+00:00
server
nginx
tilda-zero-scale-1.0.min.js
static.tildacdn.one/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-zero-scale-1.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
47507bfd83c76cd440032efe538d1f82eaae31fe6e43415639d0c094dbd8a056

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"676537d2-12ae"
age
678324
traceparent
00-1b4939af7749b488f2365dab1d7d7d78-ad375b8e698d8f12-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 20 Dec 2024 09:24:34 GMT
tserver
JWhHVWak
x-id
fr5-hw-edge-gc31
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-20T09:34:02+00:00
server
nginx
tilda-events-1.0.min.js
static.tildacdn.one/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-events-1.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
f28eafcc73b9c461f0ff0b8dc6c8765e0f21732b177acc75154ed0722f038ce6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"65c22b18-46d2"
age
4383084
traceparent
00-099e530146ef75343ea2750100c922ad-c43e7cbb194baae3-01
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 06 Feb 2024 12:50:32 GMT
tserver
9
x-id
fr5-hw-edge-gc51
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-11-07T14:08:14+00:00
server
nginx
prod.js
an.adsterra.com/public/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.adsterra.com/public/prod.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.243.61.239 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
656c38cd5a21e0ef9f4578b8d93dc32d527594a71b18dc00678c7e68cb6335d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
no-store; must-revalidate
etag
"66e8522b-718"
accept-ranges
bytes
content-length
1816
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 15:43:39 GMT
server
nginx/1.26.2
fa1e5716-3055-47dc-b.svg
static.tildacdn.one/tild6630-3334-4865-b531-343332366566/ 		8 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tildacdn.one/tild6630-3334-4865-b531-343332366566/fa1e5716-3055-47dc-b.svg
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
5f7fc05ceacd961e2749f2867268e4b54c1d4f14834d75e275ef5a7c015beb48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-container-storage-policy-index
0
cache
HIT
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control
content-encoding
gzip
etag
W/"25f49c059e2d829b4d3f6270d2b492a7"
age
4379990
traceparent
00-170b2f73cc8f7fbd663620c5a5ac7f88-00c67e90b430c0b0-01
expires
Sun, 08 Sep 2024 13:15:13 GMT
x-trans-id
172994c3081eb9c3
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Mon, 21 Nov 2022 11:05:03 GMT
x-container-storage-policy-name
Policy-0
cache-control
max-age=5184000
tserver
8
x-id
fr5-hw-edge-gc33
x-id-fe
fr5-hw-edge-gc28
x-timestamp
1669028702.29478
access-control-allow-origin
*
x-cached-since
2024-11-07T13:58:16+00:00
server
nginx
gtm.js
www.googletagmanager.com/ 		626 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a138052c1da7662a297986ace64ce85e0403f6ac2809bd2dd30dc31189b86f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 28 Dec 2024 05:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
150272
x-xss-protection
0
server
Google Tag Manager
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700&family=Roboto:wght@300;400;500;700&subset=latin,cyrillic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://your.adsterra.com
Referer
https://fonts.googleapis.com/

Response headers

age
14718
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 28 Dec 2025 01:52:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 01:52:58 GMT
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35448
x-xss-protection
0
server
sffe
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
uc.js
consent.cookiebot.com/ 		111 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=670abb34-c3ad-479d-a8d0-6543e4a3cd88&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
39d5774e35f5214dd8567d4d6774865350b9600504cceb8b8f8bb5c3b9fffeea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=151
content-encoding
gzip
etag
"223be2d7f94adb1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Sat, 28 Dec 2024 06:00:47 GMT
accept-ranges
bytes
content-length
34602
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 11:51:26 GMT
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		426 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZK3VGW18DE&l=dataLayer&cx=c&gtm=45He4cc1v77801562za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d715b21fc3e061d3893ceca913bba16792a1ea752379ef3a8fdb369b5082e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Dec 2024 05:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137403
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 64A30D51BEB4456E820AF54AFA8B6BF6 Ref B: FRA31EDGE0815 Ref C: 2024-12-28T05:58:16Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Sat, 28 Dec 2024 05:58:15 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
qevents.js
a.quora.com/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b9afdd92edf30d72dd52262c76b75781740b1cb885772194a47529eb1052df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"213a2084d90a782e0ad733a5aa1e3202"
x-amz-version-id
H8.HsgWNgKILi9JR9TiInGCbVTRmJIEG
age
273411
expires
Sat, 28 Dec 2024 09:58:16 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/plain
last-modified
Mon, 28 Oct 2024 23:32:34 GMT
vary
Accept-Encoding
x-amz-id-2
WvDGc5BbNsutsoOPOn+w6jvzSo5sQnO4wQisFcVIuoPq+WDfBEp7RQTW0sSii1Hqaq0MbiD4IxECpNb1jY+/g6X63rN78M4k
cache-control
public, max-age=14400
x-amz-meta-s3cmd-attrs
md5:213a2084d90a782e0ad733a5aa1e3202
x-amz-request-id
7NSFFEXZA4WXXY8W
cf-ray
8f8f5150fb969b9e-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b::17cf:d253 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=19897
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
7404
date
Sat, 28 Dec 2024 05:58:16 GMT
last-modified
Wed, 18 Dec 2024 09:08:52 GMT
content-type
application/javascript;charset=utf-8
x-edgeconnect-midmile-rtt
0, 0
x-edgeconnect-origin-mex-latency
470, 470
x-amz-server-side-encryption
AES256
pixel.js
www.redditstatic.com/ads/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Sat, 28 Dec 2024 05:58:16 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-AhuJzVoF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-AhuJzVoF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4489, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
fe8c/gDFYnk6GWFhZFKgcXgOmbEIGqmZKRFGxBGFsc1X3skQtBm17vzShv7U0f4hyI1EfKSBGdiPDTnUWvPFQQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		237 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"3b220-kROSxwoFlf0ZaTmfAAjKHMwV0sA"
age
15024
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VqTJDgmRGUMvIkBOPY9kE3rpaxfZieHDnuwP4NLTbH3Fnu%2FmW2lZyYADImdJTkMzN8QDwqTYpMsPZA1vQeoeYnmy%2BTQwf0CIMQ2Y92Gh0g4j5vM59BhcNC4DdV%2FcmMPNAK0J9HusaGl9DsrruxM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230100-FRA, cache-lga21941-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f8f5150fda8d268-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
89146
server
cloudflare
x-jsd-version
1.354.0
amplitude-4.2.1-min.gz.js
cdn.amplitude.com/libs/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
etag
"addb3457c5f65c867ae2be9606542893"
x-amz-version-id
2PesFonHu677Rw5PZ53UUToyHVzesxrU
age
8248945
x-cache
Hit from cloudfront
x-amz-cf-id
06tkqCiUtBAxZNCVbf_EsoPO0j6Qu1QnFuUTDAzpxnDBkI6wDt1hFw==
date
Mon, 23 Sep 2024 18:35:52 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2019 15:45:35 GMT
cache-control
max-age=31536000
via
1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
23404
x-amz-cf-pop
FRA60-P6
server
AmazonS3
js
www.googletagmanager.com/gtag/ 		286 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782359587
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e91fcb2a40686b43b1e9fd8c786557de931da71fddc5d5112bf68b76f874fca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Dec 2024 05:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100891
x-xss-protection
0
server
Google Tag Manager
hotjar-1943848.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1943848.js?sv=6
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
4b120b6b3599f29ef81cbdfba38ab6e96a5ce7564d2255ba6d060f87d963c020
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
etag
W/0d4b45d5c1dbaf977645f70fe8d24ed9
age
44
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
-9gfj9GDwjIOc6U9noOSotxfRFUwe27yOsCeE0cGRaVy_L3PTi1N3A==
date
Sat, 28 Dec 2024 05:57:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
web_surveys.js
survey.survicate.com/workspaces/c4a10ec874469daeeb3c8d01d882fa98/ 		220 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.survicate.com/workspaces/c4a10ec874469daeeb3c8d01d882fa98/web_surveys.js
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5fcfed3a6757a60797f4f8080e97a080874c2159981d8cc336003e658342a5cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"af1eb53b2ff40d04a7d820362862f834"
x-amz-version-id
dNoochSS0fNSnSy87nepfFIO4y3X5ECW
report-to
{ "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] }
x-content-type-options
nosniff
last-modified
Fri, 20 Dec 2024 11:29:56 GMT
content-type
application/javascript; charset=utf-8
cdn-cachedat
12/20/2024 11:56:07
cdn-cache
HIT
cache-control
max-age=30
cdn-requestpullsuccess
True
cdn-pullzone
1158558
cdn-proxyver
1.06
x-amz-request-id
TAD1FGGTTJE30NG4
referrer-policy
strict-origin-when-cross-origin
x-xss-protection
1; mode=block
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
date
Sat, 28 Dec 2024 05:58:16 GMT
vary
Accept-Encoding
x-amz-id-2
QDLIuqQwrDzDEId46p/8eRZ2zCmMeuO5a1o3JeBffw3HXqhj65VR5w2WpzYBTvhBcyzQ1Pu/xzM=
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-requestpullcode
200
content-security-policy
default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com; connect-src https://respondent.survicate.com 'self'; img-src https://*; font-src https://surveys-static.survicate.com https://surveys-static-prd.survicate-cdn.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
cdn-requesttime
0
cdn-uid
039640c0-4b09-428d-a0ae-513ccdd44502
cdn-requestid
b5f55286ec0a7b6d61ec6081f9953f96
access-control-allow-origin
*
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAO3H63C77U6V5FA3AGG&lib=ttq
Requested by
Host: sitera.kendali.my.id
URL: https://sitera.kendali.my.id/ratnadewi02/link/directlink.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
20b8ade35fd4024dfd20a5f9efa48dd38124ca97fa0c2fa9ef0598ffe9f2f0a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires
Sat, 28 Dec 2024 05:58:16 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=112, origin; dur=5, inner; dur=2
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
115c3593.f3f2861a
x-tt-trace-host
01c6bafc9978dea7650cc282a61b553c3fbde2aabe779ab5a139b1cd7309d339aa75fba3be00f92fb44c2e031bee4fbb0ea6a838628a64026275033bc0bf996d6c112fcb178302eb942359d6cd0a2faf9233e1467d4bf414708599b98bc22cbe5f477736d482d828de54b366c1a8df8e7d
x-origin-response-time
6,23.218.223.21
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2412280558163E67E7E3E12424AF42A8-2CA81A6255A9B284-00
content-length
1867
x-parent-response-time
97,2.20.179.90
x-tt-logid
202412280558163E67E7E3E12424AF42A8
server
nginx
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Sat, 28 Dec 2024 05:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
pixel
q.quora.com/_/ad/561b752fe23e40b7bd45afed64c677a3/ 		43 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/561b752fe23e40b7bd45afed64c677a3/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-q-stat
,ed011e204e7a47017fb1e56f6a263058,10.0.0.235,38066,81.95.5.40,,317397388842,1,1735365496.586,0.002,,.,0,0,0.000,0.000,-,0,0,203,195,97,10,34729,,,,,,-,
cf-ray
8f8f51514bba9b9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/gif
server
cloudflare
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b::17cf:d253 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
max-age=77935
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Sat, 28 Dec 2024 05:58:16 GMT
last-modified
Mon, 02 Dec 2024 10:13:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
config
pixel-config.reddit.com/pixels/t2_6eo47b5f/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_6eo47b5f/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/json
t2_6eo47b5f_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_6eo47b5f_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1735365496498&id=t2_6eo47b5f&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=cd4b7266-3346-40ab-9174-e74b38325ac5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/gif
server
Varnish
modules.60031afbf51fb3e88a5b.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1943848.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-19.fra60.r.cloudfront.net
Software
/
Resource Hash
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b4a1a7933e55e780894c3f39b1aca0b4"
age
842829
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
OkrQTEczBV78klUpOEBLNfUgR8OwQK-ujzj3qDdban2yEb8PS9SGCg==
date
Wed, 18 Dec 2024 11:51:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Dec 2024 11:50:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56408
x-amz-cf-pop
FRA60-P9
1741162539406191
connect.facebook.net/signals/config/ 		70 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1741162539406191?v=2.9.179&r=stable&domain=your.adsterra.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
6be1c29bcac32db1eb32d1a4d29c592e5603f0f262312af1cda3f2ac51a78d50
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tzBo7crw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tzBo7crw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=75, mss=1232, tbw=71301, tp=68, tpl=0, uplat=178, ullat=0
pragma
public
x-fb-debug
XJCjLnhiad65jAxIxpUhu37l2yB1HtBZ70+FZ9GCAJqgkTA9XR5D04AVjrRY/kHpNObHNwGiYFFO2qkOT7DPiA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
api.amplitude.com/ 		7 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.2.1-min.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.42.84.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-84-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
7
date
Sat, 28 Dec 2024 05:58:17 GMT
content-type
text/html;charset=utf-8
attribution_trigger
px.ads.linkedin.com/ 		2 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://your.adsterra.com/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
00062a4e43fb79fd17507d0ab01ce9e1
x-msedge-ref
Ref A: 3696686EA8944BF0A21D4A00743E3A16 Ref B: FRAEDGE1208 Ref C: 2024-12-28T05:58:16Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYqTkP7ef0XUH0KsBzp4Q==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 28 Dec 2024 05:58:15 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&e_ipv6=AQKlRgz4_...
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&e_ipv6=AQKlRgz4_typQwAAAZQL2A9BP4CfhucmRpWygmbPMA6z6K8F33EXyAiJaYaqVKoD
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 513B57439DCC4F1E9F3FF600AF43017A Ref B: DUS30EDGE0818 Ref C: 2024-12-28T05:58:16Z
x-li-fabric
prod-lva1
x-li-uuid
AAYqTkP+DJyIXSRzKLRoXA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2503156&time=1735365496524&url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&e_ipv6=AQKlRgz4_typQwAAAZQL2A9BP4CfhucmRpWygmbPMA6z6K8F33EXyAiJaYaqVKoD
x-msedge-ref
Ref A: C45EBA08D6A14606B097970388BF26AB Ref B: FRAEDGE1318 Ref C: 2024-12-28T05:58:16Z
x-li-fabric
prod-lva1
x-li-uuid
AAYqTkP7fv4N6XlM9oFKnw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 28 Dec 2024 05:58:15 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame C22C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=670abb34-c3ad-479d-a8d0-6543e4a3cd88&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://your.adsterra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 28 Dec 2024 05:58:16 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Sun, 28 Dec 2025 05:58:16 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1735365496556_388276618_2750655838_17_643_6_8_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/670abb34-c3ad-479d-a8d0-6543e4a3cd88/ 		373 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/670abb34-c3ad-479d-a8d0-6543e4a3cd88/cc.js?renew=false&referer=your.adsterra.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=670abb34-c3ad-479d-a8d0-6543e4a3cd88&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7e844f4812e9d7c095ceb78f288b74f09a542ed1d1ffafb2310b0c6bbd1e65d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
private, max-age=60
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
360
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charse...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&char...
440 B
889 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A281835021337%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A724583642%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Ast%3A1735365497&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
1f098e7db17195c7464faad493d96cc3b267081f18141ee18ddc60bd4e83ebb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 28-Dec-2024 05:58:16 GMT
access-control-allow-origin
https://your.adsterra.com
content-length
440
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Sat, 28-Dec-2024 05:58:16 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A281835021337%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A724583642%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Ast%3A1735365497&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Sat, 28-Dec-2024 05:58:16 GMT
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
last-modified
Sat, 28-Dec-2024 05:58:16 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-2b"
expires
Sat, 28 Dec 2024 06:58:16 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
1
mc.yandex.ru/watch/49659877/
Redirect Chain
  • https://mc.yandex.ru/watch/49659877?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F...
  • https://mc.yandex.ru/watch/49659877/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%...
623 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/49659877/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A909591698989%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A572154477%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Arqnl%3A1%3Ast%3A1735365497%3At%3AError&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009348%29ti%281%29&redirnss=1
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
fb84a984230eacacda8e4603d0aa26c0ee49c564dbb4ace9b02996a0065785c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 28-Dec-2024 05:58:16 GMT
access-control-allow-origin
https://your.adsterra.com
content-length
623
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Sat, 28-Dec-2024 05:58:16 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/49659877/1?wmode=7&page-url=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&page-ref=https%3A%2F%2Fsitera.kendali.my.id%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A909591698989%3Ahid%3A889263411%3Az%3A60%3Ai%3A20241228065816%3Aet%3A1735365497%3Ac%3A1%3Arn%3A572154477%3Arqn%3A1%3Au%3A1735365497301136543%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A11%2C32%2C92%2C4%2C298%2C0%2C%2C100%2C1%2C%2C%2C%2C543%3Aco%3A0%3Acpf%3A1%3Ans%3A1735365495747%3Arqnl%3A1%3Ast%3A1735365497%3At%3AError&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009348%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Sat, 28-Dec-2024 05:58:16 GMT
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
last-modified
Sat, 28-Dec-2024 05:58:16 GMT
www-widgetapi.js
www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
br
age
12657
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sun, 28 Dec 2025 02:27:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 02:27:19 GMT
last-modified
Mon, 16 Dec 2024 05:14:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
56097991.js
bat.bing.com/p/action/ 		363 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56097991.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55C7988B105F4C8D9BDB2EAE362EDAD0 Ref B: FRA31EDGE0815 Ref C: 2024-12-28T05:58:16Z
x-cache
CONFIG_NOCACHE
date
Sat, 28 Dec 2024 05:58:15 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
lib.js
an.adsterra.com/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.adsterra.com/lib.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.243.61.239 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
23ea8f53c9077bb213e64613f87673375cb14ab5797917339a66ba4327553f90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

access-control-expose-headers
Content-Length,Content-Type
cache-control
no-cache, no-store, must-revalidate, no-store; must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 01 Jan 1990 21:00:12 GMT
x-response-time
0
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1
content-type
text/javascript
last-modified
Sun, 17 May 1998 03:44:30 GMT
server
nginx/1.26.2
x-frame-options
SAMEORIGIN
0
bat.bing.net/actionp/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=56097991&tm=gtm002&Ver=2&mid=37788603-c7e4-4a94-8ead-83b2d7ba8346&bo=1&evt=consent&src=enforced&cdb=AQIJ&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F141CF2203C6499C8B30FD9B6A2D199D Ref B: FRA31EDGE0819 Ref C: 2024-12-28T05:58:16Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 28 Dec 2024 05:58:16 GMT
0
bat.bing.net/action/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=56097991&tm=gtm002&Ver=2&mid=37788603-c7e4-4a94-8ead-83b2d7ba8346&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Error&p=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&r=https%3A%2F%2Fsitera.kendali.my.id%2F&lt=544&evt=pageLoad&sv=1&asc=D&cdb=AQIZ&rn=232272
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7AE203DB4FB645EB875190274C657734 Ref B: FRA31EDGE0819 Ref C: 2024-12-28T05:58:16Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 28 Dec 2024 05:58:16 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame 73DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://your.adsterra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Sat, 28 Dec 2024 05:58:16 GMT
etag
"67655eba-820"
expires
Sat, 28 Dec 2024 06:58:16 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
main.MWE1OTI4NzI4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		347 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAO3H63C77U6V5FA3AGG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
x-tt-trace-id
00-2412191324311DEC175AB4098460E478-28132B6A57D905AE-00
content-length
97420
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202412191324311DEC175AB4098460E478
server
nginx
x-akamai-request-id
f3f286f7
x-tt-trace-host
01cb20cbf464bf296d6d14b85ca34391354aaf5517ce6fbb0fd64300743722964749e5bfebcde9c774aca2a0c2270e7dc4fdfa7c4c957e0203071fcd4c75eb2f499a522ffd07f1e0593c773e6806a5ee451b391bdf4c8f17aaa705591d6a85d4df
1316610292345001
connect.facebook.net/signals/config/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1316610292345001?v=2.9.179&r=stable&domain=your.adsterra.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
7980bf9b32523e5e8970f4d05476b22016b0f0e65432dfe726292602df36ce4c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-TUfufAFv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-TUfufAFv' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=89, mss=1232, tbw=87909, tp=85, tpl=0, uplat=117, ullat=0
pragma
public
x-fb-debug
BboJbFpgvas4YXes6ui2Uo+Y+UAfHvl+ms7lYxWzy0seuKW5PL+SQmhG+28jYcbg/ZaLVu3LiLqs1drW95bQuQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1741162539406191&ev=PageView&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&rl=https%3A%2F%2Fsitera.kendali.my.id%2F&if=false&ts=1735365496741&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735365496740.944960655819570553&ler=other&cdl=API_unavailable&it=1735365496512&coo=false&rqm=GET
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4540, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1741162539406191&ev=PageView&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&rl=https%3A%2F%2Fsitera.kendali.my.id%2F&if=false&ts=1735365496741&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735365496740.944960655819570553&ler=other&cdl=API_unavailable&it=1735365496512&coo=false&rqm=FGET
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453338053032903761"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
9SugSytFTa3umAsWRkXPicwLF1Sclw5n7sEQokPjM8hmB4zUpnBIrxmrINHCQagCHoOQyJmqXyn961Cu2S7xgA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453338053032903761", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=26, mss=1232, tbw=8268, tp=21, tpl=0, uplat=175, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id
00-2411150502336335CB71727E1B0F9A9E-3A4C2EB625C2735C-00
content-length
39512
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502336335CB71727E1B0F9A9E
server
nginx
x-akamai-request-id
f3f2873a
x-tt-trace-host
018da2afa453821b4298e998225089b0daa6890aec0793a9687d106e311ed3cfd2e8cad26c7a78d97db85dc248aeb49157eed1a2359186d4810439cc577c4561296e6a18e06372eaf46885cf3f3eeb7c3ce6a88ac3a91f21a709bfb6420463c7bd
pixel
analytics.tiktok.com/api/v2/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://your.adsterra.com/

Response headers

x-cache-remote
TCP_MISS from a184-28-17-154.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 28 Dec 2024 05:58:16 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=28, inner; dur=20
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Sat, 28 Dec 2024 05:58:16 GMT
x-akamai-request-id
470dca1f.f3f28747
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6bafc9978dea7650cc282a61b553c3f8d74d3289a311d9912782570363976ed0284ea020fb9c13a08b3cb8b1f5edc688832a8dd943d48f89f075a88517ed402febc86228fc084234cbb1bcc47b2e1d5ca321666359564acf80deb31c5b835fdfab969b52030ccb71262c5b4cecfb335
x-origin-response-time
29,184.28.17.154
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2412280558162009124C79D9C45ED204-5ED5C7E24D9FCA98-00
content-length
0
x-parent-response-time
115,2.20.179.90
x-tt-logid
202412280558162009124C79D9C45ED204
server
nginx
404_1_1.png
optim.tildacdn.one/tild3164-6437-4966-b161-306539656536/-/cover/398x407/center/center/-/format/webp/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optim.tildacdn.one/tild3164-6437-4966-b161-306539656536/-/cover/398x407/center/center/-/format/webp/404_1_1.png
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
0562d21ad1cbd1ab7b5966a011e27eb20b60eb08a1d4b6abe9cdf57547917b66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-tilda-server
3
cache
HIT
etag
"65b48c79-9bf2"
age
3858092
traceparent
00-b619166981a3e807db7e94abc91ed3e7-67024d8d81e09e06-01
x-id-shield
am3-hw-edge-gc88
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/png
last-modified
Sat, 27 Jan 2024 04:54:17 GMT
x-id
fr5-hw-edge-gc15
x-id-fe
fr5-hw-edge-gc28
accept-ranges
bytes
access-control-allow-origin
*
content-length
39922
x-cached-since
2024-11-13T14:16:44+00:00
server
nginx
t4k.json
an.adsterra.com/band/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://an.adsterra.com/band/t4k.json?dig=5418938924723831&td_trans=b
Requested by
Host: an.adsterra.com
URL: https://an.adsterra.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.243.61.239 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://your.adsterra.com/

Response headers
t4k.json
an.adsterra.com/band/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://an.adsterra.com/band/t4k.json?dig=5304365479293836&td_trans=b
Requested by
Host: an.adsterra.com
URL: https://an.adsterra.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.243.61.239 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://your.adsterra.com/

Response headers
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10608.yNQmB4b_n-B8V-ESNdt-xjeFO6C6U-ArpBmV4P8A1GReWkj6ntFDpO3A7WRSyZwv.XslXpzMUn1p_SnGrBoobsnzodEQ%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10608.x7hEluKTFE0PBYY-bq6EGYrR7c5999ovuJyGXrzovrec4pcU423SqonaSOrhX2CEY2ktQ0xQ2PLH3MfcBT9KeSnbkXimybjEh3ooxRwx8x6vnV4NYQHvlemsR5L4aPqvkItjrCDH...
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10608.x7hEluKTFE0PBYY-bq6EGYrR7c5999ovuJyGXrzovrec4pcU423SqonaSOrhX2CEY2ktQ0xQ2PLH3MfcBT9KeSnbkXimybjEh3ooxRwx8x6vnV4NYQHvlemsR5L4aPqvkItjrCDHtPejwe5mBswqXhHn9BLUszkauZTyzMuPx-nWsTaTYhB39ja0Cr1z7ic3M80Tc1-MmlD4lKHmbze8F-TbxmENTQZ2mBCK63wWvdM%2C.ofSxkT4W4LnGF84UkIL3MMEVz5E%2C
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Sat, 28 Dec 2024 05:58:17 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.webvisor.org/sync_cookie_image_decide?token=10608.x7hEluKTFE0PBYY-bq6EGYrR7c5999ovuJyGXrzovrec4pcU423SqonaSOrhX2CEY2ktQ0xQ2PLH3MfcBT9KeSnbkXimybjEh3ooxRwx8x6vnV4NYQHvlemsR5L4aPqvkItjrCDHtPejwe5mBswqXhHn9BLUszkauZTyzMuPx-nWsTaTYhB39ja0Cr1z7ic3M80Tc1-MmlD4lKHmbze8F-TbxmENTQZ2mBCK63wWvdM%2C.ofSxkT4W4LnGF84UkIL3MMEVz5E%2C
date
Sat, 28 Dec 2024 05:58:17 GMT
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.BVhTGiuHCO14UDhV6InpGbsE_Bch9MfY5tsaPaFAYVt-2z9CudYPLptLChsBup0j.h4uFUxPfZf8JNMvHqqxI5ylZxes%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10608.OyolnJj03qVU1raxl4_yRvhB_Gdxc1Nahas3IpC8Fy6SOHQ506Xt02fPXIwfGjDtxTlfHPCTEIp1W03xdLO8ledIh-bkdz727lEGYaqDjL-LAHveH5kOWtYPgD_XThBAJD3GHqDy_I...
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10608.OyolnJj03qVU1raxl4_yRvhB_Gdxc1Nahas3IpC8Fy6SOHQ506Xt02fPXIwfGjDtxTlfHPCTEIp1W03xdLO8ledIh-bkdz727lEGYaqDjL-LAHveH5kOWtYPgD_XThBAJD3GHqDy_IfR7XQhrPYPB2Wgbv6c5VVIjK45tAmungpQWx0igZurlgG0vdpHCxHAjVtMMrU5UpAKdWG0VV8RNYMocgUsh2gRdyNGyE4ORJM%2C.KofSseIU68b6sSlN13yezM4G_W4%2C
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10608.OyolnJj03qVU1raxl4_yRvhB_Gdxc1Nahas3IpC8Fy6SOHQ506Xt02fPXIwfGjDtxTlfHPCTEIp1W03xdLO8ledIh-bkdz727lEGYaqDjL-LAHveH5kOWtYPgD_XThBAJD3GHqDy_IfR7XQhrPYPB2Wgbv6c5VVIjK45tAmungpQWx0igZurlgG0vdpHCxHAjVtMMrU5UpAKdWG0VV8RNYMocgUsh2gRdyNGyE4ORJM%2C.KofSseIU68b6sSlN13yezM4G_W4%2C
date
Sat, 28 Dec 2024 05:58:16 GMT
x-xss-protection
1; mode=block
/
px.ads.linkedin.com/wa/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://your.adsterra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5F04BF60226349A68F24A63223EEC1A4 Ref B: FRAEDGE1318 Ref C: 2024-12-28T05:58:16Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYqTkP/vh30wovsXbl4qQ==
x-li-proto
http/2
access-control-allow-origin
https://your.adsterra.com
x-cache
CONFIG_NOCACHE
date
Sat, 28 Dec 2024 05:58:16 GMT
vary
Origin
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1316610292345001&ev=PageView&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&rl=https%3A%2F%2Fsitera.kendali.my.id%2F&if=false&ts=1735365496872&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=8222&ler=other&cdl=API_unavailable&it=1735365496512&coo=false&rqm=GET
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=5004, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1316610292345001&ev=PageView&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&rl=https%3A%2F%2Fsitera.kendali.my.id%2F&if=false&ts=1735365496872&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=8222&ler=other&cdl=API_unavailable&it=1735365496512&coo=false&rqm=FGET
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453338052341081380"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcad8fc282c3f5b01","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["7205483469540944"]},"debug_reporting":true,"debug_key":"375063903849806549"}
date
Sat, 28 Dec 2024 05:58:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
gDYfb3uw+JqgG1ncwMwoYYuqOxCN1yRiupP634pfsqxNexJNiv1qptyGwEaCklKEVIORTKnnpkvOO/mvX/vAvw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453338052341081380", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5212, tp=18, tpl=0, uplat=42, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
act
analytics.tiktok.com/api/v2/pixel/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-15.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://your.adsterra.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Sat, 28 Dec 2024 05:58:17 GMT
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=4, origin; dur=109
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Sat, 28 Dec 2024 05:58:17 GMT
x-akamai-request-id
f3f28863
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c6bafc9978dea7650cc282a61b553c3faf86406b7931f5aec7791ce650583e539718ab0113cc65350ce2cfa705c4bd850ddd94a770476f8dcf0463544077355cce8ecb5d03ddbf72627b2aff171d941fa50525a636e644ad533f5ec19827048d
x-origin-response-time
109,2.20.179.90
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241228055817207ED09859CCB8C43BDE-707B8FEE1256F1DA-00
content-length
0
x-tt-logid
20241228055817207ED09859CCB8C43BDE
server
nginx
collect
pagead2.googlesyndication.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dr=sitera.kendali.my.id&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2&scrsrc=www.googletagmanager.com&frm=0&rnd=764483720.1735365497&navt=n&npa=1&us_privacy=1YNY&gtm=45He4cc1v77801562za200&gcs=G111&gcd=13t3t3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735365497071&tfd=1324&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers
collect
track.segmentstream.com/ga4/430d1d55-545a-41a7-aabe-8642f78a0c36/g/ 		0
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.segmentstream.com/ga4/430d1d55-545a-41a7-aabe-8642f78a0c36/g/collect?v=2&tid=G-ZK3VGW18DE&gtm=45je4cc1v868952120z877801562za200zb77801562&_p=1735365496279&gcs=G111&gcd=13t3tPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMWZhNz&cid=1051090467.1735365497&ecid=836474218&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.rnd=764483720.1735365497&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.us_privacy=1YNY&sst.tft=1735365496279&sst.ude=0&_s=1&sid=1735365496&sct=1&seg=0&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&dr=https%3A%2F%2Fsitera.kendali.my.id%2F&dt=Error&en=page_view&_fv=1&_nsi=1&_ss=1&ep.client_id_ga4=&up.client_id_ga4=&tfd=1337&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZK3VGW18DE&l=dataLayer&cx=c&gtm=45He4cc1v77801562za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
cf-ray
8f8f5154fa301c38-FRA
expires
Sat, 28 Dec 2024 05:58:17 GMT
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:17 GMT
last-modified
Sat, 28 Dec 2024 05:58:17 GMT
server
cloudflare
access-control-allow-headers
Origin, Content-Type
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame F73F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fyour.adsterra.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHZTHN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
120815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Dec 2024 20:24:42 GMT
expires
Fri, 26 Dec 2025 20:24:42 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1.gif
imgsct.cookiebot.com/ 		35 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=670abb34-c3ad-479d-a8d0-6543e4a3cd88
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-goog-metageneration
1
Access-Control-Expose-Headers
*
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
35
Date
Sat, 28 Dec 2024 05:58:17 GMT
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Content-Type
image/gif
X-GUploader-UploadID
AFiumC4Gj2Q2qg2ztRY87BZCOscSCvrZTrNLxuxlAI9pmEtPlCVM8fh888Y1uweBfAETHjfeszn5
Cache-Control
public,max-age=1800
x-goog-storage-class
STANDARD
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1698061172769999
Content-Length
35
Server
UploadServer
t4k.json
an.adsterra.com/band/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://an.adsterra.com/band/t4k.json?dig=8064828073165762&td_trans=b
Requested by
Host: an.adsterra.com
URL: https://an.adsterra.com/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.243.61.239 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://your.adsterra.com/

Response headers
faviconV2.ico
static.tildacdn.one/tild3538-3265-4035-b931-666563633166/ 		193 KB
194 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/tild3538-3265-4035-b931-666563633166/faviconV2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
bdbf29108c9dbc0efe7db9d077c85d40d1a87ecc990cf3fc60dbb14ff6212a6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

x-container-storage-policy-index
0
cache
HIT
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control
etag
"bb05022a6d48e4132d972d01690eb8f0"
age
4376323
traceparent
00-ea5e0910b9b07144682a84196f35f57c-7bd121417f63c567-01
expires
Sun, 08 Sep 2024 14:15:13 GMT
x-trans-id
170743d71c46d759
x-id-shield
am3-hw-edge-gc89
date
Sat, 28 Dec 2024 05:58:17 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 01 Aug 2022 15:59:39 GMT
x-container-storage-policy-name
Policy-0
cache-control
max-age=5184000
tserver
8
x-id
fr5-hw-edge-gc52
x-id-fe
fr5-hw-edge-gc28
x-timestamp
1659369578.88217
accept-ranges
bytes
access-control-allow-origin
*
content-length
197543
x-cached-since
2024-11-07T14:47:02+00:00
server
nginx
collect
track.segmentstream.com/ga4/430d1d55-545a-41a7-aabe-8642f78a0c36/g/ 		0
39 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.segmentstream.com/ga4/430d1d55-545a-41a7-aabe-8642f78a0c36/g/collect?v=2&tid=G-ZK3VGW18DE&gtm=45je4cc1v868952120za200zb77801562&_p=1735365496279&gcs=G111&gcd=13t3tPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMWZhNz&cid=1051090467.1735365497&ecid=836474218&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sst.rnd=764483720.1735365497&sst.etld=google.de&sst.gcsub=region1&sst.adr=1&sst.us_privacy=1YNY&sst.tft=1735365496279&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&sid=1735365496&sct=1&seg=0&dl=https%3A%2F%2Fyour.adsterra.com%2Fs5e0amv2%3Fkey%3Dadecc28f609e96d03bd06c22bccbba95%3Furl%3Dfalse&dr=https%3A%2F%2Fsitera.kendali.my.id%2F&dt=Error&en=scroll&ep.client_id_ga4=&epn.percent_scrolled=90&_et=1&tfd=1841&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZK3VGW18DE&l=dataLayer&cx=c&gtm=45He4cc1v77801562za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
cf-ray
8f8f5157fb8e1c38-FRA
expires
Sat, 28 Dec 2024 05:58:17 GMT
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:17 GMT
last-modified
Sat, 28 Dec 2024 05:58:17 GMT
server
cloudflare
access-control-allow-headers
Origin, Content-Type
tilda-stat-1.0.min.js
static.tildacdn.one/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.one/js/tilda-stat-1.0.min.js
Requested by
Host: your.adsterra.com
URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
1a802851f4225786d1056eaf8dee79704de9ae4fbba071b490821bdfcd49f2b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"6769451c-255a"
age
410796
traceparent
00-e96f1bbb8be95af9e74f47da51ad8f8f-96a045dd295b3b48-01
x-id-shield
am3-hw-edge-gc93
date
Sat, 28 Dec 2024 05:58:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 23 Dec 2024 11:10:20 GMT
tserver
sbkeOqZ3
x-id
fr5-hw-edge-gc58
x-id-fe
fr5-hw-edge-gc28
access-control-allow-origin
*
x-cached-since
2024-12-23T11:57:19+00:00
server
nginx
tilda-performance-1.0.min.js
static.tildacdn.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tildacdn.com/js/tilda-performance-1.0.min.js
Requested by
Host: static.tildacdn.one
URL: https://static.tildacdn.one/js/tilda-stat-1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
15cb1cffa887ec74a9ae3dad3c5c539e2b24c0c2e8e66f82fa536406e0c95db1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://your.adsterra.com/

Response headers

cache
HIT
content-encoding
br
etag
W/"638d944e-cf0"
age
4392874
traceparent
00-7643cf4b3b2a5b8189b00b66a55bd845-385a626c4be43021-01
x-id-shield
am3-hw-edge-gc88
date
Sat, 28 Dec 2024 05:58:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 05 Dec 2022 06:48:46 GMT
tserver
13
x-id
fr5-hw-edge-gc35
x-id-fe
fr5-hw-edge-gc56
access-control-allow-origin
*
x-cached-since
2024-11-07T13:52:47+00:00
server
nginx
/
stat.tildacdn.com/event/ 		16 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.tildacdn.com/event/
Requested by
Host: static.tildacdn.one
URL: https://static.tildacdn.one/js/tilda-stat-1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.3.17.197 , Russian Federation, ASN210753 (tildapublishing-ru-1 Tilda Publishing LLC, RU),
Reverse DNS
197-17.addr.tildacdn.net
Software
/
Resource Hash
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://your.adsterra.com/

Response headers

x-tilda-server
9
access-control-allow-origin
https://your.adsterra.com
date
Sat, 28 Dec 2024 05:58:19 GMT
content-type
application/json;charset=utf-8

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| t_onReady function| t_onFuncLoad function| t_throttle function| t396_initialScale function| t396_scaleInitial__getElementsToScale function| t396_getFieldValue function| $ function| jQuery function| rstat4 object| dataLayer function| checkSize_533078685 string| mainTracker function| t_addClass function| t_removeClass function| t_removeEl function| t_outerWidth function| t_checkIsEditMode function| t_checkEditorIsReady function| t_scrollBarWidthCompensator__setObject function| t_scrollBarWidthCompensator__init function| t_scrollBarWidthCompensator__cancel function| t_triggerEvent function| t_loadJsFile function| t_loadCSSFile string| browserLang string| tildaBrowserLang number| winWidth number| winHeight function| t396_scaleBlock function| t396_scale__getElementsToScale function| t396_scale__updateArtboardState function| t396_scale__wrapElement function| t396_scale__processBackdropFilter function| t396_scale__processBackgroundForShape function| t396_scale__getElementType object| Tilda function| t396_init function| t396_isOnlyScalableBrowser function| t396__initOnlyScalable function| t396__setGlobalScaleVariables function| t396__processTopShift function| t396_doResize function| t396__processAbsoluteArtBoard function| t396_detectResolution function| t396_initTNobj function| t396_setScreensTNobj function| t396__getAxisXPadding function| t396_updateTNobj function| t396_waitForFinalEvent function| t396_switchResolution function| t396_artboard_build function| t396_ab__renderView function| t396__getCurrentScaleFactor function| t396__setScaleFactorForElements function| t396_addText function| t396_addImage function| t396_addShape function| t396_processElemTransform function| t396_changeFilterOnSafari function| t396__checkContainBackdropFilter function| t396__processBackdropFilterOnImage function| t396__updateBackdropFilterOnImage function| t396_waitForUploadImg function| t396_addButton function| t396_addVideo function| t396_addHtml function| t396_addTooltip function| t396_addForm function| t396_addGallery function| t396_addVector function| t396_elem__getFieldValue function| t396_elem__renderView function| t396_group__renderView function| t396_elem__renderViewOneField function| t396_elem__convertPosition__Local__toAbsolute function| t396_elem_findFirstLevelParentGroup function| t396_elem_fixFontSize function| t396_elem_fixLineHeight function| t396_elem__getCorrectStylesForSafari function| t396_ab__getFieldValue function| t396_ab__renderViewOneField function| t396_group__getFieldValue function| t396_allgroups__renderView function| t396_allgroups__renderViewAutolayout function| t396_allelems__renderView function| t396_allelems__fixLineHeight function| t396_ab__getHeight function| t396_elem__getWidth function| t396_elem__getHeight function| t396_roundFloat function| t396_removeElementFromDOM function| t396_getEl function| t396_isBlockVisible function| t_lazyload__init function| t_lazyload_update function| t_lazyload__onWindowResize function| t_lazyload__detectwebp function| t_lazyLoad__appendImgStatToArr function| t_lazyload__ping function| t_lazyload__getThumbDomainName function| LazyLoad string| lazy function| t_lazyload_updateResize_elem object| t_loadImgStats number| t_lazyload_domloaded string| lazy_webp function| t_fallback__init function| t_fallback__initTags function| t_fallback__reloadSRC function| t_fallback__handleTimeout function| t_fallback__loadAdvancedJS object| tn number| tn_window_width number| tn_scale_factor object| lazyload_cover object| google_tag_manager object| google_tag_data function| qp string| qpGtm string| _linkedin_data_partner_id function| rdt function| onYouTubeIframeAPIReady function| fbq function| _fbq function| ym object| amplitude function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq number| sessionDurationThreshold function| gtm_getCookie function| redditNormalizeEmail object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| qevents function| lintrk boolean| _already_called_lintrk object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent function| gtag object| Ya object| yaCounter49659877 object| _svc object| _svd function| UET function| UET_init function| UET_push object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| ueto_e3c1e5825d object| uetq string| cookiedomainwarning object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| lazyload_img object| lazyload_bgimg object| lazyload_iframe function| clearImmediate function| setImmediate object| ORIBILI object| gaGlobal function| tildastat function| t_performance__createMetric function| t_performance__hasCustomCode function| t_performance__createPerformanceObserver function| t_performance__sendStat function| t_performance__getMetrics function| t_performance__sendMetric function| t_performance__onLoad object| t_performance__metrics boolean| tildastatload

49 Cookies

Domain/Path Name / Value
.adsterra.com/ Name: __ddg8_
Value: 8xyG1MD3eeOp5cud
.adsterra.com/ Name: __ddg9_
Value: 81.95.5.40
.adsterra.com/ Name: __ddg10_
Value: 1735365496
.adsterra.com/ Name: __ddg1_
Value: SZ6bMeb5wiHWSE8uVld3
your.adsterra.com/ Name: gtm_session_start
Value: 1735365496451
.adsterra.com/ Name: _rdt_uuid
Value: 1735365496497.cd4b7266-3346-40ab-9174-e74b38325ac5
.adsterra.com/ Name: amplitude_id_4b551417d0139148909c592059707237adsterra.com
Value: eyJkZXZpY2VJZCI6IjI1YzFkODBhLWZlYjQtNDMyNi04NGEzLWY3ZjcwYzEyZTYwOFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTczNTM2NTQ5NjUyMiwibGFzdEV2ZW50VGltZSI6MTczNTM2NTQ5NjUyMSwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjF9
.youtube.com/ Name: YSC
Value: ioeH_rm37j8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: kdoeS_RzbbU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgMA%3D%3D
.adsterra.com/ Name: _ym_uid
Value: 1735365497301136543
.adsterra.com/ Name: _ym_d
Value: 1735365497
.adsterra.com/ Name: _hjSessionUser_1943848
Value: eyJpZCI6ImZjODFjODc0LTFkMGItNThiZC1hYjFmLWQxODNlZTZiNjg2ZCIsImNyZWF0ZWQiOjE3MzUzNjU0OTY2MTYsImV4aXN0aW5nIjpmYWxzZX0=
.adsterra.com/ Name: _hjSession_1943848
Value: eyJpZCI6ImVlN2M5MGI2LWZhZWMtNDJhMy1hMWZmLWQwNWU5OGFiMmFkOSIsImMiOjE3MzUzNjU0OTY2MTYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.linkedin.com/ Name: bcookie
Value: "v=2&7a5132c1-5182-4d54-84c7-dcb46826b357"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzUzNjU0OTY7MjswMjEAh9yuGwVkFMjTOEE4C+PorXay/L53ovOmEL9kY6EEgg==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3521:u=1:x=1:i=1735365496:t=1735451896:v=2:sig=AQFLr4KFjf3cY1z_QUtkacMOsjSkerls"
.tiktok.com/ Name: _ttp
Value: 2qphbd4fpmJ8Edjpv17h9fpxtdJ
.adsterra.com/ Name: _fbp
Value: fb.1.1735365496740.944960655819570553
.yandex.ru/ Name: ymex
Value: 1766901496.yrts.1735365496#1766901496.yrtsi.1735365496
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.adsterra.com/ Name: _tt_enable_cookie
Value: 1
.adsterra.com/ Name: _ttp
Value: eWPiGjl6q2_vyinRmREwwWOThgi.tt.1
mc.yandex.ru/ Name: yabs-sid
Value: 524761201735365496
.yandex.ru/ Name: yuidss
Value: 4058610811735365496
.adsterra.com/ Name: _ym_isad
Value: 2
.adsterra.com/ Name: uid
Value: 7278650444132519936
.yandex.ru/ Name: bh
Value: KgI/MGD4pr67Bg==
.adsterra.com/ Name: rst4-uid
Value: 7278650444132519936
.adsterra.com/ Name: _ym_visorc
Value: b
.yandex.ru/ Name: i
Value: SpKQp5nzl5GwPhgRNane5E84p6nmvQpA2/94QY2Rmz74f9+xXkWhYFf2JOt0q21/nt1lFs5D5A8Dx1SQOpQMpGY455I=
.yandex.ru/ Name: yandexuid
Value: 877816321735365496
.yandex.ru/ Name: yashr
Value: 3823582701735365496
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 838227067fake
.yandex.com/ Name: yandexuid
Value: 877816321735365496
.yandex.com/ Name: yuidss
Value: 877816321735365496
.yandex.com/ Name: i
Value: SpKQp5nzl5GwPhgRNane5E84p6nmvQpA2/94QY2Rmz74f9+xXkWhYFf2JOt0q21/nt1lFs5D5A8Dx1SQOpQMpGY455I=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 3083355401fake
.adsterra.com/ Name: _ga
Value: GA1.1.1051090467.1735365497
.adsterra.com/ Name: _ga_ZK3VGW18DE
Value: GS1.1.1735365496.1.0.1735365496.0.0.836474218
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4258151623fake
.webvisor.org/ Name: yandexuid
Value: 877816321735365496
.webvisor.org/ Name: yuidss
Value: 877816321735365496
.webvisor.org/ Name: i
Value: SpKQp5nzl5GwPhgRNane5E84p6nmvQpA2/94QY2Rmz74f9+xXkWhYFf2JOt0q21/nt1lFs5D5A8Dx1SQOpQMpGY455I=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
your.adsterra.com/ Name: tildauid
Value: 1735365498298.524327
your.adsterra.com/ Name: tildasid
Value: 1735365498298.586679
your.adsterra.com/ Name: previousUrl
Value: your.adsterra.com%2Fs5e0amv2

1 Console Messages

Source Level URL
Text
network error URL: https://your.adsterra.com/s5e0amv2?key=adecc28f609e96d03bd06c22bccbba95?url=false
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
alb.reddit.com
an.adsterra.com
analytics.tiktok.com
api.amplitude.com
bat.bing.com
bat.bing.net
cdn.amplitude.com
cdn.jsdelivr.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
imgsct.cookiebot.com
laserharasslined.com
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
neo.tildacdn.com
optim.tildacdn.one
pagead2.googlesyndication.com
pixel-config.reddit.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
script.hotjar.com
sitera.kendali.my.id
snap.licdn.com
stat.tildacdn.com
static.hotjar.com
static.tildacdn.com
static.tildacdn.one
survey.survicate.com
track.segmentstream.com
www.facebook.com
www.googletagmanager.com
www.redditstatic.com
www.youtube.com
your.adsterra.com
13.107.42.14
13.33.187.19
142.250.184.226
151.101.1.140
151.101.65.140
157.240.0.35
157.240.253.1
162.159.153.247
172.67.186.60
18.245.86.4
18.66.102.51
185.215.4.66
192.243.59.12
192.243.61.239
193.3.17.197
2.18.64.15
216.58.206.67
2400:52e0:1e00::1082:1
2606:4700:10::ac43:3b8
2606:4700::6812:bb1f
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:830::200a
2a02:26f0:3500:18::1724:a29a
2a02:26f0:3500:2b::17cf:d253
2a02:26f0:3500:886::f09
2a02:6b8::1:119
2a03:90c0:41:2801::62
2a04:4e42:600::396
5.181.161.181
52.42.84.19
0562d21ad1cbd1ab7b5966a011e27eb20b60eb08a1d4b6abe9cdf57547917b66
0b5f664c528f466606c93195975f671fc46c3a9c10fee54426c2cd1cf89b1fec
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
15cb1cffa887ec74a9ae3dad3c5c539e2b24c0c2e8e66f82fa536406e0c95db1
1a802851f4225786d1056eaf8dee79704de9ae4fbba071b490821bdfcd49f2b5
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
1f098e7db17195c7464faad493d96cc3b267081f18141ee18ddc60bd4e83ebb2
20b8ade35fd4024dfd20a5f9efa48dd38124ca97fa0c2fa9ef0598ffe9f2f0a3
23ea8f53c9077bb213e64613f87673375cb14ab5797917339a66ba4327553f90
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2ad32774421f1ec5b4d110973d4969be5fa6f73f29ef8590567128a2bbb30dc7
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
36ece1053eae9ea99922317ecd344665310d69e96916c7c0d7f5eba6f1b25b1d
39d5774e35f5214dd8567d4d6774865350b9600504cceb8b8f8bb5c3b9fffeea
3cfe7b9774eb6a3a105fb8e94afaed289d2be963d8f94ba72ae1d01a4bea2508
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47507bfd83c76cd440032efe538d1f82eaae31fe6e43415639d0c094dbd8a056
4b120b6b3599f29ef81cbdfba38ab6e96a5ce7564d2255ba6d060f87d963c020
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e81c364da2cf5172aa095f02558ee2f440585d21cbe8d6746a0e473c0c8e2c
5f7fc05ceacd961e2749f2867268e4b54c1d4f14834d75e275ef5a7c015beb48
5fcfed3a6757a60797f4f8080e97a080874c2159981d8cc336003e658342a5cf
656c38cd5a21e0ef9f4578b8d93dc32d527594a71b18dc00678c7e68cb6335d8
68de40611264822b9a752f4e79adc4eea3d1e2bd168a93c888c1789225b08a8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be1c29bcac32db1eb32d1a4d29c592e5603f0f262312af1cda3f2ac51a78d50
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
7980bf9b32523e5e8970f4d05476b22016b0f0e65432dfe726292602df36ce4c
7d1f682a383e6c87bb09c6754f1275127393e740f886c96ac35a070cdc3e2fcf
7d715b21fc3e061d3893ceca913bba16792a1ea752379ef3a8fdb369b5082e62
7e844f4812e9d7c095ceb78f288b74f09a542ed1d1ffafb2310b0c6bbd1e65d5
8a138052c1da7662a297986ace64ce85e0403f6ac2809bd2dd30dc31189b86f4
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9a0d6b6b0ff41ddb4f57ffde273fb9149aa39f967399d32042216807b62bb270
9e91fcb2a40686b43b1e9fd8c786557de931da71fddc5d5112bf68b76f874fca
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a3b9afdd92edf30d72dd52262c76b75781740b1cb885772194a47529eb1052df
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af8d10fe6f00f3db27f21ce2541e08aab7e76911a2a1ab161571ecc2b1bd873d
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bdbf29108c9dbc0efe7db9d077c85d40d1a87ecc990cf3fc60dbb14ff6212a6c
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28eafcc73b9c461f0ff0b8dc6c8765e0f21732b177acc75154ed0722f038ce6
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fb84a984230eacacda8e4603d0aa26c0ee49c564dbb4ace9b02996a0065785c8