www.detik.com Open in urlscan Pro
203.190.242.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hanover67alive2.shop/eb76mry2395F86Hh12J71avV9Rb72R25w6brrbI_hb4fDwIZhsFDhEGsi7JQyoKQ95Q1nI06A@T@sv/sponges-puffs
Effective URL:
https://www.detik.com/
Submission Tags: falconsandbox
Submission: On November 30 via api (November 30th 2021, 1:05:57 am UTC) from US — Scanned from DE

Summary HTTP 453 Redirects Links 125 Behaviour Indicators

Summary

This website contacted 77 IPs in 12 countries across 58 domains to perform 453 HTTP transactions. The main IP is 203.190.242.211, located in Jakarta, Indonesia and belongs to DETIK-AS-ID PT. Detik Ini JUga, ID. The main domain is www.detik.com.
TLS certificate: Issued by Thawte RSA CA 2018 on November 14th 2020. Valid for: a year.

This is the only time www.detik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:948	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	103.49.221.211 103.49.221.211	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
8	203.190.242.211 203.190.242.211	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
58	203.190.242.172 203.190.242.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
16	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1800:3:74e5:6700:93a1	16509 (AMAZON-02) (AMAZON-02)
25	203.190.242.102 203.190.242.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
3	103.49.221.99 103.49.221.99	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4 8	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2606:4700:20:... 2606:4700:20::681a:f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.149.209.250 34.149.209.250	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	103.49.221.244 103.49.221.244	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
2	103.49.221.132 103.49.221.132	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	2606:4700:20:... 2606:4700:20::ac43:471f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1	44.241.169.29 44.241.169.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
12	103.136.220.204 103.136.220.204	138699 (TIKTOK-AS...) (TIKTOK-AS-AP TIKTOK PTE. LTD.)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	35.241.10.124 35.241.10.124	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
5 25	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1 6	52.215.102.174 52.215.102.174	16509 (AMAZON-02) (AMAZON-02)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
4	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
34	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
27	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
19	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
4	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	18.169.85.185 18.169.85.185	16509 (AMAZON-02) (AMAZON-02)
3	185.170.60.228 185.170.60.228	27381 (CASALE-MEDIA) (CASALE-MEDIA)
13	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
8	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
4 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2600:9000:215... 2600:9000:2156:a000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	18.185.142.87 18.185.142.87	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	46.105.199.182 46.105.199.182	16276 (OVH) (OVH)
1	46.105.198.150 46.105.198.150	16276 (OVH) (OVH)
453	77

1 2606:4700:3032::6815:948 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hanover67alive2.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.49.221.211 (South Tangerang, Indonesia) 1 redirects

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s211-cast-211-221-49-103.detik.com

detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 203.190.242.211 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-211-242.190.203.detik.com

www.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 203.190.242.172 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com

awscdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1800:3:74e5:6700:93a1 (United States)

ASN16509 (AMAZON-02, US)

awscdnstatic.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 203.190.242.102 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com

awsimages.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.49.221.99 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-99-221-49-103.detik.com

cdnv.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:f8e (United States)

ASN13335 (CLOUDFLARENET, US)

datawrapper.dwcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dwcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.adsolut.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.209.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.209.149.34.bc.googleusercontent.com

kayumanis.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

sf16-scmcdn-sg.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.49.221.244 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-244-221-49-103.detik.com

newrevive.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.49.221.132 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-132-221-49-103.detik.com

tv.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:471f (United States)

ASN13335 (CLOUDFLARENET, US)

stats.datawrapper.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.169.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-169-29.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 103.136.220.204 (Singapore, Singapore)

ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG)

mcs.tobsnssdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.10.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.10.241.35.bc.googleusercontent.com

analytic.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.184.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.215.102.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.10 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.169.85.185 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.170.60.228 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a2197.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.142.87 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.184 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.199.182 (France) 1 redirects

ASN16276 (OVH, FR)

mediaintelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.198.150 (France)

ASN16276 (OVH, FR)

data.mediaintelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	detik.net.id awscdn.detik.net.id awscdnstatic.detik.net.id awsimages.detik.net.id cdn.detik.net.id akcdn.detik.net.id	1 MB
54	adform.net c1.adform.net track.adform.net s1.adform.net	588 KB
44	doubleclick.net 5 redirects securepubads.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	176 KB
38	googlesyndication.com 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	191 KB
30	moatads.com z.moatads.com geo.moatads.com px.moatads.com	317 KB
29	rubiconproject.com 4 redirects s.update.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	102 KB
24	detik.com 1 redirects detik.com www.detik.com cdnv.detik.com kayumanis.detik.com newrevive.detik.com tv.detik.com analytic.detik.com	289 KB
17	google.com fundingchoicesmessages.google.com analytics.google.com www.google.com adservice.google.com	67 KB
16	criteo.com 4 redirects gum.criteo.com mug.criteo.com	5 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	73 KB
12	tobsnssdk.com mcs.tobsnssdk.com	5 KB
11	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com a2197.casalemedia.com	13 KB
11	dwcdn.net datawrapper.dwcdn.net static.dwcdn.net	184 KB
8	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com Failed t.pubmatic.com	491 KB
7	googletagservices.com www.googletagservices.com	255 KB
6	yahoo.com 4 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	3 KB
6	crwdcntrl.net 1 redirects bcp.crwdcntrl.net id.crwdcntrl.net	2 KB
6	adsrvr.org 1 redirects match.adsrvr.org	3 KB
5	rlcdn.com api.rlcdn.com id.rlcdn.com	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	id5-sync.com id5-sync.com	2 KB
3	mediaintelligence.de 1 redirects mediaintelligence.de data.mediaintelligence.de	103 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	de17a.com 3 redirects d5p.de17a.com	1 KB
3	facebook.com www.facebook.com	414 B
3	google.de www.google.de adservice.google.de	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google-analytics.com www.google-analytics.com	54 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net	2 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	878 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	rfihub.com 1 redirects p.rfihub.com a.rfihub.com	2 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	facebook.net connect.facebook.net	114 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googletagmanager.com www.googletagmanager.com	119 KB
1	quantserve.com cms.quantserve.com	463 B
1	2mdn.net s0.2mdn.net	577 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	openx.net rtb.openx.net	350 B
1	smaato.net 1 redirects s.ad.smaato.net	441 B
1	blismedia.com tr.blismedia.com	141 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	datawrapper.de stats.datawrapper.de	510 B
1	ibytedtos.com sf16-scmcdn-sg.ibytedtos.com	24 KB
1	adsolut.in cpm.adsolut.in	260 B
1	creativecdn.com prebid-asia.creativecdn.com	175 B
1	teads.tv a.teads.tv	247 B
1	eyeota.net ps.eyeota.net	344 B
1	gstatic.com www.gstatic.com	97 KB
1	hanover67alive2.shop 1 redirects www.hanover67alive2.shop	739 B
0	netmng.com Failed google2waycm.netmng.com Failed
453	58

	Domain	Requested by
56	awscdn.detik.net.id	www.detik.com awscdn.detik.net.id
34	track.adform.net	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com ads.pubmatic.com s1.adform.net
25	cm.g.doubleclick.net	5 redirects 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
24	px.moatads.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
24	awsimages.detik.net.id	www.detik.com
19	s1.adform.net	track.adform.net s1.adform.net 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	www.detik.com securepubads.g.doubleclick.net 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com www.googletagservices.com
13	s.update.rubiconproject.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com s.update.rubiconproject.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com www.googletagservices.com
12	mcs.tobsnssdk.com	sf16-scmcdn-sg.ibytedtos.com
12	fundingchoicesmessages.google.com	www.detik.com
10	datawrapper.dwcdn.net	www.detik.com datawrapper.dwcdn.net
8	eus.rubiconproject.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com eus.rubiconproject.com
8	ad4m.at	s1.adform.net ad4m.at
8	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	newrevive.detik.com	www.detik.com newrevive.detik.com
8	mug.criteo.com	www.detik.com 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
8	gum.criteo.com	4 redirects
8	www.detik.com	awscdn.detik.net.id
7	www.googletagservices.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
6	match.adsrvr.org	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
4	as.ad4m.at	ad4m.at as.ad4m.at
4	t.pubmatic.com	ads.pubmatic.com
4	id.crwdcntrl.net	ads.pubmatic.com
4	api.rlcdn.com	ads.pubmatic.com
4	id5-sync.com	ads.pubmatic.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ads.pubmatic.com	www.detik.com 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
3	pixel.rubiconproject.com
3	ups.analytics.yahoo.com	3 redirects
3	sync.mathtag.com	3 redirects
3	d5p.de17a.com	3 redirects
3	a2197.casalemedia.com	ads.pubmatic.com
3	geo.moatads.com	z.moatads.com
3	z.moatads.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	www.google.com	www.detik.com tpc.googlesyndication.com 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
3	www.facebook.com	www.detik.com
3	sb.scorecardresearch.com	1 redirects www.detik.com
3	www.google-analytics.com	www.googletagmanager.com www.detik.com www.google-analytics.com
3	cdnv.detik.com	www.detik.com
2	mediaintelligence.de	1 redirects as.ad4m.at
2	tracking.m6r.eu	2 redirects
2	ap.lijit.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects
2	x.bidswitch.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	www.google.de	www.detik.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	tv.detik.com	awscdn.detik.net.id
2	cdn.detik.net.id	www.detik.com awscdn.detik.net.id
2	pubads.g.doubleclick.net	www.detik.com
2	connect.facebook.net	www.detik.com connect.facebook.net
2	www.googletagmanager.com	www.detik.com www.googletagmanager.com
1	data.mediaintelligence.de	as.ad4m.at
1	assets.ad4m.at	as.ad4m.at
1	ads.yahoo.com
1	id.rlcdn.com
1	cms.quantserve.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
1	s0.2mdn.net	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	rtb.openx.net	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
1	a.rfihub.com
1	p.rfihub.com	1 redirects
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pixel-sync.sitescout.com	1 redirects
1	c1.adform.net	ssum-sec.casalemedia.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	analytic.detik.com	www.detik.com
1	akcdn.detik.net.id	www.detik.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.detik.com
1	certify.alexametrics.com	www.detik.com
1	stats.datawrapper.de	www.detik.com
1	sf16-scmcdn-sg.ibytedtos.com	www.googletagmanager.com
1	static.hotjar.com	www.detik.com
1	certify-js.alexametrics.com	www.detik.com
1	kayumanis.detik.com	awscdn.detik.net.id
1	static.dwcdn.net	datawrapper.dwcdn.net
1	htlb.casalemedia.com	ads.pubmatic.com
1	cpm.adsolut.in	ads.pubmatic.com
1	prebid-asia.creativecdn.com	ads.pubmatic.com
1	a.teads.tv	ads.pubmatic.com
1	ps.eyeota.net	awscdnstatic.detik.net.id
1	www.gstatic.com	www.detik.com
1	awscdnstatic.detik.net.id	www.detik.com
1	detik.com	1 redirects
1	www.hanover67alive2.shop	1 redirects
0	google2waycm.netmng.com Failed	5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
0	hbopenbid.pubmatic.com Failed	ads.pubmatic.com
453	105

This site contains links to these domains. Also see Links.

Domain
news.detik.com
20.detik.com
finance.detik.com
inet.detik.com
hot.detik.com
sport.detik.com
oto.detik.com
travel.detik.com
food.detik.com
health.detik.com
wolipop.detik.com
foto.detik.com
pasangmata.detik.com
adsmart.detik.com
forum.detik.com
event.detik.com
poin.detikshop.com
www.transsnowworld.com
www.transstudiocibubur.com
www.transstudiobali.com
www.berbuatbaik.id
www.cnnindonesia.com
www.cnbcindonesia.com
www.haibunda.com
www.insertlive.com
www.beautynesia.id
www.femaledaily.com
connect.detik.com
newrevive.detik.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.transstudiobandung.com
beautynesia.id
femaledaily.com

Subject Issuer	Validity	Valid
*.detik.com Thawte RSA CA 2018	`2020-11-14` - `2021-12-14`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2021-01-30` - `2022-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adsolut.in Sectigo RSA Domain Validation Secure Server CA	`2021-08-23` - `2022-09-23`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-08` - `2021-12-07`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.ibytedtos.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
datawrapper.de Cloudflare Inc ECC CA-3	`2021-07-25` - `2022-07-24`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.tobsnssdk.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-20` - `2022-09-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
update.rubiconproject.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
mediaintelligence.de R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh

This page contains 34 frames:

Primary Page: https://www.detik.com/
Frame ID: B637BB6FB483252EFCB5F8AEFB407A9A
Requests: 177 HTTP requests in this frame

Frame: https://datawrapper.dwcdn.net/7Yo1k/1744/
Frame ID: 68A4F95F76AC6A76AAE26F838E6B9348
Requests: 12 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: DC585AD55832990836807DB58AE005F6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 721A12ECEEA3F14AF1E60A70AAC87DEF
Requests: 1 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE624D1A5C466D4D089EF44A8E71641C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 74AFEE90CB0F48338F846A6DAB06CB37
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1EB56663C20453734C1D3CB344110314
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: F5D9EAB733EA0B9861BFF8CB326991F5
Requests: 1 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D795ACF6350D3626635E9AB754BD56B
Requests: 23 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 362E9FE0AACF44CD43FE5C47241F0B88
Requests: 27 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF78A7706368A70C3563F6D66809070F
Requests: 23 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E195270C84D29F60E68EC4836180F1B4
Requests: 23 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 364864A1D651F4EBF2AED278122C728B
Requests: 14 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3974CD2891EA0D2B8CCD32D0308197A
Requests: 15 HTTP requests in this frame

Frame: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E619ACB5F421A539327B1526D986B478
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 155E7C748091F4D39684DD772C94A1A4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EE39D5B84AA8CBC846ABB6925111274
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=48303088;rtbwp=YaV47AAAAABx7-tKfMyMqHSLHEYuMcauiDWc0w;rtbdata=bN-gJ_rN8wUW2NIAD54RP2DKL7gHfSTTsbSF2mpWC4mx0yQ2RWErNwIrfO7kDf_sC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N88f9Z3k3VnRO19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z3bc8C-4PfYpB4SKZKGrNxw2
Frame ID: B5269273315939BBE6F3BE7470263160
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=38516439;rtbwp=YaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg;rtbdata=aoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0
Frame ID: D8E4ADA4E5F39DDDEFDF1BB6CC0CE210
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=41599563;rtbwp=YaV47AAAAAAhkVxBYl-cEcBnpneqSiAURYRnZA;rtbdata=WH0HVrhA8QAQtAzCHtXcsa73XaBqS494_Xn3KGn88h-_gVt4ihSWVoru8NEKxVSfC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N84mvcVJTbZmQ19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z86uCOY1mK81B4SKZKGrNxw2
Frame ID: 8515CB72B6F5237446CE3B5D7505777D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 88AD89E0DB4E466D032A4EBB66B0BA4D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8644B29759B9F895F63E1AFF413C943
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 54412B21904AA398FB72158EFD5229BA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5333510A01239A047B7A14B350F43ECA
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 644CD4C565C6FC747188FB8BC66FE29B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 196B08E0432BA5DE89EF2429F2724D47
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 2D364071FE6D60E887F77E94157D7474
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C98596305499C11EA7451E04A875727D
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 168381D33028BDD1DB431D5B59CF6F91
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EE4F915996E7E05155C7A2F18516037E
Requests: 1 HTTP requests in this frame

Frame: blob://https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6
Frame ID: 31F36454BF02D9B08E87314F4E86D012
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=rFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU&g=9c2acb8b66e34aa5c838811efa287aef%2F4920212618127326735&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351554&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%3Bcrtbdata%3DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: A397F8F8C1EFDC99C72FC8B98FFC9A0A
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: C99712EC2CE9FAB62BEEB6C31C4093D5
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: B420D8FB15A6BDEC3B8EAFAAA62D3801
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

detikcom - Informasi Berita Terkini dan Terbaru Hari Ini

Page URL History Show full URLs

http://www.hanover67alive2.shop/eb76mry2395F86Hh12J71avV9Rb72R25w6brrbI_hb4fDwIZhsFDhEGsi7JQyoKQ95Q1nI06A@T@... HTTP 302
http://detik.com/ HTTP 301
https://www.detik.com/ Page URL

Page Statistics

453
Requests

90 %
HTTPS

34 %
IPv6

58
Domains

105
Subdomains

77
IPs

12
Countries

4402 kB
Transfer

10369 kB
Size

80
Cookies

125 Outgoing links

These are links going to different origins than the main page.

URL: https://news.detik.com/kolom/kirim?tag_from=framebar
Title: Kirim Tulisan

Search URL Search Domain Scan URL

URL: https://20.detik.com/live/?tag_from=framebar
Title: Live TV NEW

Search URL Search Domain Scan URL

URL: https://news.detik.com/?tag_from=framebar
Title: News

Search URL Search Domain Scan URL

URL: https://finance.detik.com/?tag_from=framebar
Title: Finance

Search URL Search Domain Scan URL

URL: https://inet.detik.com/?tag_from=framebar
Title: Teknologi

Search URL Search Domain Scan URL

URL: https://hot.detik.com/?tag_from=framebar
Title: Entertaiment

Search URL Search Domain Scan URL

URL: https://sport.detik.com/?tag_from=framebar
Title: Sport

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola?tag_from=framebar
Title: Sepakbola

Search URL Search Domain Scan URL

URL: https://oto.detik.com/?tag_from=framebar
Title: Otomotif

Search URL Search Domain Scan URL

URL: https://travel.detik.com/?tag_from=framebar
Title: Travel

Search URL Search Domain Scan URL

URL: https://food.detik.com/?tag_from=framebar
Title: Food

Search URL Search Domain Scan URL

URL: https://health.detik.com/?tag_from=framebar
Title: Health

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/?tag_from=framebar
Title: Wolipop

Search URL Search Domain Scan URL

URL: https://news.detik.com/x/?tag_from=framebar
Title: DetikX

Search URL Search Domain Scan URL

URL: https://20.detik.com/?tag_from=framebar
Title: 20Detik

Search URL Search Domain Scan URL

URL: https://foto.detik.com/?tag_from=framebar
Title: Foto

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/?tag_from=framebar
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/?tag_from=framebar
Title: Ads Smart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/?tag_from=framebar
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/?tag_from=framebar
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/?tag_from=framebar
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transsnowworld.com/
Title: Trans Snow World

Search URL Search Domain Scan URL

URL: https://www.transstudiocibubur.com/
Title: Trans Studio Cibubur

Search URL Search Domain Scan URL

URL: https://www.transstudiobali.com/
Title: Trans Studio Bali

Search URL Search Domain Scan URL

URL: https://www.berbuatbaik.id/?utm_source=detikcom&utm_medium=framebar&utm_campaign=layanan
Title: berbuatbaik.id

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/?tag_from=framebar
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/?tag_from=framebar
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.haibunda.com/?tag_from=framebar
Title: Hai Bunda

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/?tag_from=framebar
Title: InsertLive

Search URL Search Domain Scan URL

URL: https://www.beautynesia.id/?tag_from=framebar
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://www.femaledaily.com/?tag_from=framebar
Title: Female Daily

Search URL Search Domain Scan URL

URL: https://connect.detik.com/accounts/register?0%5BclientId%5D=64&0%5BredirectUrl%5D=https%3A%2F%2Fwww.detik.com%2F&ui=popup&parentURI=https://www.detik.com/
Title: Daftar detikID

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/authorize?clientId=64&redirectUrl=https%3A%2F%2Fwww.detik.com%2F&ui=popup&parentURI=https://www.detik.com/
Title: Masuk

Search URL Search Domain Scan URL

URL: https://news.detik.com/?tag_from=wp_firstnav_detikNews
Title: detikNews

Search URL Search Domain Scan URL

URL: https://finance.detik.com/?tag_from=wp_firstnav_detikFinance
Title: detikFinance

Search URL Search Domain Scan URL

URL: https://hot.detik.com/?tag_from=wp_firstnav_detikHot
Title: detikHot

Search URL Search Domain Scan URL

URL: https://inet.detik.com/?tag_from=wp_firstnav_detikInet
Title: detikInet

Search URL Search Domain Scan URL

URL: https://sport.detik.com/?tag_from=wp_firstnav_detikSport
Title: detikSport

Search URL Search Domain Scan URL

URL: https://oto.detik.com/?tag_from=wp_firstnav_detikOto
Title: detikOto

Search URL Search Domain Scan URL

URL: https://travel.detik.com/?tag_from=wp_firstnav_detikTravel
Title: detikTravel

Search URL Search Domain Scan URL

URL: https://food.detik.com/?tag_from=wp_firstnav_detikFood
Title: detikFood

Search URL Search Domain Scan URL

URL: https://health.detik.com/?tag_from=wp_firstnav_detikHealth
Title: detikHealth

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/?tag_from=wp_firstnav_Wolipop
Title: Wolipop

Search URL Search Domain Scan URL

URL: https://20.detik.com/?tag_from=wp_firstnav_20Detik
Title: 20Detik

Search URL Search Domain Scan URL

URL: https://20.detik.com/live?tag_from=wp_secnav_Live%20TV
Title: Live TV

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/?tag_from=wp_secnav_Adsmart
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://foto.detik.com/?tag_from=wp_secnav_Foto
Title: Foto

Search URL Search Domain Scan URL

URL: https://news.detik.com/x/?tag_from=wp_secnav_detikX
Title: detikX

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/?tag_from=wp_secnav_Sepakbola
Title: Sepakbola

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/?tag_from=wp_secnav_Pasangmata
Title: Pasangmata

Search URL Search Domain Scan URL

URL: https://www.berbuatbaik.id/?utm_source=detikcom&utm_medium=navbar&utm_campaign=navbar_desktop?tag_from=wp_secnav_berbuatbaik.id
Title: berbuatbaik.id

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833050/sama-sadisnya-begini-peran-pembantu-di-kasus-mutilasi-pria-di-bekasi?tag_from=wp_beritautama

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833049/oknum-prajurit-marinir-tni-al-bentrok-dengan-raider-tni-ad-diproses-hukum?tag_from=wp_beritautama

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/bola-dunia/d-5832975/disebut-ingin-saingi-messi-ronaldo-tuding-panitia-ballon-dor-pembohong?tag_from=wp_beritautama

Search URL Search Domain Scan URL

URL: https://oto.detik.com/mobil/d-5832752/terungkap-alasan-honda-duluan-upgrade-br-v-ketimbang-mobilio?tag_from=wp_beritautama

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/bola-dunia/d-5832982/lionel-messi-rebut-gelar-ballon-dor-2021?tag_from=wp_beritautama

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833063/jejak-perkara-nurdin-abdullah-hingga-divonis-5-tahun-penjara?tag_from=wp_hl_img

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833063/jejak-perkara-nurdin-abdullah-hingga-divonis-5-tahun-penjara?tag_from=wp_hl_judul
Title: Jejak Perkara Nurdin Abdullah hingga Divonis 5 Tahun Penjara

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833056/10-fakta-bentrok-brimob-vs-kopassus-di-papua-gegara-rokok?tag_from=wp_hl_terkait
Title: 10 Fakta Bentrok Brimob Vs Kopassus di Papua Gegara Rokok

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833040/menerka-maksud-fadli-zon-foto-dengan-puan-usai-hilang-di-dunia-maya?tag_from=wp_hl_terkait
Title: Menerka Maksud Fadli Zon Foto dengan Puan Usai Hilang di Dunia Maya

Search URL Search Domain Scan URL

URL: https://newrevive.detik.com/delivery/ck.php?oaparams=2__bannerid=174897__zoneid=626__cb=9f03a65ae9__oadest=https%3A%2F%2Fwww.detik.com%2Ftag%2Fameer-azzikra-meninggal%3Futm_source%3Dpbwp%26utm_medium%3Ddisplay%26utm_campaign%3Dpromokonten%26utm_term%3DhotAmeerAzzikraMD%26utm_content%3Ddetikhot

Search URL Search Domain Scan URL

URL: https://news.detik.com/indeks?tag_from=wp_nhl_indeks
Title: Indeks Berita

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833047/gerindra-yakin-anies-maafkan-buruh-soal-jangan-jadi-gubernur-bencong?tag_from=wp_widget_news

Search URL Search Domain Scan URL

URL: https://health.detik.com/fotohealth/d-5833065/potret-situasi-covid-19-di-afsel-saat-varian-omicron-merebak?tag_from=wp_nhl_2

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833050/sama-sadisnya-begini-peran-pembantu-di-kasus-mutilasi-pria-di-bekasi?tag_from=wp_nhl_3

Search URL Search Domain Scan URL

URL: https://20.detik.com/?tag_from=wp_belt_videoTerpopuler
Title: Ke Halaman Video

Search URL Search Domain Scan URL

URL: https://20.detik.com/sport-buzz/20211130-211130041/lionel-messi-raih-ballon-dor-untuk-ketujuh-kalinya?tag_from=wp_belt_videoTerpopuler

Search URL Search Domain Scan URL

URL: https://20.detik.com/detikflash/20211130-211130042/suasana-bandara-afsel-usai-dicekal-sejumlah-negara-imbas-varian-omicron?tag_from=wp_belt_videoTerpopuler

Search URL Search Domain Scan URL

URL: https://20.detik.com/detikflash/20211130-211130039/imbas-varian-omicron-jerman-perketat-perjalanan-dari-afrika-selatan?tag_from=wp_belt_videoTerpopuler

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita-jawa-tengah/d-5833064/pemadaman-listrik-di-pekalongan-batang-nyaris-seharian-ini-titik-lokasinya?tag_from=wp_nhl_4

Search URL Search Domain Scan URL

URL: https://news.detik.com/detiktv/d-5833044/suasana-bandara-afsel-usai-dicekal-sejumlah-negara-imbas-varian-omicron?tag_from=wp_widget_video

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/travel/d-5832656/viral-pasangan-pose-naik-motor-bebek-di-depan-menara-eiffel-dikira-editan?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://travel.detik.com/travel-news/d-5832973/desain-calon-bandara-terbesar-di-india-diejek-netizen-china-kenapa?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://inet.detik.com/tips-dan-trik/d-5832828/cara-kirim-whatsapp-tanpa-simpan-nomor-ke-kontak?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://oto.detik.com/ototest-mobil/d-5833033/tes-hyundai-staria-signature-9-mpv-mewah-muat-9-orang?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/foto-entertainment/d-5832593/8-potret-rafaela-plastira-miss-yunani-yang-boikot-miss-universe-di-israel?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://inet.detik.com/cyberlife/d-5833031/lionel-messi-raih-ballon-dor-2021-netizen-banjiri-ucapan-selamat?tag_from=wp_belt_lifestyle

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/topic/21
Title: Kirim

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5832647/detikcom-do-your-magic-hasil-pengerjaan-drainase-vertikal-lingkungan-soleh-solihun?tag_from=wp_cb_detikcom_doyourmagic

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5832590/wagub-minta-warga-lapor-jika-ada-tutup-drainase-rusak-di-jakarta?tag_from=wp_cb_detikcom_doyourmagic

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5832315/detikcom-do-your-magic-perbaikan-tutup-drainase-vertikal-yang-disorot-soleh-solihun-berlanjut?tag_from=wp_cb_detikcom_doyourmagic

Search URL Search Domain Scan URL

URL: https://finance.detik.com/berita-ekonomi-bisnis/d-5832867/uganda-hingga-malaysia-bisa-jadi-pelajaran-ri-hindari-jebakan-utang-china?tag_from=wp_cb_mostPopular_list
Title: Uganda hingga Malaysia Bisa Jadi Pelajaran RI Hindari 'Jebakan' Utang China

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/bola-dunia/d-5832992/daftar-peraih-gelar-di-gala-ballon-dor-2021?tag_from=wp_cb_mostPopular_list
Title: Daftar Peraih Gelar di Gala Ballon d'Or 2021

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/bola-dunia/d-5833013/cristiano-ronaldo-lagi-lagi-absen-di-acara-ballon-dor?tag_from=wp_cb_mostPopular_list
Title: Cristiano Ronaldo Lagi-lagi Absen di Acara Ballon d'Or

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5833011/saat-bw-bawa-bawa-mandalika-usai-urus-kasus-formula-e-di-kpk?tag_from=wp_cb_mostPopular_list
Title: Saat BW Bawa-bawa Mandalika Usai Urus Kasus Formula E di KPK

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola/bola-dunia/d-5832975/disebut-ingin-saingi-messi-ronaldo-tuding-panitia-ballon-dor-pembohong?tag_from=wp_cb_mostPopular_list
Title: Disebut Ingin Saingi Messi, Ronaldo Tuding Panitia Ballon d'Or Pembohong

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5827753/viral-ceramah-habib-bahar-ente-khianati-habib-rizieq-saya-habisi-kalian?tag_from=wp_cb_mostcommented_list
Title: Viral Ceramah Habib Bahar: Ente Khianati Habib Rizieq, Saya Habisi Kalian!

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5828370/pemuda-pancasila-desak-junimart-girsang-minta-maaf-dan-cium-tangan-japto?tag_from=wp_cb_mostcommented_list
Title: Pemuda Pancasila Desak Junimart Girsang Minta Maaf dan Cium Tangan Japto

Search URL Search Domain Scan URL

URL: https://news.detik.com/berita/d-5825115/pengacara-bukan-brigjen-zamroni-suami-anggiat-pasaribu-bernama-lettu-bayu?tag_from=wp_cb_mostcommented_list
Title: Pengacara: Bukan Brigjen Zamroni, Suami Anggiat Pasaribu Bernama Lettu Bayu

Search URL Search Domain Scan URL

URL: https://news.detik.com/kolom/kirim?tag_from=wp_cb_kolom_kirim
Title: Kirim Tulisan

Search URL Search Domain Scan URL

URL: https://news.detik.com/kolom/d-5832147/bpk-blu-dan-kekeliruan?tag_from=wp_cb_kolom_list

Search URL Search Domain Scan URL

URL: https://news.detik.com/kolom/d-5832103/setengah-abad-korpri-dan-isu-mendasar-birokrasi?tag_from=wp_cb_kolom_list

Search URL Search Domain Scan URL

URL: https://news.detik.com/kolom/d-5831623/upah-minimum-untuk-siapa?tag_from=wp_cb_kolom_list

Search URL Search Domain Scan URL

URL: https://news.detik.com/kolom?tag_from=wp_cb_kolom_more
Title: Ke Halaman Kolom

Search URL Search Domain Scan URL

URL: https://www.facebook.com/detikcom

Search URL Search Domain Scan URL

URL: https://twitter.com/detikcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/detikcom/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/detik-com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/detikcom

Search URL Search Domain Scan URL

URL: https://news.detik.com/
Title: News

Search URL Search Domain Scan URL

URL: https://finance.detik.com/
Title: Finance

Search URL Search Domain Scan URL

URL: https://inet.detik.com/
Title: Teknologi

Search URL Search Domain Scan URL

URL: https://hot.detik.com/
Title: Entertaiment

Search URL Search Domain Scan URL

URL: https://sport.detik.com/
Title: Sport

Search URL Search Domain Scan URL

URL: https://sport.detik.com/sepakbola
Title: Sepakbola

Search URL Search Domain Scan URL

URL: https://oto.detik.com/
Title: Otomotif

Search URL Search Domain Scan URL

URL: https://travel.detik.com/
Title: Travel

Search URL Search Domain Scan URL

URL: https://food.detik.com/
Title: Food

Search URL Search Domain Scan URL

URL: https://health.detik.com/
Title: Health

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/
Title: Wolipop

Search URL Search Domain Scan URL

URL: https://news.detik.com/x/
Title: DetikX

Search URL Search Domain Scan URL

URL: https://20.detik.com/
Title: 20Detik

Search URL Search Domain Scan URL

URL: https://foto.detik.com/
Title: Foto

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transstudiobandung.com/
Title: Trans Studio

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.haibunda.com/
Title: Haibunda

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/
Title: Insertlive

Search URL Search Domain Scan URL

URL: https://beautynesia.id/
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://femaledaily.com/
Title: Female Daily

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hanover67alive2.shop/eb76mry2395F86Hh12J71avV9Rb72R25w6brrbI_hb4fDwIZhsFDhEGsi7JQyoKQ95Q1nI06A@T@sv/sponges-puffs HTTP 302
http://detik.com/ HTTP 301
https://www.detik.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=www.detik.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8L55NHw5R1VoM3hrZnorcnFiVFlmV2ZkMy80WlRwem1ERDh1Mi9nMU1GelBscGg4ajM4Mk54ejd1WWZPQWt5VUxPclg3bW1ybU94VERmL3ZwR3lyYVVkRkZMclkwL1lYZXdZM1JFOHF3WDNYcDI1WDRtcE84d1p1bXluZ2huVnpkazluVS9aUEYvaVZleWRlKytSRkl2b2tiTmJ6SzV0dnhReG5kUUlKNXBFbTNnRmtrWFlqTXRZUFl1aFNoc0tKWUN5TFFpN2c4dkU0N3JZSWdqNTBvU2dteU5pckpFdzJhUzRhUTdKc1dPcTNCSG9nPXw&cppv=2

Request Chain 120

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%2F&c9=

Request Chain 166

https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 167

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&dcc=t

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHuZaCAvIW6tVHGKzrLh-LQ&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaV47XXA78OkSVU5GhToNQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHBdt4_IIGmOPZlpiYJrhT0&google_cver=1&gdpr=1

Request Chain 172

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 173

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 174

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640826349

Request Chain 260

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tRgeP3w4NWdydEtEV1hYRDdzcStuU2taMHFrNUNkNFFDK203L2U1VVpCbEUyL0hTODBvcUFRNjV1Zm8yd0NyVVpJc0MrZm1TVkNZRWNkTFJrUzk1VlhXSVdzWTI4MWZQb3BIVFl1S1ZOYW0ydGtLb1VNaTVibFFPS3d5SUVhYlpoYTZ5NEo0N09lb0IwZVJSc1Nta0lINEh5d1VpdzdEeXhsY0NCVEx6WDg1bkpMdm8zN3NMRWpVUTVZVnZhZUFTQlhZQk5RZXZ5MURCekQvUEpkZnp0ZFdrUVRGektYRVAxaHh3dFFVNUs5YXVxMENlZVh0L21FQXVRR1dqcy9XNFhKYWs2bGlhSmJueHJXQWZiNTlHQlk5RWdxNnJCdHUzNXFHejlrSUZOT2RGbTB3cjZVYzVTU01SUzdVeVFtekR2cnl0ZHw&cppv=2

Request Chain 263

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yWvTk3xGa201dEE3emJWS04zSnBEM0xkcVNBVnFpMDF0Y2xtSWorNjdGNDM3YVM3OVd5N3AyZU9ZZCtPTUVvNjBTVWNOS3dKTE9UY2Z0T1hJWG02YXRHWGRXT2JxeURaTnM0SDJTNE05dUNEdFdSclVpdldHdGp0VU9ieGQ2REdyd0JVNTVQSHpKOVJhbE9LK0R3MG9kMlVIRFFlRWpPYzJsMnF0RkZMbEhTRnFtUEtGUEM2TTUvbEdmdjJZalFINGg5b2QyamlVRVRlUzFFQncvRjJMaWdDdGlCMURhYWozR1c0c3JTanJCOUVtbStXMnFQODBnRTQ5MUxocnd3VWRzV0J4a2t1WkVtdEZSdElCcXQxQWM2ZFlINjJPTVV4VWlzQTFLYkpJQ2tnN0V0RThTMU9tVW15TWJDcTFXdHVGNCtyZHw&cppv=2

Request Chain 277

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=kRf-SnxjQ0k5Y01EL3FRTTlnQlc4clpIcTA1YURqZkpkejZaQnNiVCtvcklVZ1ZBTlRCbUxCMUs2UC9GYzd2aEFIdUY2ZTBoVThGY1FxWTkxWjZlNUJjTkQvQk4vNmxUZXMyak5mRlE1RUNVRmF3amxLMVZsNHBRS3llZEZSK09WU0p3VVJNWGdwT2krQzZlL3preXFwcTBDVmZ6ZzVXMjB5THRlaDVlcUx6NFpHbkZNenc0TmFiZ2YvY0I5QVErWTA5Zzh1U2FHbFBNNjNYbVorWnZyS2N5aWhZVGp0T3ZMVy9ucXFpOXgxWGZtUmpZSktEeEJQRGNCS1I2SGkxU1NXNEI5RWJyZ3Rkb01rTzhpY0JMcVpiaFZhZDN0Wk5wTVRTbUdMVW1oQzcxNnMvUDJmMnkxN0JUQlpCQW1uWXZIbW80RHw&cppv=2

Request Chain 342

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEJZ-3_AmAaef6PdZBgRDML4&google_cver=1&google_push=AYg5qPL3snTGry5cpf45bF2OiJPUqzeccJ2TWfwuzN2J74T4JuaD8xWcuOBqIKstF5ssVdo-DBTUHkqC6UsDpOmLoEd4TocKEKJN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL3snTGry5cpf45bF2OiJPUqzeccJ2TWfwuzN2J74T4JuaD8xWcuOBqIKstF5ssVdo-DBTUHkqC6UsDpOmLoEd4TocKEKJN&google_hm=Njk1NjgyMDAwMDMxMjAxMzEy HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 343

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 345

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELjCjVim35kYuzA8yuZj9-M&google_cver=1&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFYM5wsgXTpPe0LAK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczMzYzMjY2Mw%3D%3D&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFYM5wsgXTpPe0LAK

Request Chain 346

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBOB6bmfx0CjekoVZBdcSzk&google_cver=1&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8WpOmYVS_FFRU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8WpOmYVS_FFRU

Request Chain 347

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9

Request Chain 349

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1&google_push=AYg5qPJa864hrIU4MwN6SQQAQpny8h_53lBN_RdYGy9l7h9N_kxV6Tt72cdgimNdqSksanb9lG5Bp9vLWZ68gWsrzkLFZkOQ68HVUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4OTc4MzkzMzM1MjUwNjk5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1

Request Chain 350

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELjCjVim35kYuzA8yuZj9-M&google_cver=1&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8lydMb3PiNT_NAw0ShQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczNDI4ODAxNA%3D%3D&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8lydMb3PiNT_NAw0ShQ

Request Chain 351

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI08m2FVk23qGClnZxxF5JY&google_cver=1&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI08m2FVk23qGClnZxxF5JY&google_cver=1&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d&google_hm=t553WMxCQRu86tRXoXpDUA==

Request Chain 352

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGXz_XkMNi59bprB-MuRZ4M&google_cver=1&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5A-w1-fw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5A-w1-fw&google_hm=MjEzNTAwNDQ3ODc5NzE1NDc1NQ%3D%3D

Request Chain 353

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj

Request Chain 355

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw

Request Chain 357

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENLnE4113sKToskRHAUqAPc&google_cver=1&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQwtQPBztSnY-b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQwtQPBztSnY-b

Request Chain 358

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 359

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIEJHBwtX59kQTdx2vOXuRg&google_cver=1&google_push=AYg5qPKfriqC-3o8zMbsjyFb_yRufNRbyXRuNuAIFHIVghMz3uI4xH_uuqeHd9dfoUSUurJWBF9UXT4N425EyTVrCq5ChNleTn2y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIEJHBwtX59kQTdx2vOXuRg&google_push=AYg5qPKfriqC-3o8zMbsjyFb_yRufNRbyXRuNuAIFHIVghMz3uI4xH_uuqeHd9dfoUSUurJWBF9UXT4N425EyTVrCq5ChNleTn2y

Request Chain 360

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMI-Y8SSeRoQnYYd5lfqp-8&google_cver=1&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMI-Y8SSeRoQnYYd5lfqp-8&google_cver=1&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog&google_hm=8991e3cf0d52cc11c1ba7650

Request Chain 361

https://onetag-sys.com/sync/i,19/?google_gid=CAESELhKxOCaOq4V2K1pGmbO6cQ&google_cver=1&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 362

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKfQW4404QLHH7HyPbbzSISMk2dNZoA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKfQW4404QLHH7HyPbbzSISMk2dNZoA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKfQW4404QLHH7HyPbbzSISMk2dNZoA

Request Chain 375

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENLnE4113sKToskRHAUqAPc&google_cver=1&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExjWiMQvEt7tjygnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=rAJhpXjvTwCgDTqW24bZMA&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExjWiMQvEt7tjygnQ

Request Chain 376

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEAJoGhAO-0o_nFbYs1kLc0U&google_cver=1&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggkGU6ijbKDZOnXAfddXXC HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEAJoGhAO-0o_nFbYs1kLc0U&google_cver=1&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggkGU6ijbKDZOnXAfddXXC&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Cwiosomxnqx0aZYr-iQMrg&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggkGU6ijbKDZOnXAfddXXC

Request Chain 377

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt7iT0r8Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt7iT0r8Q

Request Chain 378

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw

Request Chain 379

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3EDmZ5Iir88wtaPLWqOHVFHh82gmREkWTAixsGtvouD511wY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3EDmZ5Iir88wtaPLWqOHVFHh82gmREkWTAixsGtvouD511wY

Request Chain 381

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5178aca1-e08d-4146-ae08-6ef6fd63bead&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30

Request Chain 382

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ac0261a5-78ef-4f00-a00d-3a96db86d930&expires=28

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEJvisEjPNc4iFuuyc9b5PYk&google_cver=1

Request Chain 385

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/E48CXl4ChVAoAXd0M32AIQ?csrc=&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 386

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dMRUZOSEgtUi1LWkdZ&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 387

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWE2YzQ1ZDlkNmJlNjU4YjZjZTEzMTExOWM3YTQ1ZDRkZGRkYjUyOA&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 388

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWLEFNHH-R-KZGY&sigv=1&esig=2~008d9cb9fb158b1b436c0106412bf974c5bfd56b&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 400

https://mediaintelligence.de/trck/eview/e8caad8c035fb9169508bad34c2a3e36 HTTP 301
https://data.mediaintelligence.de/wmimport//328_Panasonic_Prestige_Amazon_Rank_Booster/FR/ASIN2/panasonic_FR_prestige-beauty-eh-xt20_amazon-dsp-ad-static_300x600.jpg

453 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.detik.com/
Redirect Chain

http://www.hanover67alive2.shop/eb76mry2395F86Hh12J71avV9Rb72R25w6brrbI_hb4fDwIZhsFDhEGsi7JQyoKQ95Q1nI06A@T@sv/sponges-puffs
http://detik.com/
https://www.detik.com/

192 KB
33 KB

632ms
210ms

Document
text/html

203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

f130f6a42c1476916d628e70ae1cdc25c4cec372d86af665bada8c3b56010c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	'1;mode=block'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 01:05:46 GMT
content-type: text/html
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
server: dtk18
strict-transport-security: max-age=31536000; includeSubDomains; always
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'
x-fastcgi-cache: HIT
content-encoding: gzip

Redirect headers

Date: Tue, 30 Nov 2021 01:05:45 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Keep-Alive: timeout=10
Location: https://www.detik.com/
Server: dtk15
Strict-Transport-Security: max-age=31536000; includeSubDomains; always
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: '1;mode=block'

GET
H2 200 jquery-min-3.2.1.js Show response
awscdn.detik.net.id/assets/js/ 85 KB
30 KB 744ms
197ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: W/"5e60960c-15283"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtmdl.js Show response
awscdn.detik.net.id/assets/js/ 9 KB
2 KB 1106ms
559ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/js/gtmdl.js?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

e286beb3c4b45c67256be02b881f15b3fbc65dee248371e7a8b96c288f9503cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 14:59:03 GMT
server: static11
cache-status: HIT
etag: W/"60fad937-227a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikLiveUserCounterResponse.js Show response
awscdn.detik.net.id/libs/livecounter/ 37 KB
10 KB 743ms
196ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=2021113008

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 08:01:26 GMT
server: static11
cache-status: HIT
etag: W/"60f7d456-921a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
awscdn.detik.net.id/detikcom/css/ 76 KB
14 KB 742ms
195ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/detikcom/css/style.css?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

0e90e5e4ded9a732145d975a0467cf556aa10a22393806e0a954f104559f3e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Jun 2021 09:20:08 GMT
server: static11
cache-status: HIT
etag: W/"60d59fc8-12f58"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 placeholder.css
awscdn.detik.net.id/assets/css/ 4 KB
1 KB 742ms
196ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/css/placeholder.css?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

29b704b5942d3009f4529f4e49d18b2e463b913ad8d04fc854c228fcd218599a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 06:05:18 GMT
server: static11
cache-status: HIT
etag: W/"6167c89e-fab"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.ads-new.css
awscdn.detik.net.id/commerce/desktop/css/ 12 KB
3 KB 742ms
196ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/commerce/desktop/css/detik.ads-new.css

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

57a5a8627e8f31bf2cf2d73800b9e425e3ce56a7b0b46047725d1319a1ceade9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Dec 2019 03:42:01 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5df84e89-2e86"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 142ms
53ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1059 / 644 of 1000 / last-modified: 1637708807"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26862
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 01:05:47 GMT

GET
H2 200 portal.dc.js Show response
awscdn.detik.net.id/libs/js-itportal/ 1010 B
861 B 742ms
197ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/libs/js-itportal/portal.dc.js?v=1.0

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: MISS
etag: W/"5e5f7ec3-3f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eyeotadtk.js Show response
awscdnstatic.detik.net.id/live/js/ 312 B
695 B 129ms
7ms Script
application/javascript 2600:9000:2156:1800:3:74e5:6700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://awscdnstatic.detik.net.id/live/js/eyeotadtk.js
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:3:74e5:6700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: static6 /
Resource Hash: 7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:53:02 GMT
content-encoding: gzip
etag: W/"5afd2f42-138"
age: 11059964
x-cache: Hit from cloudfront
barrier_2: HIT
barrier_1: Static
barrier_3: HIT
access-control-allow-origin: *
last-modified: Thu, 17 May 2018 07:29:06 GMT
server: static6
cache-status: HIT
middle-cache: HIT
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TU4NCd-QQwMFBjyx9uvVRBMCU17ebyflXnr_0GQBspg-qMt8VLLYPA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 framebar.css
awscdn.detik.net.id/assets/css/framebar/ 26 KB
5 KB 742ms
196ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

83a7ba255d337be130b8ca951982f41583ca0ead28ce3a7b04f9f858e72054fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: W/"5e60960c-6717"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autocomplete.css
awscdn.detik.net.id/assets/css/framebar/ 422 B
555 B 741ms
196ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/css/framebar/autocomplete.css?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

b591d9a2aa94d6d5c5dfb25d24a7b078b8465341b5b1deebc19a80f1bff915c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: W/"5e60960c-1a6"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 favicon-detikcom.png
awscdn.detik.net.id/assets/images/framebar/ 3 KB
3 KB 218ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/assets/images/framebar/favicon-detikcom.png?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

d60541e69f397ba5101d5d3744d08553b1bdd38034a4e4e17541f2d121f36ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: W/"5e60960c-ab6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_Most-3x.png
awscdn.detik.net.id/framebarasset/ 2 KB
3 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_Most-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

1ed5d0d1151d56f014d275984998c9cad68b754617cb6e0a32f085ebb59f898c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-8ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_kirim_tulisan-3x.png
awscdn.detik.net.id/framebarasset/ 1 KB
1 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_kirim_tulisan-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

750fee75408cb472d21dc2c9f9b30d32ebe8259c59515b9288dd4d3693e4ed3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-4a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_livetv.png
awscdn.detik.net.id/framebarasset/ 1 KB
1 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_livetv.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

02d6b712de745b09952abdbc2ba0e66359c99f84b8fc957b0e4f7704fcd043f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Jan 2019 03:47:03 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c3c0637-40c"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_detik-3x.png
awscdn.detik.net.id/framebarasset/ 5 KB
6 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_detik-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

ef46d087ded4c5a2b7d6dc3ead6ce1b10412e6d43045666f50c79991391b2825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-15b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_finance-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
4 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_finance-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

d3f4fbe39ddfd9709c204d38af775572b0fe7fe9486d7c5554609a4d6a36833d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-d66"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_inet-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
5 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_inet-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

71c3d82281ad4b7e3543bf164d704ac7e94669bb6a814ac828d275fbee7565ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-11a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_hot-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_hot-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

3e8a18812157c4c2d9ec97889775ab89c2c9aefab4905bb7e5f415d041715a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-fad"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_sport-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_sport-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

cbc6d96a10fe09c21274f5ab748324d4241ff038d8851029fc29ddefa78db993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-fe2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_sepakbola-3x.png
awscdn.detik.net.id/framebarasset/ 5 KB
5 KB 217ms
210ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_sepakbola-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

0d4a88b1ec18cacbdd8c6dd760ed26b6db26c115955f9ca6b478149886323c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-12bd"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_oto-3x.png
awscdn.detik.net.id/framebarasset/ 5 KB
5 KB 217ms
211ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_oto-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

8a2bdfbb90f7f1e1ed1fe490392dcbfee3640431020d195d6a4462765f1947fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-1301"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_travel-3x.png
awscdn.detik.net.id/framebarasset/ 5 KB
5 KB 217ms
211ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_travel-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

43f68487b1058d9b6e81c9dcb384609cca7e4ff9f681736e84ef42fea0854ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-138e"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_food-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
5 KB 217ms
211ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_food-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

8632de9f393da13082356649a11e28f518e6da614a4f1502d00f23407082dfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-10eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_health-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 217ms
211ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_health-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

5c08574a12b111e057c3a36b8698c23376183478b8033b9ab746c08f2ab65c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-f58"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_wolipop-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
3 KB 217ms
211ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_wolipop-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

889f982abda1b271ec9a74e4d3d52c1aa5348c267b6a0170917057d0d0a39eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-c74"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_X-3x.png
awscdn.detik.net.id/framebarasset/ 2 KB
2 KB 394ms
387ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_X-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

dc486043a92be179141ef26533d717d392eea15dd84494f4c8e9d6493d2dbd43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-7a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_20D-3x.png
awscdn.detik.net.id/framebarasset/ 2 KB
2 KB 394ms
388ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_20D-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

f88bbcd2ea141ee0c209c4154dcbb36a90787f060a8d11c177a44fd97d9e6896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-84c"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_foto.png
awscdn.detik.net.id/framebarasset/ 3 KB
3 KB 394ms
388ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_foto.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

cb5c9f0c9d7bdd13436a7fb0915f69cdb52344ac6b0913b5590c5abf91113d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Dec 2018 07:03:56 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c1b3edc-b51"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_edu-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
3 KB 394ms
388ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_edu-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

813e4c546afc35ebe374ee6c899fc9ef4ab539f6cb003f73130270e6e969229f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 04:38:24 GMT
server: static11
cache-status: HIT
etag: W/"60581f40-bcc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_pasang_mata-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 394ms
388ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_pasang_mata-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

a390c359e73eefc290f00c384e6018507ec82f49c794bbac35c1bbe2dc741c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-e79"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_adsmart-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
4 KB 394ms
389ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_adsmart-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

131fa720762285e5c6bc623b21aa8dad4164c4794e0334c554573fa002276b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-ccb"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_forum-3x.png
awscdn.detik.net.id/framebarasset/ 6 KB
6 KB 394ms
389ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_forum-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

25fdca6f0b40fb82105bc04e4bd337c9cd17c0c5a4ef43a8f3e39a6b8fb427a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-16ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_event-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
3 KB 394ms
389ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_event-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

ddbbbe4f92e38639d65c4fb728318a0e9222d97403573eee4bd3048394be3ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-b53"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_poin.png
awscdn.detik.net.id/framebarasset/ 2 KB
2 KB 395ms
389ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_poin.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

16b56714773688b07d26fba863ec09a2fac044374c7076bcf7db1581f3473394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Dec 2018 06:15:50 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c173f16-9c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trans_snow.png
awscdn.detik.net.id/framebarasset/ 3 KB
3 KB 395ms
389ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/trans_snow.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

9b2c55f3f8624a6fb5ea1bc9ba0991149bcffc9cdbec5db607d242e1adcff6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2019 11:07:05 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c94c1d9-c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trans_cibubur.png
awscdn.detik.net.id/framebarasset/ 6 KB
6 KB 395ms
390ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/trans_cibubur.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

27afcca36a726aa23c5ad55f091f97d3d46daa93e1d073fbe08cdad6ede53617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jul 2019 09:48:36 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5d25b474-163e"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_bali.png
awscdn.detik.net.id/framebarasset/ 13 KB
13 KB 395ms
390ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_bali.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

2007a6ed2da99a309f332c23dc111f9e3899e54578c7497af02463d01f6a88d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 04:46:36 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5def232c-3405"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-berbuatbaikid.png
awsimages.detik.net.id/community/media/visual/2021/11/24/ 12 KB
12 KB 594ms
183ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/24/logo-berbuatbaikid.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

c6ac9d7e0a31d5690be20b5477a797847a6e5dbd685c0c349660989663941859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: HIT
etag: W/"1477b5b15fea2f16b397ad19710e4f24bd33ed06"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_cnn-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 395ms
390ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_cnn-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

c84201cafd43a3b8a1b32039822c8d0255964b346b4c8bb1aea5cdd2a9bc07e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-ef9"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_CNBC-3x.png
awscdn.detik.net.id/framebarasset/ 3 KB
4 KB 395ms
390ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_CNBC-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

b714a01f6ea7bb6a05d6f63931cd5f70755a8c64d804b3c34350d57d2c3355fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-da8"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_hai_bunda-3x.png
awscdn.detik.net.id/framebarasset/ 4 KB
4 KB 396ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_hai_bunda-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

0d606bb86e2225b4d16e2c7d1177855988d671eea6f227020b48740aec4249b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-1038"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_insert-3x.png
awscdn.detik.net.id/framebarasset/ 1 KB
1 KB 396ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_insert-3x.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

14608cab950da2c983905f8159a55e098522917dba6bddee8056df05a45defda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Dec 2018 03:48:28 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5c13280c-494"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_Beautynesia.png
awscdn.detik.net.id/framebarasset/ 9 KB
8 KB 396ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_Beautynesia.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

5ee052bef67b25d0a57d247785659861753af42ab6dfbdf0c25abfb12e2e6db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 06:21:23 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5df08ae3-2552"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_female_dialy.png
awscdn.detik.net.id/framebarasset/ 13 KB
12 KB 396ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/framebarasset/ic_female_dialy.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

7f399355acf4f1f1165064536a2704a287007b3f0c1bcba0f6d43d087928eda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 06:20:54 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5df08ac6-3476"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2846568b-3057-49c6-8125-ff5135d07312.png
awsimages.detik.net.id/community/media/visual/2019/06/28/ 13 KB
13 KB 593ms
183ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2019/06/28/2846568b-3057-49c6-8125-ff5135d07312.png?d=1

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

6aad1e9d5e42e84d31448760fe868f369234cbca18e02aa50f0d6ab5dccc1dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
last-modified: Fri, 28 Jun 2019 05:40:33 GMT
server: static11
cache-status: HIT
etag: W/"5d15a851-32ab"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penampakan-pelaku-mutilasi-di-bekasi_169.jpeg
awsimages.detik.net.id/visual/2021/11/28/ 16 KB
16 KB 593ms
183ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/visual/2021/11/28/penampakan-pelaku-mutilasi-di-bekasi_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

7f9f02543d9f15d2e904696faea8e003351b1ed0ffc5b76dff1c119b5490de2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: HIT
etag: W/"4fa96cb4f03adc09e4949b2acd3af6dff0bee79d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bentrok-prajurit-korps-marinir-tni-al-dengan-raider-tni-ad-di-barelang-batam-kepri-pada-sabtu-27112021_169.jpeg
awsimages.detik.net.id/visual/2021/11/29/ 8 KB
9 KB 593ms
183ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/visual/2021/11/29/bentrok-prajurit-korps-marinir-tni-al-dengan-raider-tni-ad-di-barelang-batam-kepri-pada-sabtu-27112021_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

b76ccf78ac35223ff1ac2200118356be97095198d55e68dd054e05c07c0a1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"3fb29cc8e81736d861d896785a0451818ce2dbc7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cristiano-ronaldo_169.jpeg
awsimages.detik.net.id/visual/2021/11/26/ 11 KB
11 KB 593ms
183ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/visual/2021/11/26/cristiano-ronaldo_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

90c72c7634086a466522958a8fd1bd8803834ed0f30aaf7652d76e06fb143727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"41ced1599c04508d52aee7bab1a9e8fd000c6f0e"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 interior-eksterior-all-new-honda-br-v-1_169.jpeg
awsimages.detik.net.id/visual/2021/09/21/ 13 KB
14 KB 593ms
183ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/visual/2021/09/21/interior-eksterior-all-new-honda-br-v-1_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

3e5083991816b1a8f58b43e5439ce267adada336d15baabfd5213c3e552bcedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"48296254b1aaeb017c43db918a08e1401f2649c6"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lionel-messi-ballon-dor-2021-ballon-dor_169.jpeg
awsimages.detik.net.id/visual/2021/11/30/ 6 KB
6 KB 511ms
182ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/visual/2021/11/30/lionel-messi-ballon-dor-2021-ballon-dor_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

2d8d7b85fe9da4102cc40235047d59250b0bc27a88292e858086f0c893b01ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"1480da2500ca514dd8aca5edee32b10b8e5dd6c5"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e9a0ee306c2e4aa49efe86a4cdff5517-20211130053234-0s.jpg
cdnv.detik.com/videoservice/AdminTV/2021/11/30/ 53 KB
53 KB 617ms
199ms Image
image/jpeg 103.49.221.99
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnv.detik.com/videoservice/AdminTV/2021/11/30/e9a0ee306c2e4aa49efe86a4cdff5517-20211130053234-0s.jpg?w=250&q=90
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-99-221-49-103.detik.com
Software: ngx_wz9 /
Resource Hash: f6e3839884fef67510234ed0856c8bc02d92c32314d2d28e954636e80068bde2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
last-modified: Mon, 29 Nov 2021 22:32:36 GMT
server: ngx_wz9
etag: "61a55504-d20a"
x-cache-status: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 53770

GET
H2 200 e6ef7e2d6edd4fc7831e1432c2539431-20211130063355-0s.jpg
cdnv.detik.com/videoservice/AdminTV/2021/11/30/ 65 KB
65 KB 1080ms
662ms Image
image/jpeg 103.49.221.99
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnv.detik.com/videoservice/AdminTV/2021/11/30/e6ef7e2d6edd4fc7831e1432c2539431-20211130063355-0s.jpg?w=250&q=90
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-99-221-49-103.detik.com
Software: ngx_wz9 /
Resource Hash: 2133c6a1109314df959e6fe78fee4fd9641b30554a0848320390d579affba136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
last-modified: Mon, 29 Nov 2021 23:33:56 GMT
server: ngx_wz9
etag: "61a56364-10260"
x-cache-status: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 66144

GET
H2 200 cf8c7ad1814643d7a85c21bc7597acf2-20211130050543-0s.jpg
cdnv.detik.com/videoservice/AdminTV/2021/11/30/ 62 KB
62 KB 1160ms
823ms Image
image/jpeg 103.49.221.99
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnv.detik.com/videoservice/AdminTV/2021/11/30/cf8c7ad1814643d7a85c21bc7597acf2-20211130050543-0s.jpg?w=250&q=90
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.99 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-99-221-49-103.detik.com
Software: ngx_wz9 /
Resource Hash: 73efc027fd385f73d2f08e88b98949bce837fad29f6f9fc895ba8a131d2d2e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
last-modified: Mon, 29 Nov 2021 22:05:44 GMT
server: ngx_wz9
etag: "61a54eb8-f775"
x-cache-status: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 63349

GET
H2 200 loadmore.js Show response
awscdn.detik.net.id/assets/js/ 8 KB
2 KB 211ms
211ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/js/loadmore.js?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

c45af2243d049edfc56a0c85d23bcd822bd5b888e1cf14ac3a6f802cc97328f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 03:13:42 GMT
server: static11
cache-status: HIT
etag: W/"5fbb28e6-2044"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugins.js Show response
awscdn.detik.net.id/assets/js/ 153 KB
46 KB 210ms
209ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/js/plugins.js?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

32db0cd28ef34b9423012bd55e365f8ef8937a0bb59008e755bb377b6c289f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Sep 2021 04:45:24 GMT
server: static11
cache-status: HIT
etag: W/"614ab4e4-26493"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.js Show response
awscdn.detik.net.id/assets/js/ 38 KB
10 KB 204ms
198ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/js/detik.js?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

b2f281776e5a6912e915583f3b3fd8adaa9ff1062cbcbc15b5aa299df44ec27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Nov 2021 06:05:36 GMT
server: static11
cache-status: HIT
etag: W/"619dd630-961e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.6/ 294 KB
97 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.6/firebase.js

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 21:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98890
x-xss-protection: 0
last-modified: Wed, 18 Jan 2017 00:39:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Tue, 29 Nov 2022 21:38:13 GMT

GET
H2 200 firebase-msg.js Show response
awscdn.detik.net.id/libs/js-itportal/ 5 KB
2 KB 218ms
210ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/libs/js-itportal/firebase-msg.js?v=3.2

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

0fd63008b882039d3a8195fd2522fbfa4ecac10a1cec10af85a4b3d06065f112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e5f7ec3-1309"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-detik.png
awscdn.detik.net.id/detikcom/images/ 34 KB
34 KB 395ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/detikcom/images/logo-detik.png

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

d6141c95cc33476b599c5a9d5bd42ddb264c34238a2033ed661429b5afb85dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:53 GMT
server: static11
cache-status: HIT
etag: W/"5e60960d-86f1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_detiknetwork.png
awscdn.detik.net.id/assets/images/ 60 KB
60 KB 395ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/assets/images/logo_detiknetwork.png?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

8d0d316e176bbbd41a092c059dfbb1b7bedb279906ba942b2c955828cb2f3491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Jul 2020 03:56:42 GMT
server: static11
cache-status: HIT
etag: W/"5f0fcffa-ee1d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.ads.controller-new.js Show response
awscdn.detik.net.id/commerce/desktop/js/ 3 KB
1 KB 218ms
210ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/commerce/desktop/js/detik.ads.controller-new.js

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

81d33f026d43fdac3db17fad20b0d95e9b8edd7ff34008ad64e7f716493c0534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Nov 2019 09:27:52 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5dd7aa18-d57"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156981/927/ 418 KB
123 KB 33ms
10ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96bb4558c6329a9aecb5a5563294b25663a1aae0958040229e225ee0fc3daac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:11:09 GMT
server: Apache/2.2.15 (CentOS)
etag: "fe0cd7-687cf-5cf4e9f365271"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=49875
accept-ranges: bytes
content-type: text/javascript
content-length: 124872
expires: Tue, 30 Nov 2021 14:57:02 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 0
344 B 39ms
7ms Script
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=6bioi0v&t=ajs&sid=detik&gen=&ag=&cat=detikcom&subcat=
Requested by: Host: awscdnstatic.detik.net.id
URL: https://awscdnstatic.detik.net.id/live/js/eyeotadtk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:47 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0= Show response
fundingchoicesmessages.google.com/f/ 76 KB
28 KB 167ms
70ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c05a66ffa40366ad9d86b7a0764c2d8cf873ce246863af2373d891af0a8c40da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dLHeVhGU15zatvuQL+oblA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dLHeVhGU15zatvuQL+oblA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-dLHeVhGU15zatvuQL+oblA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dLHeVhGU15zatvuQL+oblA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
59 KB 172ms
75ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c0c6742e602bc238c2515b0b448f45937aa5a431fc4f4f1e911a540eee25991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59578
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 icon-sprite.png
awscdn.detik.net.id/assets/css/images/ 1 KB
2 KB 392ms
391ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/assets/css/images/icon-sprite.png

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

64eafcb995dfd84bf17ef82846df5fb78bfc6871e6f808e8ddbaf4823369ded0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e60960c-573"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Montserrat-Bold.woff
awscdn.detik.net.id/assets/fonts/ 58 KB
59 KB 595ms
190ms Font
application/font-woff 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/fonts/Montserrat-Bold.woff

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

b338281a00b6748ccfd9391e5e67d90da3aaf3d8ed01d099e390d6d6fc1e1df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8
Origin: https://www.detik.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: "5e60960c-e9fc"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 59900
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Montserrat-Regular.woff
awscdn.detik.net.id/assets/fonts/ 58 KB
59 KB 596ms
191ms Font
application/font-woff 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/fonts/Montserrat-Regular.woff

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

e61f1ad265195ede649df53cb089704bccfc17ada7c2e0a4528974f05e61df48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8
Origin: https://www.detik.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: "5e60960c-e8cc"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 59596
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Montserrat-SemiBold.woff
awscdn.detik.net.id/assets/fonts/ 58 KB
59 KB 596ms
191ms Font
application/font-woff 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/fonts/Montserrat-SemiBold.woff

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

8c9fe0a40d829e6ff37886c0161369e7c4dcb959deb185368a889e99d05f5e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8
Origin: https://www.detik.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: "5e60960c-e9ac"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 59820
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Montserrat-Light.woff
awscdn.detik.net.id/assets/fonts/ 97 KB
97 KB 596ms
191ms Font
application/font-woff 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/fonts/Montserrat-Light.woff

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

ac4e614ef4779d0f208be8f709052483d57550c0c8843da6a0481c854e402b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://awscdn.detik.net.id/assets/css/framebar/framebar.css?v=098ea5d8
Origin: https://www.detik.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 06:02:52 GMT
server: static11
cache-status: HIT
etag: "5e60960c-18304"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 99076
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detiknetwork.woff2
awscdn.detik.net.id/assets/fonts/icons/ 13 KB
13 KB 547ms
191ms Font
application/octet-stream 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://awscdn.detik.net.id/assets/fonts/icons/detiknetwork.woff2

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/detikcom/css/style.css?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

6348d0efb7f3e11d132e8b3fa1bcdaa390180ed11e52a6047cc61169512d3c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://awscdn.detik.net.id/detikcom/css/style.css?v=098ea5d8
Origin: https://www.detik.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Sep 2021 04:45:24 GMT
server: static11
cache-status: HIT
etag: "614ab4e4-32e8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 13032
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 72ms
12ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=www.detik.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.detik.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1426
date: Tue, 30 Nov 2021 01:05:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=www.detik.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=8L55NHw5R1VoM3hrZnorcnFiVFlmV2ZkMy80WlRwem1ERDh1Mi9nMU1GelBscGg4ajM4Mk54ejd1WWZPQWt5VUxPclg3bW1ybU94VERmL3ZwR3lyYVVkRkZMclkwL1lYZXdZM1JFOHF3WDNYcDI1WDRtcE84d1p1bXluZ2...

352 B
609 B

44ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8L55NHw5R1VoM3hrZnorcnFiVFlmV2ZkMy80WlRwem1ERDh1Mi9nMU1GelBscGg4ajM4Mk54ejd1WWZPQWt5VUxPclg3bW1ybU94VERmL3ZwR3lyYVVkRkZMclkwL1lYZXdZM1JFOHF3WDNYcDI1WDRtcE84d1p1bXluZ2huVnpkazluVS9aUEYvaVZleWRlKytSRkl2b2tiTmJ6SzV0dnhReG5kUUlKNXBFbTNnRmtrWFlqTXRZUFl1aFNoc0tKWUN5TFFpN2c4dkU0N3JZSWdqNTBvU2dteU5pckpFdzJhUzRhUTdKc1dPcTNCSG9nPXw&cppv=2

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1d352e3304ee0bae6353968e841737b90e80a015c685441dd8eaaa09e9afca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 01:05:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2072
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 01:05:48 GMT
location: https://mug.criteo.com/sid?cpp=8L55NHw5R1VoM3hrZnorcnFiVFlmV2ZkMy80WlRwem1ERDh1Mi9nMU1GelBscGg4ajM4Mk54ejd1WWZPQWt5VUxPclg3bW1ybU94VERmL3ZwR3lyYVVkRkZMclkwL1lYZXdZM1JFOHF3WDNYcDI1WDRtcE84d1p1bXluZ2huVnpkazluVS9aUEYvaVZleWRlKytSRkl2b2tiTmJ6SzV0dnhReG5kUUlKNXBFbTNnRmtrWFlqTXRZUFl1aFNoc0tKWUN5TFFpN2c4dkU0N3JZSWdqNTBvU2dteU5pckpFdzJhUzRhUTdKc1dPcTNCSG9nPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2394
content-length: 482
expires: 0

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 46ms
45ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
412 B 97ms
47ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.detik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

116fa1480da8337063ea9336d26a49f4789e3f0068a08b1b5bf732bb831f820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 387
x-xss-protection: 0
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 / Show response
datawrapper.dwcdn.net/7Yo1k/ Frame 68A4 113 B
765 B 47ms
15ms Document
text/html 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/7Yo1k/
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95a9bfee7df710fcec6580360b2a2f855704d25bc90b54b3c46618b87d86a63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-type: text/html
x-amz-id-2: MuX9CeVGS6Ki65e0vbjer9lpM/MYviS1qTCG7zTpxh89Qwtq5XSqE1V7MO1NkU4pw30NPMIfCx8=
x-amz-request-id: AKASNXJDW312XSJN
last-modified: Mon, 29 Nov 2021 11:14:40 GMT
x-amz-version-id: jPNjizI.6DAwI6cuWdI3CRt3HVRQQumH
cf-cache-status: HIT
age: 6565
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFsx3%2FwA7fOf5zqjinRDCBcNFsfxsblQThMbDzW4Ea%2FTSq1UqhQFmmlWBISeCxo8QB%2Bh8XFb68WwNB%2FVtulVuIBcAjYjCN4jPk88Pvs0yiq8pNUygSVLYmilRYkwTFl%2Fq%2Fj6sCoxoFYTx3TylcdhLNNA%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b602b637ab60614-FRA
content-encoding: br

GET
H2 200 / Show response
datawrapper.dwcdn.net/7Yo1k/1744/ Frame 68A4 90 KB
16 KB 17ms
17ms Document
text/html 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e4f9dbc0b0fba6dea8dc07e2b0eda8f834e697ada973f2b16c66563425e574

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-type: text/html
x-amz-id-2: Qpg5tThwZsDMILKxhl+UT+1uGZ9pKvLvookGbINb+BrAfPHhkVW2e3E8jI0DoarwMxSqQ9Fmljc=
x-amz-request-id: AKAZ6ADCEYX2KJ0E
last-modified: Mon, 29 Nov 2021 11:14:40 GMT
x-amz-version-id: pj6KWoSgzHSIvOSKzt60MjHYW8vrnbpW
cf-cache-status: HIT
age: 6564
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAFBUEKZYPTPfB9qo%2BymJNARrQ8I5n4zeGOv83bypWupnq4f79LI6rJirOmkhGO0cQwkXN%2BMXRFDNQJpSGjlMhl%2B2LQcGr0rkHI0DptMcgyMwVwVV1So6KWkAlvi%2BzoWhfCcD1NJirOA6R91CMGpRrT1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b602b63bb040614-FRA
content-encoding: br

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 56ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1441
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
247 B 153ms
50ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.detik.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 30 Nov 2021 01:05:48 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
175 B 780ms
260ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.detik.com
date: Tue, 30 Nov 2021 01:05:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 204
No Content hb Show response
cpm.adsolut.in/ 0
260 B 74ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.adsolut.in/hb?zone=140459&v=1.5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:48 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 5 KB
5 KB 101ms
59ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=714719&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244c794c31f7add7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.detik.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224501790a4a0a897%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714719%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22460e9de990e0876%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714728%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224760ae14de95e1e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714762%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22485027687c29446%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714762%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249edb4a7ba7b869%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714762%22%2C%22sid%22%3A%22300x500%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A500%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22507f56a9858a716%22%2C%22ext%22%3A%7B%22siteID%22%3A%22714744%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0a839f19f5546e5cb42f139ccd6b5a57be62534f17c3dc43040a50d3f391d17

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.detik.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4925
x-ak-client-geo: 12
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 tables.datawrapper.5e20d51d.css
datawrapper.dwcdn.net/lib/vis/ Frame 68A4 30 KB
6 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/vis/tables.datawrapper.5e20d51d.css
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e20d51d1e22dd199b65c368a703ddd6becc865591966a1cd745c489815994d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2282541
x-amz-request-id: QAJ9Z9D3ND0QT3WH
x-amz-id-2: V1MaxGOA9jTp4vX/KuV9UsDPF9T2Rx47AaGTOSSyySEVi9Nj8O9BtB0Q4GKkwF9r0yxCMHBo2PI=
last-modified: Wed, 03 Nov 2021 15:00:29 GMT
server: cloudflare
etag: W/"279eb0c2cd72bd54257b8f080869c0a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFrsOArBUIgEm912hw4PKVTo9xmhephgn6D%2BU8Ya1whmttkM0I%2BZQRm8uKzF64KF435wKOVCnlrNv5V4Ps9IMEwAUKKEx2JArxwprUaGbYT1zUb%2Bt7Fpjm1A6l5QoUg0XhCEQgaiabSj48Oz1YzYtxxEPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-version-id: sWSRmdSMFkc4t__1rLU71nGF9wiq6oMf
cf-ray: 6b602b644b9d0614-FRA

GET
H2 200 load-polyfills.0d937b19.js Show response
datawrapper.dwcdn.net/lib/ Frame 68A4 1 KB
1 KB 33ms
15ms Script
application/javascript 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/load-polyfills.0d937b19.js
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d937b19a279f5fb8ddc647234d0a3842c5f757d34cb9e0035d6a9dddbc2d586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5479
x-amz-request-id: PADEBBW19JQX2BNG
x-amz-id-2: gATOx5LNzd/zG1kdX9hZyCSLmdDtS3TE3TAcJ2qaCIozf7Qq2hACVZ5hCJTV694H+xfj21dTPgY=
last-modified: Tue, 06 Jul 2021 19:23:50 GMT
server: cloudflare
etag: W/"cc940932938cfa231bb14826286673c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dSnKd2vwYDI3hGeiXFuG7w8ugP1NRrQGZNhpp8zfo3iw7ZW%2FIKDPuthMX%2F4Lccrw47%2FlfkCgWbFrE%2FjcBr%2FMPktu9358900XgajAiOaDZ3mrqL%2BrTBdC21AK7iYT1TyKbrgKEoGXuBr2srFusm9nk9y0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-amz-version-id: qWNOcjYkaFMNKnBwuFgwrEVueIzm0uDO
cf-ray: 6b602b647bc30614-FRA

GET
H2 200 dw-2.0.min.aec16c4f.js Show response
datawrapper.dwcdn.net/lib/vendor/ Frame 68A4 84 KB
28 KB 23ms
13ms Script
text/javascript 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/vendor/dw-2.0.min.aec16c4f.js
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec16c4f40af3413039bb76f140fb4938cf9e539b5dfcad8a9f53dc36cef4da7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1615948
x-amz-request-id: E3M54Y3R54R5K701
x-amz-id-2: Tsb6AVl8LgAI5dQj2Qzu1ExxAHCQJ8C5hNDAnO+9mnSo+73UrzLPmZbYtmNz1IhGpvyFSejJm2I=
last-modified: Thu, 11 Nov 2021 08:13:03 GMT
server: cloudflare
etag: W/"c26202ee8dcdc9aff0a72ebe5dae6fed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bNmXggb%2FaB7MFOwc0CJWOOKzxmWNZigPxrEXp1kP3eDIJgXM8nuwpff4Eu8U%2FIO50jb5wVCUQavYdBc0bRfJqr6OAoL%2B5u7G0bcPWodsXmYtzF7TAscdB1GVNtvlXzQ9YgVxfekNiNkjwvisiKvXtJSIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-version-id: OnaxqoxVDWEj7rsZcXW3AgBUR2GU2zf7
cf-ray: 6b602b647bc40614-FRA

GET
H2 200 tables.491400ae.js Show response
datawrapper.dwcdn.net/lib/vis/ Frame 68A4 254 KB
81 KB 29ms
20ms Script
text/javascript 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/vis/tables.491400ae.js
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491400ae09dccff8c34bb7c4e390759ceb79b437cb5c35af247910c487955b5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573165
x-amz-request-id: N6XJJWB0HWKV1H6K
x-amz-id-2: mtRuUkCi60h6IcaLErbUCme9LBiK+uaPfEGku8dSRnGr5Owk7UKtcknKYDQeAThfLXgsex5cVew=
last-modified: Tue, 19 Oct 2021 16:30:45 GMT
server: cloudflare
etag: W/"24d609247cf8370fd92dae5fdd63f161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8GSmwpvmfbW9lZspGYOxbB65Bh8woA8rjhs4Y7hVqtU8Z0FtqSzCMHodFMjqkYLJdBle4h3YsyZrnc8MBl8dVdpenRa1fi2VWGmwTKo5u%2FPp0vrCp4Lc168zl1OXloEAMzWZHwlqvi7c%2ByliOovtc47AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-version-id: gZVUf5anfsnRg2I4obsmh_PcEN4RkZwb
cf-ray: 6b602b647bc50614-FRA

GET
H2 200 main.e24ae5a0.js Show response
datawrapper.dwcdn.net/lib/ Frame 68A4 163 KB
46 KB 26ms
17ms Script
text/javascript 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/main.e24ae5a0.js
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/7Yo1k/1744/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24ae5a0801ee8de91fb3e7c3e52d88e887dbc0694dfba5dce350ab8bef7e7d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2283593
x-amz-request-id: 1CZ5QXCMFV6WG31S
x-amz-id-2: CE8jmVZkYbDYN6/PqYkfrVha7hVcNLi+tNdnDSGaMMwf1NaZohLPuxs6xn5XPr0pJTQuR+sNz6U=
last-modified: Wed, 03 Nov 2021 14:45:40 GMT
server: cloudflare
etag: W/"d40d6f3549878b3607f36fd461c02118"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEfIECGgCgO8XCj%2Fa8A0ZQt0E5zmC7fVcrkMULUVcSH3ua7FFONreerNQBF%2FgARjJ6v55M3ULHeRjRMB1KvydlsbrV4qvjzEIuImIWgbWBrga6%2BMCs6c%2BYPUvWvM1LU2Zos1xc8tgNSl%2F5o0EJF9kW6ZfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-version-id: NjeyCRR6aB2Oh21.tASRLul1LQ5uG1rS
cf-ray: 6b602b647bc60614-FRA

POST
H3 204 AGSKWxUvfiuq06JuOkmWdhMiMj443Pti6tgvelucsBeXWXBEY4cwqJu0TiKVeGBxha_xzw3jUXHKBJWMqFUOvla1JTE= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 99ms
52ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUvfiuq06JuOkmWdhMiMj443Pti6tgvelucsBeXWXBEY4cwqJu0TiKVeGBxha_xzw3jUXHKBJWMqFUOvla1JTE=?pvid=010791B2-2367-4388-8CCB-F1883EE2DD9E&anonid=09DB836D-DE3B-45AD-8544-8594BD68A608

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z_dGtx7tsDI.es5.O/d=1/rs=AJlcJMybvMbYEQl87syuWh_PtLEA0pgg6g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m+0bdOsUc09Ydz+5NoJQ7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m+0bdOsUc09Ydz+5NoJQ7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-m+0bdOsUc09Ydz+5NoJQ7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m+0bdOsUc09Ydz+5NoJQ7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUvfiuq06JuOkmWdhMiMj443Pti6tgvelucsBeXWXBEY4cwqJu0TiKVeGBxha_xzw3jUXHKBJWMqFUOvla1JTE= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 125ms
88ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G2QVm5xfRUlcvwNm9Vj0Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G2QVm5xfRUlcvwNm9Vj0Yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G2QVm5xfRUlcvwNm9Vj0Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G2QVm5xfRUlcvwNm9Vj0Yw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWkECHZImD2iDfVdeibJifDFnUAW2zQBu_t5809AgYBLWiFnqAxqUspCe-EXP8P72TcvWlcuuNrlPAI4aDGOSk= Show response
fundingchoicesmessages.google.com/f/ 59 KB
22 KB 115ms
68ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkECHZImD2iDfVdeibJifDFnUAW2zQBu_t5809AgYBLWiFnqAxqUspCe-EXP8P72TcvWlcuuNrlPAI4aDGOSk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4MjM0MzQ4LDI4OTAwMDAwMF0sIjAxMDc5MUIyLTIzNjctNDM4OC04Q0NCLUYxODgzRUUyREQ5RSIsIjA5REI4MzZELURFM0ItNDVBRC04NTQ0LTg1OTRCRDY4QTYwOCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5kZXRpay5jb20vIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fa38f4e9a47d2447d9e6ba9221348b947dc9b45529494a66d760edb64418655

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PgzcS+fZZhAOd8K1W5r5Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PgzcS+fZZhAOd8K1W5r5Sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-PgzcS+fZZhAOd8K1W5r5Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PgzcS+fZZhAOd8K1W5r5Sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto.css
static.dwcdn.net/css/ Frame 68A4 3 KB
806 B 22ms
13ms Stylesheet
text/css 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dwcdn.net/css/roboto.css
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/lib/vis/tables.datawrapper.5e20d51d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 133dd3475486f4f2adca267bd8eab25a1338ae7530bea46d097339908543d058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5133
x-amz-request-id: 9C3XSSNW38YWARKZ
x-amz-id-2: rR2UjICDkH0wzzyB4ZxdHJ/WuTPQzFtpgcae7tVE+/6GiGk//cZy9YGce7RHb+Maqv6Zi9o0ayM=
last-modified: Wed, 22 Jan 2020 15:06:19 GMT
server: cloudflare
etag: W/"94090a5319ce3b330202a7457effb1ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUDhXz%2B9ePxoUsmoK4l5DcQ0gy1VHF%2FePNN7eFuXv3ygb%2BbpFb%2Fymw1T3WKCDF2sr8UdtRzQ13burY7px%2FWFT6wndf62eqZVK88z%2BZevVmyIV7gRfi9nXeTMdlN5VpdT2GI5FRElWLF9UkHwrQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-amz-version-id: M71Z105HPzRvSoy5VVRv5g0sx5BRTfzc
cf-ray: 6b602b650c740614-FRA

POST
H2 200 / Show response
kayumanis.detik.com/api/validation/ 20 B
163 B 773ms
327ms XHR
application/json 34.149.209.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kayumanis.detik.com/api/validation/
Requested by: Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.209.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.209.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e42c48eaa0f6cff2fabe511e0ebaf0f37dd83d9082030256c2dd0ddd71a8fdf2

Request headers

Accept: */*
Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
via: 1.1 google
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 20

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 99ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da2a2f371c7490c5a26d8ea5ff6a47570bce1eaba7670fb1f824dbf6fdd9ad9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61776
x-xss-protection: 0
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 281
date: Tue, 30 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 03:01:07 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 36ms
7ms Script
application/javascript 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 18687502
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 2TtPIs9bFoOKYgFiG_jD4pBZnIkNN-RWLdA0laVwj4_1FG88GKx5Cw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: VcGHumMH1JOh0HknZHKRYKeqGvmF9mrOTPUDpb/AABVMZdfcjaub2XfqYxvJy2AuaECpQ12uEUDK37ltQWVDyg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 30 Nov 2021 01:05:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
8ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 03:26:25 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 158544
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qDxrzfOLUlRCR4xaIhiiw0_ixCFD4Au8S1AvwKLkP-880YyzhV263Q==

GET
H2 200 hotjar-909149.js Show response
static.hotjar.com/c/ 4 KB
2 KB 36ms
10ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-909149.js?sv=6

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

29cfb73cb3ae0a39df6de123e6961e0df9403f357c99d766cfc6f8f4cb1b63cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-cache-hit: 1
etag: W/5e56ac5d5b194c9d8cea8092506bd4c7
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1911
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-id: jJKHYwlL68x-jqTTCQMfctQTNynuHHqALwccX_KZEL5P7b8LSh0fSQ==

GET
H2 200 collect-autotrack-rangers.js Show response
sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/ 80 KB
24 KB 109ms
17ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6BTJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dd0383fb605df75491cc0fb146947adeabb5382f1129715d6cf5f856cf133b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-akamai-request-id: 5e3f5d5c
date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
vary: Accept-Encoding
x-expires-ms: 1625558525827
content-md5: THYd/L0W1OqAZmHBSDzDpA==
x-cache: TCP_MEM_HIT from a2-16-186-13.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 23209
x-tos-request-id: a639cce40dfc757b-af54b2d
x-tos-response-time: Tue, 06 Jul 2021 08:02:04 GMT
last-modified: Thu, 24 Jun 2021 08:14:16 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
x-check-cacheable: YES
cache-control: max-age=19424917
access-control-allow-credentials: false
x-tt-trace-host: 019db84f0f8271223844dfc645e0f61b92746617b46e5752f07cf6a815c1270583d1cc8d7cb49d3f0a92479e8f315f2f52aa30a1cac3889c43200df0ab9ad404a11481d6f1f9bf29a272047d4e65bf4d47e32c73b961c75b46e390de4592364ada86d0cf8b041bfaf512d5e14adaf35cf8086a221c70ee98e7b513fd036b9eeb7c
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 asyncjs.php Show response
newrevive.detik.com/delivery/ 29 KB
7 KB 629ms
193ms Script
text/javascript 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncjs.php

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive2
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1;mode=block
expire: Tue, 30 Nov 2021 02:05:48 GMT
x-cached: MISS

GET
H2 200 DFPAudiencePixel;ord=6680812911036.5;dc_seg=1010791389;gen=Male
pubads.g.doubleclick.net/activity;dc_iu=/4905536/ 42 B
410 B 81ms
80ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/4905536/DFPAudiencePixel;ord=6680812911036.5;dc_seg=1010791389;gen=Male?

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=2390778551450.7163;dc_seg=1009875724;gen=Female
pubads.g.doubleclick.net/activity;dc_iu=/4905536/ 42 B
209 B 250ms
250ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/4905536/DFPAudiencePixel;ord=2390778551450.7163;dc_seg=1009875724;gen=Female?

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dataset.csv Show response
datawrapper.dwcdn.net/7Yo1k/1744/ Frame 68A4 98 B
605 B 12ms
11ms Fetch
application/octet-stream 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/7Yo1k/1744/dataset.csv
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/lib/main.e24ae5a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de79a7fd03c582d564c9e95cb617eed371c23b3c7d6b96d040aab027509eb803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: w6Imgo_YVPYjIb6N6wCFTjxJxmQT5QD3
etag: "372d81dd00902753abd05e61ac23e860"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49864
cf-ray: 6b602b65ad0a0614-FRA
content-length: 98
x-amz-id-2: 8ClELEIzmbGMF/vm7tIpQyTO+c723qdcnq66b+6P5KE4zodFPN4m1XPFHL7XeRCdJL/wvoWxst4=
last-modified: Mon, 29 Nov 2021 11:14:40 GMT
server: cloudflare
date: Tue, 30 Nov 2021 01:05:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFIzMKI4AwLdYDYbcnUEtbpQxhvliXwhitezHQky3IOxkOtHYz8WXGyoii5cGHwuuMzKD%2FE3I2ZB9%2BKMG%2FJub5X7dsZVIead0eOVzqzMYslDWULX%2Bl1rxYJL0xnYBiwSjtvoRjqgbCR8hfpw%2FCFC8%2BxXIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AKASHFE7M05YRVVE
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 thetracker-detik-v4.min.js Show response
cdn.detik.net.id/loganalysistracker/ 6 KB
3 KB 292ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-detik-v4.min.js?v=4.0

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

c65ad3507aa9c487819ce5c6c2aac61866f0cd7bf0fc621fd78a3e365ca06bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 06:27:36 GMT
server: static11
cache-status: HIT
etag: W/"606aadd8-1792"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik_id Show response
www.detik.com/ajax/ 366 B
493 B 358ms
357ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/detik_id

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

45fdebc46154ab963f874934c4f746dd29b7d4cc10180a5aaeb252b3e19e1f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: BYPASS
x-xss-protection: '1;mode=block'

GET
H2 200 wpnewsfeed_2 Show response
tv.detik.com/statuslive/ 42 B
313 B 969ms
288ms XHR
application/json 103.49.221.132
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.detik.com/statuslive/wpnewsfeed_2

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.49.221.132 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-132-221-49-103.detik.com

Software

dtk18 /

Resource Hash

89927a687665f853776a97c7507fa9068a32c0a0fdc5e00ab5686f7af46022ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: dtk18
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform
vary: User-Agent, Accept
x-xss-protection: '1;mode=block'

GET
H2 200 hl Show response
www.detik.com/ajax/ 3 KB
1 KB 204ms
204ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/hl

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

720a0cdd43c5ccbb65096517e5b1e8d7e1b924565a6d5fe0f29c0d74d9628ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: HIT
x-xss-protection: '1;mode=block'

GET
H2 200 video_duration Show response
www.detik.com/ajax/ 13 B
316 B 204ms
204ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/video_duration?param=5833044

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

ee44b46b51314b828929c081c5d63a6d6a5409b88b171cd046700dc1f4616056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: HIT
x-xss-protection: '1;mode=block'

GET
H2 200 lifestyle Show response
www.detik.com/ajax/ 9 KB
2 KB 204ms
204ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/lifestyle

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

ccc11037a03006200015d5017493a36fac2baed9ff8209d769412f897ba0bebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: HIT
x-xss-protection: '1;mode=block'

GET
H2 200 do_your_magic Show response
www.detik.com/ajax/ 5 KB
2 KB 204ms
204ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/do_your_magic

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

19b411aeaa5cd93ded5d838522ce926acc782c66187fe3614ed955c61c9f553f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: HIT
x-xss-protection: '1;mode=block'

GET
H2 200 mostcommented Show response
www.detik.com/ajax/ 3 KB
1 KB 292ms
292ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/mostcommented

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

1663292354e6d9823258b08da9f0c7ae2eb98f1bfe993c43090e9b3f04c4e51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: EXPIRED
x-xss-protection: '1;mode=block'

GET
H2 200 kolom Show response
www.detik.com/ajax/ 5 KB
1 KB 204ms
204ms XHR
application/json 203.190.242.211
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.detik.com/ajax/kolom

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.211 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-211-242.190.203.detik.com

Software

dtk18 /

Resource Hash

c5d74ccdb3ce58377a376496ee17a784de7bcb462e0bd34555258f06e5b1af6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: */*
Referer: https://www.detik.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: dtk18
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
clientmobile: 0
ip_int: 1
x-fastcgi-cache: HIT
x-xss-protection: '1;mode=block'

GET
H2 200 sekretaris-komisi-d-dprd-dki-politikus-partai-gerindra-jakarta-syarif-1_169.jpeg
awsimages.detik.net.id/community/media/visual/2021/05/29/ 21 KB
21 KB 309ms
308ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/05/29/sekretaris-komisi-d-dprd-dki-politikus-partai-gerindra-jakarta-syarif-1_169.jpeg?w=400&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

5900f64e14003363aa5bf0f675df2fc13e9b925b74362bee75a7e9ebcc4ee73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"74cb6ce3774d36187947341218779b3fcc733939"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 melacak-jejak-varian-omicron-yang-pertama-kali-terdeteksi-di-afrika_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 16 KB
16 KB 487ms
486ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/melacak-jejak-varian-omicron-yang-pertama-kali-terdeteksi-di-afrika_43.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

f77a5372db63b21b314c76904f7808aedb0a4c496dda87f66c36facc0af95263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"4c22e7574fcee8abb29fb99c3e074f83ae5ae42c"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penampakan-pelaku-mutilasi-di-bekasi_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/28/ 20 KB
20 KB 487ms
486ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/28/penampakan-pelaku-mutilasi-di-bekasi_43.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

576101dd1c25cf0e026a42d0a8ff927e3e8ef2f9277ab02d9856ae637998c123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"e4fdeafef0554c9a63b4b5e78d0dc66cd0efc959"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pemadaman-listrik-di-batang-dan-pekalongan-1_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/30/ 16 KB
16 KB 487ms
486ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/30/pemadaman-listrik-di-batang-dan-pekalongan-1_43.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

e7c75d12aec808995d82031cb294aeb8031d941b54ad7fb656b99ec754af6d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: HIT
etag: W/"66990c7c3f1964651019312e19e8b778125e9f2d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 suasana-bandara-di-afrika-selatan-usai-menyebarnya-varian-omicron_169.png
awsimages.detik.net.id/community/media/visual/2021/11/30/ 29 KB
29 KB 487ms
487ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/30/suasana-bandara-di-afrika-selatan-usai-menyebarnya-varian-omicron_169.png?w=400&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

a26ec8c7ef110f69a5bf807b90ce0248b5207b8fef73b7cddba24c852cf6e820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"fead48dcfcdd07002f1d4c18a3e1bf4edbf7f013"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datawrapper.gif
stats.datawrapper.de/7Yo1k/ Frame 68A4 43 B
510 B 45ms
17ms Image
image/gif 2606:4700:20::ac43:471f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.datawrapper.de/7Yo1k/datawrapper.gif?r=https%3A//datawrapper.dwcdn.net/7Yo1k/
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:471f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b602b662b0d6961-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSA01ctCN%2FDylIvqNlikr0Nf4ejwZsLBbY3svtIcaphg0pik32sWb3HH4C81knTzJVJ429clswxMYRJ%2FImvsz6MFVoePeZVHbdeY9rzTHWzxcDUcOB7Nm%2FujWdjNAwoOUSX9XBvdTdIFYNMG9DGJnL8f"}],"group":"cf-nel","max_age":604800}

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%...

0
224 B

10ms
9ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%2F&c9=
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: I0s49n_Gv4J9mhCIhX1sJgUZ7T6CHG15X9rl0b3xNbmKY6Rl1BHvFg==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 30 Nov 2021 01:05:48 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&ns__t=1638234348489&ns_c=UTF-8&cv=3.5&c8=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&c7=https%3A%2F%2Fwww.detik.com%2F&c9=
content-length: 225
x-amz-cf-id: q7tgHFngLfasAQFF2Y_YtqzJPJ0rUD65NSHgONqxIsuETcynvdzRjg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 36ms
7ms Image
image/gif 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&time=1638234348491&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.detik.com%2F&random_number=17077717608&sess_cookie=c95de87917d6e605bcaa5c735c3&sess_cookie_flag=1&user_cookie=c95de87917d6e605bcaa5c735c3&user_cookie_flag=1&dynamic=true&domain=detik.com&account=jpQMs1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 04:15:02 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 75046
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: MR-rhJdMKiGgPiCwPn2ey_gQji7mOGakPLf6I23n4iNlxiujmrT2dQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 540ms
170ms Image
text/plain 44.241.169.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.169.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-169-29.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
server: Server

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 27ms
8ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-909149.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 563922
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ppRt9GbpDf_pr-npKlJjteYD7usNotnAXLI0rk189Jed618Jejpdtg==

GET
H3 200 304159643041671 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

684634b9fcf7a99af22ad70b330306df80f3a5cff79f887c960273ccfa9b8014

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89945
x-xss-protection: 0
pragma: public
x-fb-debug: FsEKNlRpD93uQuzw9Izq5melsd9kJ9sQ/dULSTjvSaUmStKKxYdQ2B0oir9cgJ7EuBfIS9eCs3TM5NaGllfAXA==
x-frame-options: DENY
date: Tue, 30 Nov 2021 01:05:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 subscriptions.chart-blocks.67d89b1b.js Show response
datawrapper.dwcdn.net/lib/blocks/ Frame 68A4 3 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/blocks/subscriptions.chart-blocks.67d89b1b.js
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/lib/main.e24ae5a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d89b1b6b75350fad2bed330d4381cd77d384d1f06c85aa6a030d9792c72365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3792
x-amz-request-id: K3YKQAEQV3VWKB0R
x-amz-id-2: vT6YRDV0mKbZq8Cqgpgoh8FjQJVVpMswcHpnADDwjEC1TlOyuf4eeQ7EwNPaCC002/9V0pu1V9I=
last-modified: Sun, 09 May 2021 22:40:44 GMT
server: cloudflare
etag: W/"8dc1f7cb24ff0c8fc878f4e79d5ae146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpV1z7yY9D08DuZqj95nPmXpK8bzjv3hJeP%2FaYxPmHZgq%2F23ddb9fqB69XuiBM%2Bt1KyJOXT6%2FvFfI28d0lYVHfFf7zqVws4FLTezF9uQe4hsPOeW%2FJ1T8yua%2B7UtcGfsbEnQIKXaSyEO6SKyo0lx59aa2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-amz-version-id: kBZ3_5VZ73bjBA5QNAoXm8XHim54JdxW
cf-ray: 6b602b664df60614-FRA

GET
H2 200 subscriptions.chart-blocks.c4ec9364.css
datawrapper.dwcdn.net/lib/blocks/ Frame 68A4 45 B
688 B 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://datawrapper.dwcdn.net/lib/blocks/subscriptions.chart-blocks.c4ec9364.css
Requested by: Host: datawrapper.dwcdn.net
URL: https://datawrapper.dwcdn.net/lib/main.e24ae5a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ec93642c5afe976b4309c54ce8b60794d6d360b29fd0497083fb740b4a9fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://datawrapper.dwcdn.net/7Yo1k/1744/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3790
content-type: text/css
content-length: 45
x-amz-id-2: fL72PaeEoakNf4aTJrYkkABy06+74dYaTG38eRanIeUpfdNo+cLbZWP7kTj19X4fvIfFVOs6Jsc=
last-modified: Mon, 21 Dec 2020 07:12:34 GMT
server: cloudflare
etag: "28ae109c282844ab715c164cbb4b9d64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owYLaNFrndRH9O%2F83b160zV8At%2Fn99jJuukqkVBuBYnckankAub25dRNounqo1rq8BRZC%2BLFH5VvPq5JuzjpC6LQ8Pta8c3TQDA0e5OYPlO%2BTHhBZS229p3EPY4P5p5rI33SnrbjKTO4lyJhXzbf%2FTvcnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: GJ4HV1X0NRTTP09M
x-amz-version-id: 8q1pCxlBl2hUfTN7hWCF2leV4zdXyuBv
accept-ranges: bytes
cf-ray: 6b602b664df70614-FRA

OPTIONS
H/1.1 200
OK webid
mcs.tobsnssdk.com/v2/user/ Frame 0
0 939ms
168ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/user/webid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:49 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234349386966
X-Tt-Logid: 20211130010549010245242245054E1879
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=2
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f36930354626493f4acfe09d985939417db3053fc
x-tt-trace-tag: id=00;cdn-cache=miss

POST
H/1.1 200
OK webid Show response
mcs.tobsnssdk.com/v2/user/ 84 B
761 B 181ms
180ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/user/webid
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 807f8962dc768ad74cbb51b04b78315c14f725da38d6403b6955f8e2ae776ed0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:49 GMT
x-tt-trace-tag: id=00;cdn-cache=miss
Server: nginx
X-Tt-Logid: 20211130010549010245242245054E1895
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Connection: keep-alive
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f3693035436b9a3233852db18daff1de78a628d07
server-timing: inner; dur=13
Content-Length: 84
Upstream-Caught: 1638234349554589

POST
H2 204 collect
analytics.google.com/g/ 0
163 B 44ms
44ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-CY42M5S751&gtm=2oeba1&_p=309007325&sr=1600x1200&_gaz=1&ul=en-us&cid=633002176.1638234349&_s=1&dl=https%3A%2F%2Fwww.detik.com%2F&dt=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&sid=1638234348&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 40ms
20ms Ping
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CY42M5S751&cid=633002176.1638234349&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CY42M5S751&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 136ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CY42M5S751&cid=633002176.1638234349&gtm=2oeba1&aip=1&z=673311295

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame DC58 2 KB
1 KB 25ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-909149.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PUg4tJkLNdM5ybLaGo1OUA-87LTcvXsbg53vi7AnjcsOlkcjSbKcKQ==
age: 1172982

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-891770-59&cid=633002176.1638234349&jid=1807327046&gjid=855992944&_gid=1684453788.1638234349&_u=YCDAiEABBAAAAE~&z=295251090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 01:05:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
39ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=309007325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.detik.com%2F&ul=en-us&de=UTF-8&dt=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABB~&jid=1807327046&gjid=855992944&cid=633002176.1638234349&tid=UA-891770-59&_gid=1684453788.1638234349&gtm=2wgba1NG6BTJ&cd1=2&cd6=berita%20hari%20ini%2C%20berita%20terkini%2C%20berita%20terbaru%2C%20info%20berita%2C%20peristiwa%2C%20kecelakaan%2C%20kriminal%2C%20hukum%2C%20berita%20unik%2C%20Politik%2C%20liputan%20khusus%2C%20Indonesia%2C%20Internasional&cd16=wpkanal&cd17=desktop&cm2=3.685&z=1102020528

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 09:17:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56914
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 28ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.detik.com%2F&rl=&if=false&ts=1638234348593&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638234348592.1793780736&it=1638234348499&coo=false&exp=p0&rqm=GET

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.detik.com%2F&rl=&if=false&ts=1638234348597&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638234348592.1793780736&it=1638234348499&coo=false&exp=p0&rqm=GET

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
48ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-891770-59&cid=633002176.1638234349&jid=1807327046&_u=YCDAiEABBAAAAE~&z=1239284182

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-891770-59&cid=633002176.1638234349&jid=1807327046&_u=YCDAiEABBAAAAE~&z=1239284182

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 momen-nurdin-abdullah-jalani-pemeriksaan-perdana-di-kpk_169.jpeg
akcdn.detik.net.id/community/media/visual/2021/03/05/ 85 KB
85 KB 274ms
273ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2021/03/05/momen-nurdin-abdullah-jalani-pemeriksaan-perdana-di-kpk_169.jpeg?w=700&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

f342631d586aa3f6926546ac232dc52cf1b15013f4b8d567e44ebdb726740a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"b1dc8b703e359d6751f3095203cc69fba397b972"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kisah-viral-pasangan-touring-naik-motor-ke-paris-1_169.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 18 KB
18 KB 271ms
271ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/kisah-viral-pasangan-touring-naik-motor-ke-paris-1_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

59566996d35a9fbbe7e0e4e8c0be458474a3bdfefb37d949e4bba94874839e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"80a489a51353b94ef0a5b5ad45fa827783c06d8d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b4d6cf22-050e-4ed4-af20-29a6f843531f_169.jpeg
awsimages.detik.net.id/community/media/visual/2019/09/19/ 17 KB
18 KB 271ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2019/09/19/b4d6cf22-050e-4ed4-af20-29a6f843531f_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

8da4fa2e9729cb8c7d4c666d99e01a7b061ce657d031e524943d0eb035ef0e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"167943eaf6fe011baf88cd51bf85346e88be1dd8"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-whatsapp-1_169.jpeg
awsimages.detik.net.id/community/media/visual/2020/10/30/ 8 KB
8 KB 271ms
271ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2020/10/30/ilustrasi-whatsapp-1_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

a5f741f3e9ba2c3b53234524fb27465eddbd8ac521d37c24da0b6b2ad38f15cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"f63e231f16696a1e6814fb22091834a0e5381f39"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hyundai-staria-signature-9_169.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 13 KB
14 KB 271ms
271ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/hyundai-staria-signature-9_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

de8029b3b1632793980941fe9149f352daa84f87b087b78f4aec8d7f6a5b647b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"ffbd4e37aa81f3e0220521e61a7c63d62f8450c7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rafaela-plastira-6_169.png
awsimages.detik.net.id/community/media/visual/2021/11/29/ 10 KB
11 KB 271ms
271ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/rafaela-plastira-6_169.png?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

0900f402d8ea027cfac57efc3a3ed1997d5daf01c883da8034e20f4ead90c73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"8e9609b090952f4a4884815d6c283180312f0264"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lionel-messi-ballon-dor-2021-1_169.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/30/ 10 KB
11 KB 271ms
271ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/30/lionel-messi-ballon-dor-2021-1_169.jpeg?w=250&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

57d1f073bdbcaf46d5234c4ddde527db3c353343b6aedab8ab5560af1e9a85da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"f9250c03e3a93e0da96c3d2dddb4c90e50e2cf9e"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dym_logo.png
awscdn.detik.net.id/detikcom/images/ 10 KB
11 KB 187ms
187ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awscdn.detik.net.id/detikcom/images/dym_logo.png?v=098ea5d8

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

c4c6e6957d372ad47f0868cd89467c9b58341d201f8c9e0fadd04154500d03be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 09:19:55 GMT
server: static11
cache-status: HIT
etag: W/"6019193b-2983"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 drainase-vertikal-atau-sumur-resapan-di-sekitar-rumah-soleh-solihun-29-november-2021-marteen-ronaldo-pakpahandetikcom_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 7 KB
8 KB 271ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/drainase-vertikal-atau-sumur-resapan-di-sekitar-rumah-soleh-solihun-29-november-2021-marteen-ronaldo-pakpahandetikcom_43.jpeg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

b3fbe9e709ba8ff9076160a7a80e2f089d24b9c3cd7812f3439dfc22ad6af736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"5ad58136412c2e1a9b96d53eeda6909fca8a643b"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jakarta-zona-hijau-corona-kata-wagub-ini-data-corona-terbaru_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/08/23/ 6 KB
7 KB 271ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/08/23/jakarta-zona-hijau-corona-kata-wagub-ini-data-corona-terbaru_43.jpeg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

94b1f967daf97deea052547f63fd1906ca2b416f855620f7ae05dadbcf0294a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"2b668f451a2ad088ee6d9f490e83ded3e2983cb0"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 perbaikan-tutup-drainase-vertikal-di-jl-intan-cilandak-barat-jakarta-selatan-2_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 7 KB
8 KB 271ms
271ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/perbaikan-tutup-drainase-vertikal-di-jl-intan-cilandak-barat-jakarta-selatan-2_43.jpeg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

4c4bb4bd7264f0c2c0a960ee0d036cd29c67cf2f2d10b6cefab208fc4cfcf8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: HIT
etag: W/"e8710a8c89feeb5bbcfec2c45c1e092cfc77e4a9"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cd9be86f-a798-4058-a446-fd79e88a9943_43.jpg
awsimages.detik.net.id/community/media/visual/2017/05/29/ 9 KB
9 KB 270ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2017/05/29/cd9be86f-a798-4058-a446-fd79e88a9943_43.jpg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

55e374e77dc21f8bdf33aedcf3686e724e15157dc853e3e5f733acf454590f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"42cefcb7e83c339c86f10877f15a9b67ed603a94"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hari-korpri-2021_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/29/ 5 KB
6 KB 270ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/29/hari-korpri-2021_43.jpeg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

124e8bfe6ee0f1535aae0da632380297e70c99c67e155ba340a896ec6e627063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: HIT
etag: W/"d1d86187f2ae62a256a82e28784db895ea541fa2"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 upah-minimum-2022-jawa-tengah-naik-rp-13-ribu-ini-penjelasannya_43.jpeg
awsimages.detik.net.id/community/media/visual/2021/11/22/ 7 KB
7 KB 270ms
270ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awsimages.detik.net.id/community/media/visual/2021/11/22/upah-minimum-2022-jawa-tengah-naik-rp-13-ribu-ini-penjelasannya_43.jpeg?w=150&q=90

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static11 /

Resource Hash

f47078fbf216b118d0bd5b55706d5b9dcccbc918a531fe06f28a5e1e6099df1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"df17509c55ee742808b6a433031d65344ca6b356"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static11
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TW3QW5K&t=gtm7&cid=633002176.1638234349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

753f357b767a131eb7f0d497e9b83b6dc1fb2b3a7e478b15e51e6a3213312432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34940
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 01:05:48 GMT

GET
H2 200 __dtm.gif
analytic.detik.com/detikanalytic/ 32 B
154 B 430ms
328ms Image
image/gif 35.241.10.124
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytic.detik.com/detikanalytic/__dtm.gif?dtmwv=4.0&dtmn=32988601&dtmdt=detikcom%20-%20Informasi%20Berita%20Terkini%20dan%20Terbaru%20Hari%20Ini&dtmhn=www.detik.com&dtmp=/&dtmf=-&dtma=146380193.32988601.1638234349.1638234349.1638234349.1&dtmb=146380193.1.10.1638234349&dtmr=&createddate=NaN&articleid=-&kanalid=-&dtmac=acc-detikcom&dtmacsub=desktop&createddate_ori=978307200000&publishdate=NaN
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.10.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 124.10.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
content-type: image/gif

GET
H2 200 dtkframebar-controller.js Show response
cdn.detik.net.id/libs/assets/js/framebar/ 5 KB
2 KB 202ms
202ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/assets/js/framebar/dtkframebar-controller.js

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static11 /

Resource Hash

4e660117322b78cf89440b7d5f15d74f12fac132787797bba05406f39aba417b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static11
cache-status: HIT
etag: W/"5e5f7ec3-13ae"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 721A 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.detik.com
URL: https://www.detik.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.detik.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.detik.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 30 Nov 2021 01:05:49 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 164ms
50ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.detik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 158ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.detik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
22 KB 742ms
741ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3229664771529343&correlator=2740292839498399&output=ldjh&impl=fifs&eid=31063798%2C21068031%2C31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=4905536%2Cdetik_desktop%2Cwp%2Cleaderboard%2Cbillboard%2Cparallax%2Ccenter2%2Cmedium_rectangle1%2Cmedium_rectangle2%2Cmedium_rectangle3%2Cmedium_rectangle5%2Cballoon_ads%2Cnewsfeed1%2Cnewsfeed2%2Cnewsfeed3&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14%2C%2F0%2F1%2F2%2F14&prev_iu_szs=728x90%2C970x250%2C300x250%7C1x1%2C300x250%2C300x250%7C300x600%7C300x500%2C300x250%2C300x250%2C300x250%2C400x250%7C300x600%2C1x1%2C320x50%2C1x1%2C320x50%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2Cheight%2C0&ists=21&prev_scp=pwtsid_ix%3D60912c7a0ff201b%26pwtbst_ix%3D1%26pwtecp_ix%3D0.01%26pwtsz_ix%3D728x90%26pwtsid%3D60912c7a0ff201b%26pwtbst%3D1%26pwtecp%3D0.01%26pwtpid%3Dix%26pwtpubid%3D156981%26pwtprofid%3D927%26pwtverid%3D59%26pwtsz%3D728x90%26pwtplt%3Ddisplay%7Cpos%3Dbillboard%26pwtsid_ix%3D57b7a153a98e17f%26pwtbst_ix%3D1%26pwtecp_ix%3D0.06%26pwtsz_ix%3D970x250%26pwtsid%3D57b7a153a98e17f%26pwtbst%3D1%26pwtecp%3D0.06%26pwtpid%3Dix%26pwtpubid%3D156981%26pwtprofid%3D927%26pwtverid%3D59%26pwtsz%3D970x250%26pwtplt%3Ddisplay%7C%7C%7Cpwtsid_ix%3D59956b83354af85%26pwtbst_ix%3D1%26pwtecp_ix%3D0.04%26pwtsz_ix%3D300x250%26pwtsid%3D59956b83354af85%26pwtbst%3D1%26pwtecp%3D0.04%26pwtpid%3Dix%26pwtpubid%3D156981%26pwtprofid%3D927%26pwtverid%3D59%26pwtsz%3D300x250%26pwtplt%3Ddisplay%7Cpwtsid_ix%3D58dd1e75ee2c857%26pwtbst_ix%3D1%26pwtecp_ix%3D0.04%26pwtsz_ix%3D300x250%26pwtsid%3D58dd1e75ee2c857%26pwtbst%3D1%26pwtecp%3D0.04%26pwtpid%3Dix%26pwtpubid%3D156981%26pwtprofid%3D927%26pwtverid%3D59%26pwtsz%3D300x250%26pwtplt%3Ddisplay%7C%7C%7C%7C%7Cpos%3Dnewsfeed2%7C%7Cpos%3Dnewsfeed3%7C&cust_params=site%3Ddetikcom%26section%3Dhome%26medium%3Ddesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1638234349&dt=1638234349201&dlt=1638234346483&idt=1685&frm=20&biw=1600&bih=1200&oid=2&adxs=599%2C-12245933%2C470%2C470%2C993%2C993%2C993%2C993%2C-12245933%2C273%2C-9%2C273%2C273%2C-9&adys=62%2C-12245933%2C2298%2C3834%2C486%2C510%2C1730%2C2767%2C-12245933%2C1375%2C-9%2C2641%2C4335%2C-9&adks=559046543%2C2748091701%2C2911000036%2C1334716558%2C1060388571%2C3782855166%2C3524708705%2C485315118%2C2698433970%2C696341901%2C320305055%2C3804640811%2C678374686%2C2081708927&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.detik.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C0x0%7C694x0%7C694x250%7C333x0%7C333x0%7C333x0%7C333x250%7C400x-1%7C694x8161%7C0x-1%7C694x8161%7C694x8161%7C0x-1&msz=728x-1%7C0x-1%7C300x0%7C300x-1%7C333x0%7C333x0%7C333x0%7C333x250%7C0x-1%7C694x0%7C0x-1%7C694x0%7C694x0%7C0x-1&ga_vid=633002176.1638234349&ga_sid=1638234349&ga_hid=309007325&ga_fc=true&fws=0%2C128%2C0%2C0%2C0%2C0%2C0%2C0%2C640%2C0%2C2%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C1%7C2%7C0%7C0%7C3%7C4%7C-1%7C5%7C-1%7C6%7C7%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a9d751eacefd0df573e7453c66f7a1cb216e7c2343fc6b26ff706fa3fd7cbcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,124173,-2,-2,-2,124173,124173,124173,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22636
x-xss-protection: 0
google-lineitem-id: 4739042325,-2,-1,-2,4739042325,4739042325,-1,-1,-1,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238761162,-2,-1,-2,138238761123,138238761126,-1,-1,-1,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE62 6 KB
4 KB 148ms
47ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 showban.asp Show response
fundingchoicesmessages.google.com/f/AGSKWxX2LA1toRkCKsdEKYJgpAqHwDK-TWQHJCPJQlattKag3s2OSh9oAjuWPdl_CXhwMVtEa-Q_ERkPkHoKm0FQMV4_sIx7kqTTqS8FmucUvcyOrNprs1PsBSVSvaiDcW2IvRqeHVhyVh7NRbtyV4GCL_DwaUjNE... 54 B
106 B 67ms
67ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX2LA1toRkCKsdEKYJgpAqHwDK-TWQHJCPJQlattKag3s2OSh9oAjuWPdl_CXhwMVtEa-Q_ERkPkHoKm0FQMV4_sIx7kqTTqS8FmucUvcyOrNprs1PsBSVSvaiDcW2IvRqeHVhyVh7NRbtyV4GCL_DwaUjNEPJSLC3MfU-ANA6Epoy6MGRGmlZGQVA5Okdh1xYjJ-pa1knNtDlHznMnuCx1q8AudXB6WRJEiEEoJz2-xto=/_/richoas./showban.asp?/160x600_?adtag=/peel.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57a4953c09ed67b9652fd1f5603e75f794cd8d640b48b6544961ffd9fbdfa1bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fjvGhAYOFi5Ri6sllqzOug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fjvGhAYOFi5Ri6sllqzOug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fjvGhAYOFi5Ri6sllqzOug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fjvGhAYOFi5Ri6sllqzOug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 148ms
65ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc821dd0f5ddf6176429e96bbe9d928433e076754076c84b3d5e9f00bcf1a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51458
x-xss-protection: 0
server: cafe
etag: 1648294490972606050
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 01:05:49 GMT

POST
H3 204 AGSKWxU0fW3zBVWvFGyp9BiuSOZ4TuY7y7iqHDhgKgfZdZbOiwebO8991JwC1T10MgJKx-Ndg6GOUBLydnJbA4YSYiinw8e862ub7GSuU5EEJCgPteXpQI8zEl3Jl3cZaoVHRriIUsgrESUKlItYbArhEbCdBlP7EDwQn3nsSiQkrEktosMcFr3y-23x0Toq Show response
fundingchoicesmessages.google.com/el/ 0
26 B 51ms
51ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0fW3zBVWvFGyp9BiuSOZ4TuY7y7iqHDhgKgfZdZbOiwebO8991JwC1T10MgJKx-Ndg6GOUBLydnJbA4YSYiinw8e862ub7GSuU5EEJCgPteXpQI8zEl3Jl3cZaoVHRriIUsgrESUKlItYbArhEbCdBlP7EDwQn3nsSiQkrEktosMcFr3y-23x0Toq

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nw8MDOIavT9u/pAAmfEMNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nw8MDOIavT9u/pAAmfEMNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-nw8MDOIavT9u/pAAmfEMNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nw8MDOIavT9u/pAAmfEMNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 74AF 2 KB
1 KB 31ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 30 Nov 2021 01:05:49 GMT
Connection: keep-alive

POST
H3 204 AGSKWxU0fW3zBVWvFGyp9BiuSOZ4TuY7y7iqHDhgKgfZdZbOiwebO8991JwC1T10MgJKx-Ndg6GOUBLydnJbA4YSYiinw8e862ub7GSuU5EEJCgPteXpQI8zEl3Jl3cZaoVHRriIUsgrESUKlItYbArhEbCdBlP7EDwQn3nsSiQkrEktosMcFr3y-23x0Toq Show response
fundingchoicesmessages.google.com/el/ 0
27 B 54ms
54ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m6+JtI1JpW+9s8eqOhBtrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m6+JtI1JpW+9s8eqOhBtrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-m6+JtI1JpW+9s8eqOhBtrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-m6+JtI1JpW+9s8eqOhBtrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1EB5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

24ms
24ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c3d6766c04cabc648589b4dcf70951d577f77471f3dba67418792115994a16ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|230|39|45|111|221|196|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1594
Expires: Tue, 30 Nov 2021 01:05:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 336
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 30 Nov 2021 01:05:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Connection: keep-alive

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1EB5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&dcc=t

43 B
645 B

102ms
102ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 21665BHRE35H90H7SFBW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X6X2RNG61CKVK5ZYBDXN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1EB5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaV47XXA78OkSVU5GhToNQAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHuZaCAvIW6tVHGKzrLh-LQ&google_cver=1

43 B
315 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHuZaCAvIW6tVHGKzrLh-LQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 30 Nov 2021 01:05:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHuZaCAvIW6tVHGKzrLh-LQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1EB5 70 B
265 B 104ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1EB5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaV47XXA78OkSVU5GhToNQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHBdt4_IIGmOPZlpiYJrhT0&google_cver=1&gdpr=1

43 B
1009 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHBdt4_IIGmOPZlpiYJrhT0&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 01:05:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHBdt4_IIGmOPZlpiYJrhT0&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 1EB5 0
331 B 64ms
20ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

tpid=YaV47XXA78OkSVU5GhToNQAA%261166
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 1EB5
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1

49 B
735 B

41ms
41ms

Image
image/gif

52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.107
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YaV47XXA78OkSVU5GhToNQAA%261166?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.10.41
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1EB5
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

11ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 30 Nov 2021 01:05:49 GMT

Redirect headers

date: Tue, 30 Nov 2021 01:05:49 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1EB5
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640826349

43 B
982 B

12ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640826349
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 01:05:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1640826349
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1EB5 43 B
425 B 8ms
7ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YaV47XXA78OkSVU5GhToNQAA%261166
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.detik.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:49 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3184
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 01:58:53 GMT

GET
H2 200 livestreaming Show response
tv.detik.com/statuslive/ 438 B
575 B 338ms
338ms XHR
application/json 103.49.221.132
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.detik.com/statuslive/livestreaming

Requested by

Host: awscdn.detik.net.id
URL: https://awscdn.detik.net.id/assets/js/jquery-min-3.2.1.js?v=098ea5d8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.49.221.132 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-132-221-49-103.detik.com

Software

dtk18 /

Resource Hash

bfe9bfc2c6ec412a27a27b8434496c9ce9de677e7032b8eb3ec5b1bf72ff22aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: dtk18
strict-transport-security: max-age=31536000; includeSubDomains; always
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform
vary: User-Agent, Accept
x-xss-protection: '1;mode=block'

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame F5D9 11 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Nov 2021 09:43:00 GMT
expires: Mon, 13 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 55369
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 AGSKWxU0fW3zBVWvFGyp9BiuSOZ4TuY7y7iqHDhgKgfZdZbOiwebO8991JwC1T10MgJKx-Ndg6GOUBLydnJbA4YSYiinw8e862ub7GSuU5EEJCgPteXpQI8zEl3Jl3cZaoVHRriIUsgrESUKlItYbArhEbCdBlP7EDwQn3nsSiQkrEktosMcFr3y-23x0Toq Show response
fundingchoicesmessages.google.com/el/ 0
26 B 55ms
55ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tZN0H3h6O1ESQOWGAn6XNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tZN0H3h6O1ESQOWGAn6XNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tZN0H3h6O1ESQOWGAn6XNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tZN0H3h6O1ESQOWGAn6XNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU_253U7cck2MwoLiAecciVBgv9TO4GOxq03S4BV1OcjEYhAUHJ_6BHi8KCeJjH2H2rTB7f5QgPtFb6W1kOPyxPC-Gm3OgyV6KZ54kVw19Skg690Gt2WFf3aXg4JwfYqn2H5U4rhs3hjxlt0EHaX7jjCmeXRUrG2k0L9y_cCsvmp76RxtVTuPMm5yCk Show response
fundingchoicesmessages.google.com/f/ 40 KB
15 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU_253U7cck2MwoLiAecciVBgv9TO4GOxq03S4BV1OcjEYhAUHJ_6BHi8KCeJjH2H2rTB7f5QgPtFb6W1kOPyxPC-Gm3OgyV6KZ54kVw19Skg690Gt2WFf3aXg4JwfYqn2H5U4rhs3hjxlt0EHaX7jjCmeXRUrG2k0L9y_cCsvmp76RxtVTuPMm5yCk?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4MjM0MzQ5LDUwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5kZXRpay5jb20vIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

481b5a2ca81c65e72c8be1d1f7ccd767350de2d5dfbe975f9aec234c30660982

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vI+PkTfUMrEuzpm/2tR8hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vI+PkTfUMrEuzpm/2tR8hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-vI+PkTfUMrEuzpm/2tR8hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vI+PkTfUMrEuzpm/2tR8hA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU0fW3zBVWvFGyp9BiuSOZ4TuY7y7iqHDhgKgfZdZbOiwebO8991JwC1T10MgJKx-Ndg6GOUBLydnJbA4YSYiinw8e862ub7GSuU5EEJCgPteXpQI8zEl3Jl3cZaoVHRriIUsgrESUKlItYbArhEbCdBlP7EDwQn3nsSiQkrEktosMcFr3y-23x0Toq Show response
fundingchoicesmessages.google.com/el/ 0
27 B 90ms
90ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6NqzkqANNdcPlouWrm4bPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6NqzkqANNdcPlouWrm4bPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6NqzkqANNdcPlouWrm4bPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6NqzkqANNdcPlouWrm4bPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIdCRR9pmI_LR98CXlrJsVIp6atahwKfKduzTFu6ZtB9rBSPVmc7piKTjEkrZ_NS-8sU07qA5o5iD1JQOoW_Jm37TnKRj5cVtICv9QXavCElb5VQ_gO7pwsUyEyJMegKKRnk0Pa_Hd0ApLQOyBBqhhGnVCihc895tGS-0tfb-u1FxwEGDKeldeGGsA Show response
fundingchoicesmessages.google.com/el/ 0
26 B 56ms
56ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXIdCRR9pmI_LR98CXlrJsVIp6atahwKfKduzTFu6ZtB9rBSPVmc7piKTjEkrZ_NS-8sU07qA5o5iD1JQOoW_Jm37TnKRj5cVtICv9QXavCElb5VQ_gO7pwsUyEyJMegKKRnk0Pa_Hd0ApLQOyBBqhhGnVCihc895tGS-0tfb-u1FxwEGDKeldeGGsA

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.kelJNyiwGDM.es5.O/d=1/rs=AJlcJMzMkibWUc1KzRTXaSDcYRMAbh1cRg/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MnKADY81mVyHiLVz03e5yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MnKADY81mVyHiLVz03e5yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MnKADY81mVyHiLVz03e5yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MnKADY81mVyHiLVz03e5yQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXIdCRR9pmI_LR98CXlrJsVIp6atahwKfKduzTFu6ZtB9rBSPVmc7piKTjEkrZ_NS-8sU07qA5o5iD1JQOoW_Jm37TnKRj5cVtICv9QXavCElb5VQ_gO7pwsUyEyJMegKKRnk0Pa_Hd0ApLQOyBBqhhGnVCihc895tGS-0tfb-u1FxwEGDKeldeGGsA Show response
fundingchoicesmessages.google.com/el/ 0
26 B 91ms
90ms XHR
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QkThpj33dbWMTTE9FeP5mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-QkThpj33dbWMTTE9FeP5mg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QkThpj33dbWMTTE9FeP5mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-QkThpj33dbWMTTE9FeP5mg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK list
mcs.tobsnssdk.com/v2/event/ Frame 0
0 169ms
168ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:49 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234349743568
X-Tt-Logid: 20211130010549010245242245054E18A8
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=2
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f36930354626493f4acfe09d985939417db3053fc
x-tt-trace-tag: id=00;cdn-cache=miss

POST
H/1.1 200
OK list Show response
mcs.tobsnssdk.com/v2/event/ 34 B
792 B 185ms
167ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:49 GMT
Upstream-Caught: 1638234349929608
x-tt-trace-tag: id=00;cdn-cache=miss
server-timing: inner; dur=0
Connection: keep-alive
Content-Length: 34
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20211130010549010245243107034E55BE
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e8aa5961d8a27b7289860510f1dc48b13821ba8480cf7ff6486fc33a6b02a34089
Expires: 0

POST
H/1.1 200
OK list Show response
mcs.tobsnssdk.com/v2/event/ 34 B
792 B 343ms
174ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5

Request headers

X-MCS-AppKey: 566f58151b0ed37e
Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT
Upstream-Caught: 1638234350098239
x-tt-trace-tag: id=00;cdn-cache=miss
server-timing: inner; dur=6
Connection: keep-alive
Content-Length: 34
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20211130010550010245243107034E55DE
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e8aa5961d8a27b7289860510f1dc48b13821ba8480cf7ff6486fc33a6b02a34089
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs.tobsnssdk.com/v2/event/ Frame 0
0 169ms
169ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mcs-appkey
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:49 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234349760257
X-Tt-Logid: 20211130010549010245243107034E559F
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type,x-mcs-appkey
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=2
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e8aa5961d8a27b7289860510f1dc48b1383e3440eec876bffd1988c0f056ed9927
x-tt-trace-tag: id=00;cdn-cache=miss

POST
H/1.1 200
OK list Show response
mcs.tobsnssdk.com/v2/event/ 34 B
792 B 328ms
159ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT
Upstream-Caught: 1638234350247880
x-tt-trace-tag: id=00;cdn-cache=miss
server-timing: inner; dur=0
Connection: keep-alive
Content-Length: 34
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20211130010550010245248004264DBBDB
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e87c363705f827c6bc45311d4b74f3918ea25d79e957b8d616509b61bd274e099b
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs.tobsnssdk.com/v2/event/ Frame 0
0 303ms
167ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:49 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234349911992
X-Tt-Logid: 20211130010549010245242245054E18BA
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=1
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f3693035436b9a3233852db18daff1de78a628d07
x-tt-trace-tag: id=00;cdn-cache=miss

OPTIONS
H/1.1 200
OK list
mcs.tobsnssdk.com/v2/event/ Frame 0
0 332ms
169ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:50 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234350082243
X-Tt-Logid: 20211130010550010245242245054E18CE
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=1
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f3693035436b9a3233852db18daff1de78a628d07
x-tt-trace-tag: id=00;cdn-cache=miss

POST
H/1.1 200
OK list Show response
mcs.tobsnssdk.com/v2/event/ 34 B
792 B 171ms
171ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT
Upstream-Caught: 1638234350253649
x-tt-trace-tag: id=00;cdn-cache=miss
server-timing: inner; dur=0
Connection: keep-alive
Content-Length: 34
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20211130010550010245242245054E18EB
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e89be8d450075ccfbcfc86b15f3693035436b9a3233852db18daff1de78a628d07
Expires: 0

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 2 KB
1 KB 215ms
214ms XHR
application/json 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=557%7C558%7C1068%7C626%7C2772&prefix=revive-0-&loc=https%3A%2F%2Fwww.detik.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

8a0238fccea9da640dc5455fbef88036eeebf12f18162cdc8fd4f66704c8a595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive2
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 93ms
49ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83021352e6ee2000abb5ff57e553f874055a46faa62fc67ec1c334680abb3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9168
x-xss-protection: 0

POST
H/1.1 200
OK list Show response
mcs.tobsnssdk.com/v2/event/ 34 B
792 B 168ms
168ms XHR
application/json 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Requested by: Host: sf16-scmcdn-sg.ibytedtos.com
URL: https://sf16-scmcdn-sg.ibytedtos.com/goofy/log-sdk/collect/collect-autotrack-rangers.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: 7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT
Upstream-Caught: 1638234350278494
x-tt-trace-tag: id=00;cdn-cache=miss
server-timing: inner; dur=2
Connection: keep-alive
Content-Length: 34
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20211130010550010245243014104DFDA3
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.detik.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e8aeee05a4dc49c91029f8bb537a99f446b372f1d5280398f53f1d691fdb9950d2
Expires: 0

OPTIONS
H/1.1 200
OK list
mcs.tobsnssdk.com/v2/event/ Frame 0
0 330ms
168ms Preflight
application/octet-stream 103.136.220.204
TIKTOK-AS-AP TIKT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/v2/event/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.220.204 Singapore, Singapore, ASN138699 (TIKTOK-AS-AP TIKTOK PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.detik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 01:05:50 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Upstream-Caught: 1638234350110331
X-Tt-Logid: 20211130010550010245243014104DFD82
Access-Control-Allow-Origin: https://www.detik.com
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
server-timing: inner; dur=1
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cba46918da4addff00da379ae461dc81fa667f169ec33a3751439ad0fd83431a3e8aeee05a4dc49c91029f8bb537a99f446b372f1d5280398f53f1d691fdb9950d2
x-tt-trace-tag: id=00;cdn-cache=miss

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 145ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D79 6 KB
3 KB 89ms
42ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 362E 6 KB
3 KB 58ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF78 6 KB
3 KB 49ms
43ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E195 6 KB
3 KB 44ms
44ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3648 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B397 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E619 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 01:05:49 GMT
expires: Wed, 30 Nov 2022 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200 626.json Show response
id5-sync.com/g/v2/ 213 B
531 B 40ms
8ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/626.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

5cea90b4ebb66c0fc97ced5faec03a41e5a192ca819c1d2b4751bc7ef52aeedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.detik.com
Date: Tue, 30 Nov 2021 01:05:41 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
327 B 67ms
19ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.detik.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 48ms
39ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 369db451823b83d2f1c33d49178d5187b1de13092d52d1bf0faa77a07432b97b

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.detik.com
cache-control: no-cache
x-server: 10.45.4.89
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 30ms
30ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: b7ba4683eed3e3769e4416da3464ce98a65717cd7250af160190af0d3be03229

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 30 Dec 2021 01:05:50 GMT

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
333 B 551ms
549ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=557&loc=https%3A%2F%2Fwww.detik.com%2F&cb=fdc0850025

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
server: revive2
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
333 B 550ms
548ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=558&loc=https%3A%2F%2Fwww.detik.com%2F&cb=5d20567039

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
server: revive2
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
333 B 550ms
548ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1068&loc=https%3A%2F%2Fwww.detik.com%2F&cb=d7e4f9d6a3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
server: revive2
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 825a644de4c0994eb8fb26605a591268.jpg
newrevive.detik.com/images/ 57 KB
58 KB 367ms
365ms Image
image/jpeg 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/images/825a644de4c0994eb8fb26605a591268.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

db3918087fd5e7c7c05fafa1a16fbe8eed2ccd10512bf676681f9d228d677a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
last-modified: Mon, 29 Nov 2021 11:10:50 GMT
server: revive2
etag: "61a4b53a-e53c"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 58684

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
333 B 549ms
546ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=174897&campaignid=65231&zoneid=626&loc=https%3A%2F%2Fwww.detik.com%2F&cb=9f03a65ae9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
server: revive2
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
333 B 550ms
548ms Image
image/gif 103.49.221.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2772&loc=https%3A%2F%2Fwww.detik.com%2F&cb=4be8a0c2ba

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.49.221.244 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-244-221-49-103.detik.com

Software

revive2 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
server: revive2
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 362E 0
0 84ms
83ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs70Z7XilYeGbFIuIgAfWgIrAAv7T969czs-92OoCwI23ARABIABgleKQgqAHggEXY2EtcHViLTA0Mjg1MTYxNjQyMjUxNzLIAQngAgCoAwGqBOUBT9De1KlJTaD4mXXtzqqWW3TFcROoclayHo_HHK2XLPnUxbfuopY7N2sFSdQqsK88uUEnl1a6DsrOq0TqU9_ViFSSI34U6ewRONbA-DizSCIjZoTzz7cYID9sQJObmiVif2MhJiB0ard0cuD0XT8tZGFctdWMi2nnvgtHz2t-iAFPWbVyUst7wlot6opSaz6flqzI5qcDceHTXKWaMGaDrnxUj-7cZz89_AegndlxZuY0fZ_iT4TwwyKvpL1tpeh_SytvW6KSeAUMVwNjkHJE0oSaxixkO7bZ5-SvsHCwxcZ3yaN-VeAEAYAGjYTf3IqnjPcPoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDQyODUxNjE2NDIyNTE3MhjgzxE&sigh=piL8Gn_IkHA&uach_m=[UACH]&cid=CAQSPACNIrLM4o40ZxHxg8LexTuwdC9o4T43vJIdUF_kxvIzZe2pKgKlUMJOOEuk9Nkz6JAXHX58bgmM8MDjxRgB&tpd=AGWhJmufaTWT4H0Wqz74ozqSgisj8XxDzs7te_vUqrjASuMq6Rh9-n2c6t5FTG9ZI996qjJqF79NEZqDgT8cTxhV4NHjwbTYanpfTACwB8YD3CV3cQthW-gVYrshqm7a5UHm_2jQHTplhCTTmbln_ib6Hr8RFa_8HddNcpD5RB5bA2Ubvf7O6CubEfFwGRegmzQOFP5vDaVntNQCskX6-I4_LbmU11JH6fxoTLara35cCiWTlZPDRPmZqfQoUz3gh1Oh3W43w-sff6bPDyPaztBD0iiuDGqDHSbNXkTOQk9tBAFKP0yQa1ZXSMrHH2IHwiRt-MVjTF8x4mlo7f3YBPiexInvge0n5L6zlRAA_mpCoruN9NtQNHaQhrd5jmswLpBR7XOYF3VAx3r518t5qCzhuP0t2CFLZtkh6shYvYtQbRb6R3JDM-gDJA96LPtSBv7NYLkgjdr538s3iQi_D2Eux_qo0sQTBH5hCI8nYWodI2MQRngNRHxgqRXhKG41N1MQ_O9ibk5TkQeinpiqxgY9jdnYS03t2NQEqWsQI9VHThLcdo1duq0e5XchJduqV2AtnH3YH3BsG56bSOn-8DKG-sjpCEHpjllAtMulmRSnpO5-by0PVhiAMVa4x4rfS1vtSS-ppME5AIXvnZA4qm2KHiw8Wsc6plpAxYx_L3dxh6JWRoTHUnj6cQzeIL_DmyESWCw9dUgCvYaEi4efzyX6V31nNmm_5FLyM5F7SzyiwNsJ56AnDv0bAsxx5PoPIJEeFtTtAuQpV9C31Ero7Q
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 362E 1 KB
1 KB 89ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43799646;rtbwp=2263ED4000E94345;rtbdata=P2CGoVTHz3SMEphiEqzcfOEORNekb81AOztTo-jCDZvAE0sVFQ799lRxvSZSu7VCR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajXPRrgftpVkXeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDhNuTKE8DEq8xOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/4ca1bf11-6607-4d96-8cbc-a039f5424e0d/

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

d2ef81050879e007101ec36f847a6064dfaf77b98f048610b6d856ac673726b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1115
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 362E 2 KB
1 KB 151ms
105ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:59:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 362E 119 KB
37 KB 139ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 362E 15 KB
6 KB 97ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:48:53 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 362E 22 KB
7 KB 120ms
75ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D79 22 KB
7 KB 123ms
79ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156981/927/59/ Frame 4D79 418 KB
123 KB 9ms
8ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96bb4558c6329a9aecb5a5563294b25663a1aae0958040229e225ee0fc3daac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:10:21 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121c37-687cf-5cf4e9c5f012a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=65272
accept-ranges: bytes
content-type: text/javascript
content-length: 124872
expires: Tue, 30 Nov 2021 19:13:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D79 119 KB
36 KB 263ms
176ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/detikcomdfpdisplay520406812784/ Frame 4D79 305 KB
103 KB 53ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9d9c3ec50dfffd55390e1b0a50a0f04381345b847bca98d739234aa18983cff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:29:26 GMT
server: AmazonS3
x-amz-request-id: VX8G2VJ635WQXMB0
etag: "48034a98a2fcb14540a41a0550814d00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49802
accept-ranges: bytes
content-length: 105223
x-amz-id-2: V/5G22FLPGn9AogFSiHRIXOm6ZpB8wSA73BAgRT2E2wsEbMQ3nqci+d83Zyamt8vfMegLUcIywQ=

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DF78 22 KB
7 KB 127ms
84ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156981/927/59/ Frame DF78 418 KB
123 KB 11ms
11ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96bb4558c6329a9aecb5a5563294b25663a1aae0958040229e225ee0fc3daac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:10:21 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121c37-687cf-5cf4e9c5f012a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=65272
accept-ranges: bytes
content-type: text/javascript
content-length: 124872
expires: Tue, 30 Nov 2021 19:13:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF78 119 KB
36 KB 230ms
146ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/detikcomdfpdisplay520406812784/ Frame DF78 305 KB
103 KB 35ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9d9c3ec50dfffd55390e1b0a50a0f04381345b847bca98d739234aa18983cff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:29:26 GMT
server: AmazonS3
x-amz-request-id: VX8G2VJ635WQXMB0
etag: "48034a98a2fcb14540a41a0550814d00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49802
accept-ranges: bytes
content-length: 105223
x-amz-id-2: V/5G22FLPGn9AogFSiHRIXOm6ZpB8wSA73BAgRT2E2wsEbMQ3nqci+d83Zyamt8vfMegLUcIywQ=

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E195 22 KB
7 KB 106ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156981/927/59/ Frame E195 418 KB
123 KB 12ms
11ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 96bb4558c6329a9aecb5a5563294b25663a1aae0958040229e225ee0fc3daac7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:10:21 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121c37-687cf-5cf4e9c5f012a"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=65272
accept-ranges: bytes
content-type: text/javascript
content-length: 124872
expires: Tue, 30 Nov 2021 19:13:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E195 119 KB
36 KB 275ms
197ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/detikcomdfpdisplay520406812784/ Frame E195 305 KB
103 KB 45ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9d9c3ec50dfffd55390e1b0a50a0f04381345b847bca98d739234aa18983cff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:29:26 GMT
server: AmazonS3
x-amz-request-id: VX8G2VJ635WQXMB0
etag: "48034a98a2fcb14540a41a0550814d00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49802
accept-ranges: bytes
content-length: 105223
x-amz-id-2: V/5G22FLPGn9AogFSiHRIXOm6ZpB8wSA73BAgRT2E2wsEbMQ3nqci+d83Zyamt8vfMegLUcIywQ=

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3648 0
0 84ms
81ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDIsX7XilYaihFIuIgAfWgIrAAv7T969czs-92OoCwI23ARABIABgleKQgqAHggEXY2EtcHViLTA0Mjg1MTYxNjQyMjUxNzLIAQngAgCoAwGqBPYBT9B8L5WNkArX507mKAqqXxo0SIIpIKe8Koww_7oGxfGB43oWMgg-kZYNRxfyb_fM9ZhFq7zwgnKNKSdonS-kiyWSiJinaTe1TC60kDcbKrnJYbQ8sRkHEpm0Hynpi8uRFj1D_dZVkHHmuyjcWzsDpbj5ZG_dJR6DvyUZazWEvlGWrl_9CTYVQsMRLbfnf485urIGWiv7tDjPv0yj-nuHATxVltFzl6DVmLUWVBRrMHgLxdjNcg1nyDJncM2fw6iMbSuaqlH4-Y_Q1Rg6xJN0ZkjVYeyppW4wIUHOHzzDwmZKgOGcXXOTu6u04d-SLdMgdT7wqkk94AQBgAbFvIL-8ujJyIQBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDQyODUxNjE2NDIyNTE3MhjgzxE&sigh=NnGJRGFH2KE&uach_m=[UACH]&cid=CAQSPACNIrLM4o40ZxHxg8LexTuwdC9o4T43vJIdUF_kxvIzZe2pKgKlUMJOOEuk9Nkz6JAXHX58bgmM8MDjxRgB&tpd=AGWhJmuuBGa7x1OSt6ylfMCaHQKfeTGlgLDZf7Fgyemw_V7iWQ0o-GEp_cp-a2MUdQWf2g1LKk8OI6AxLqPbB9zB1rqm4rFfeP2YsPkh4ssb6z6Hm-W3YzSYyGNX48ZItXL0T3YPKI0BrbvgiPSd2agFho7JZb6aCb9A8uvcqXdkJvkmbZmEvYhCCrMWZKw8kP7oIclH7flxYH3gienZ6x8uDySWz3dZ0uQex5nVxDt9UL252qYK6ltSMlvS443b9JTX6x5CbBcObiXCRqUc_wqT4gzdKGgYxXgPe6yPfxyUP_3fNn9U72D7ahH4yXOA_P-UEjbqZsUMa7MD8mF46gOWYX5by-CcIZx9_oQT3-GW8duIAYB_tOYHsfuFXf1ibWadE_UM2n2crDHG-VUzoXEo6Gg16N1lHduw-uxKMxiQovdHnEkjjDN0CHD1YWG7AcEzWnn_wsXCbz6CvhyVUsUrAz7vTGXJWsLZed-Cn_uW6wLsd7q4pOAZoEhPeyhWUZAGdF2_WdLeceIw7IqqRWl4aERCRa7zflxnhfepTR8nMDWV--xMX_3Np6qIYPPbDsOL8g_0Li_p4tZuoDDcNRvJo2MOuqKul2DXGHSSNJO3oDaPjft2Dj2j4yLyq5JIVRoSt6LC2kxPMtKMHl0SPnbF1qVfH00e4uVbHNea_v_whn0pvnMaohy08jScHPP7wB6YujGrzEvYZxjEU040Pe0RHCc19vVG_NBFVRofEXNcEseQdLDUJuWT8TJYlHAX3BsWXBzBPxbAKSxXzpCPhw
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3648 1 KB
1 KB 76ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=42256465;rtbwp=2263ED4000E94345;rtbdata=dHCRDO3w5XMB0bk99LE8fbCCY28GX3rWZH0FPxiV463KsOvUMJTU01ibVU-NbXPjR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajavrTeTwiY69PR7tgaq7yWVOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/a1f14ac1-c50c-4030-85bd-056bc118e62e/

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

fe546db9dbf0126f75275414c79988c9554d5277fd5e02e1a1f898c931be51b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1115
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3648 2 KB
1 KB 138ms
105ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:59:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3648 119 KB
36 KB 262ms
187ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3648 15 KB
6 KB 90ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:48:53 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3648 22 KB
7 KB 122ms
90ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 155E 12 KB
5 KB 68ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 21:45:10 GMT
expires: Tue, 29 Nov 2022 21:45:10 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EE3 783 B
534 B 94ms
47ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

989d3389d5fe64e445a33e50cd557cb8257a1e8bd18bba07e706d85cfc0e35b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-75XupAxrAwYorn4LePk5xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 30 Nov 2021 01:05:50 GMT
date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-75XupAxrAwYorn4LePk5xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B397 0
0 85ms
83ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAERq7XilYfCiFIuIgAfWgIrAAv7T969czs-92OoCwI23ARABIABgleKQgqAHggEXY2EtcHViLTA0Mjg1MTYxNjQyMjUxNzLIAQngAgCoAwGqBO4BT9BDoNv4CQXv9u5IS0hRGhQcxkY0NSajGynuYQG77OFE02jGGQ__odKcpkIZOBJHYiuKpuQXRKCM8kzGK4Sv3amQNcaBXODdJ6RtEQKvCYB8HEwQDbUNNNNXANLKlGrxAw1-hrzTRQQkoB6p5sXGMB23eG7SpItDOWJgP_bHfN6_1Qpj726a_q6as0Dzqk8cdSLt7HK_MnpYF9nETOC7b97HlbAPzIruGY3HqTCioga4pcU87XQyxO2icTkdDfWi30R1DOiDxOuYoURpdNneaG-2SjVLqxn_8XG4AvrfHZXJWnwFyHFDjdjbQIBgh-AEAYAG9J22vv2qxphxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDQyODUxNjE2NDIyNTE3MhjgzxE&sigh=FSR4-cTdN0M&uach_m=[UACH]&cid=CAQSPACNIrLM4o40ZxHxg8LexTuwdC9o4T43vJIdUF_kxvIzZe2pKgKlUMJOOEuk9Nkz6JAXHX58bgmM8MDjxRgB&tpd=AGWhJmv-Um4xYGAwAyhP3OE9OuPendzy-KD5irj9TSKqhghDX4maPzBINls4nM2XCAjiKDmGLxFljDUrcLs3vUJtuISLJiMP6-DmQA2wnCO3JqdN1BpdXd8Ek9vSjvI9ea6XIhspbRFqKerTp06Abb3lyK5MlwWAHZvA1csz-J_aOfGHE1SFSYBpY2uAJLzcHUIx3rSwMm3VnX6Ab9ouLQiYbbn8peLJXspvVQQh_ntoy9cnvuIN4l5gaTnZpfu6QHkYVf9ky5m4KF82x201r50mkICyxPMmdrKsPNukHrwSop76VC6Z81l1MRsidZE2x13GxyQlzVJMNMlxV6ho1CLdIM9Ygpn4kof77unOqduQB_d8Z6Sxrkg5Js-9tl4nRDwYi99v4NYNcOFlxD43fxN6GXiR7lz22K9xpBM6e1FnWyvEJeD3CFI_XFEAtxgWRze3ZeKIamUsJ-kFKXcenH5EBTfj6-zZ4vsc_72VbmWB48jUvF_tfO5Vlh9V-CQ6mwkarmiJC1ZKehhJg9mwGk4kdQEbhQ1VSxXbXPWUJThp3spoJRm49LCpTiQ23UYEtVQIkurbF7FmtnBSbmqB7HSzIVJNunmcJ2JTuSeP-1N3YXM_ex76oQqhcEeVvDTelt8fVQMIyqanxxedwyO1QZOP7jP4_wGzz9lkewI0gDyIzC-_PiZL9JpgpGaDMN5b0YICJCHXD8aG_Jcbaxj-j5SbK5TgAZnbI3HxUgtNuwJVGhCcFmXZLC1TwehXIU9xfxJHf9RMoe1DW-lERnY9Ew
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B397 1 KB
1 KB 85ms
37ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46848273;rtbwp=2263ED4000E94345;rtbdata=MLJLdSn2DudgWtIM2Meq7jQVaiMOJtFHd82MexC9oVGfZwiMixeAJAEPZDIiCfVWR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajUCzadlf9GEOeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDDDkqdzwSB-ZSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDs4e6UJ19UI7xOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/8ebb3796-d773-40ba-b577-253c32182e10/

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

150abe42b35753d4a05047b584ba25b8db817ad242954df3f5faa7240f85535b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1111
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B397 2 KB
1 KB 130ms
104ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:59:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B397 119 KB
36 KB 191ms
123ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B397 15 KB
6 KB 66ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:48:53 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B397 22 KB
7 KB 88ms
63ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E619 0
0 87ms
86ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2Jfn7XilYaSkFIuIgAfWgIrAAv7T969czs-92OoCwI23ARABIABgleKQgqAHggEXY2EtcHViLTA0Mjg1MTYxNjQyMjUxNzLIAQngAgCoAwGqBOUBT9DjrvRli7XCM0Ofnbmr1xpz3fVka4EXngQVdGCFBWmVZz64CBilifQO7juMafKaKX02fPD3_V-iW0pyMcroqHGBVGc68wQIypCMQ1MT6A1AAIm8vswMmhSiWlnZtJXsb668cGcHtkT3Qa9piD1HQrF6_c_RIuPR0onUcJsBzRPjt8wSGyLMPXN8Cl_lYUgvSbqSR8lOrllo22igCYzu-LUz8-IlV8noq2PmXotK-WfrybzvoURavEipizaHpIsPC9nnoOm4E3oMz6VA6RVDb6ttdZeIFeJWMDdoUvDkEeNjKI4idOAEAYAGlJzmnoPU0eWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTA0Mjg1MTYxNjQyMjUxNzIY4M8R&sigh=w-eiurHVtUQ&uach_m=[UACH]&cid=CAQSPACNIrLM4o40ZxHxg8LexTuwdC9o4T43vJIdUF_kxvIzZe2pKgKlUMJOOEuk9Nkz6JAXHX58bgmM8MDjxRgB&tpd=AGWhJmsT9KSVC-JWONb2tymd-2bZFoZAYfyFcJ6AOmD9IxRk0P_6hDUmpFtKe3pabEv5187sYVwFAlxRCwtLEoQ50217UOSy-88g7UWSeE4sr8zPnhqWOlKvOBwi6iefZMKo8xDj8eUhyxdKzYyyzOFry8n4gmbvdNrFlaSVcb015UuicRZBHD8-pU3i6zMq1OmeArpQqcK7t6sGXev_LjQ2LQSLkip1xxlFzY1KGi1E0rClEAi1UOZNZn9aj_0tH5Mi16lc84qlDenH_sSFa9CfDv1lTHs2cV7lhB8PoE0Vrz38Qn71fCMCCi__l7y1QVSZ_wvdLdbA4qE5d7OynLpYLtbuGyeRMcDt6D_PS01G_C-YRhrCn80Z4AlVzoDcSUl4nN6ypOtq-Y4niOQMzx1c8OtX6hIKmY8nZe1jhnQB2zGRaGOPJ5ma4zGOAqTMkgFVuRrWDeEb8q4SHFvon2bs2sEYXAAHvKxc2Gb-u1_aWf9xNZIYqwpvFeEx3RWItlUesg24jL71XQMzMIPbi7q8KcsXIJxDuN68NSyXXTRq9rxkKGWXUaKBmVRUgKC8aGQcxFIKHxqqSO3twIqDBru3Rhx5C9E0uW2jFkhqt8t3a0J7RKRehzahwKQ_Tuc-lFf7sEiyoBPyNgPpnEmoOBdO6S_yHlp6t8doax_Uusn2DiKXmy7rfSLVFsMhEScZ3kbwstNVM2WIXu4iHtwmSwo7VQN2VBaP3htPrL1A1mEHCmSBMN9U6IGOuMW9FiaXHjUaYBS4JyGvZCZzua_bdA
Requested by: Host: www.detik.com
URL: https://www.detik.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E619 1 KB
1 KB 66ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51332348;rtbwp=4FE348B5EC8B63CB;rtbdata=Qv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/475c6615-8d66-4ba9-9cfe-73ddffe2043f/

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

5e09cdc6d7c119f12794ad8dbe37dbdbff4d048e1f780dada2e4783405dca57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1114
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E619 2 KB
1 KB 128ms
105ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:59:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E619 119 KB
36 KB 174ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E619 15 KB
6 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 00:48:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E619 0
0 86ms
46ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRT2NwgAVs5Vc4D1tSU16MVZwJ9-_tiyES7HgC_5-sFhHjUw3uUdiQzxQGsoAvdaaEBq-pcTj0bkHlJOqT7N4w6f_c_Uw
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E619 22 KB
7 KB 117ms
95ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 10:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:12:49 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 362E 33 KB
16 KB 244ms
19ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43799646;rtbwp=2263ED4000E94345;rtbdata=P2CGoVTHz3SMEphiEqzcfOEORNekb81AOztTo-jCDZvAE0sVFQ799lRxvSZSu7VCR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajXPRrgftpVkXeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDhNuTKE8DEq8xOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/4ca1bf11-6607-4d96-8cbc-a039f5424e0d/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E619 33 KB
16 KB 269ms
45ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51332348;rtbwp=4FE348B5EC8B63CB;rtbdata=Qv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/475c6615-8d66-4ba9-9cfe-73ddffe2043f/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3648 33 KB
16 KB 280ms
57ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=42256465;rtbwp=2263ED4000E94345;rtbdata=dHCRDO3w5XMB0bk99LE8fbCCY28GX3rWZH0FPxiV463KsOvUMJTU01ibVU-NbXPjR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajavrTeTwiY69PR7tgaq7yWVOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/a1f14ac1-c50c-4030-85bd-056bc118e62e/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B397 33 KB
16 KB 256ms
62ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46848273;rtbwp=2263ED4000E94345;rtbdata=MLJLdSn2DudgWtIM2Meq7jQVaiMOJtFHd82MexC9oVGfZwiMixeAJAEPZDIiCfVWR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajUCzadlf9GEOeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDDDkqdzwSB-ZSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDs4e6UJ19UI7xOP7EGRkIKg1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/8ebb3796-d773-40ba-b577-253c32182e10/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 155E 35 KB
13 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 00:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 00:04:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EE3 0
0 90ms
90ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3229664771529343&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1558
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E195 0
0 77ms
77ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0ZH1T5PnNIsTtscDuq-m7mBCjzL5BVg8YZZmg5QgeH_EC20_XHWTqQlUxhEu6K3fdfl669nG80R9aHAXczmsWa0EbJtKNqsNCxMuEv9nepIkxmx6T9h_pebz02gt-83U18-cDy_TA49DWr6CMbRsy0DNm1Rj-kWQX_PbyuCLgaoxidJg4Dh4-l-X9EWHWbNL5GqXRznKKZg7TrEoiK8sard36lRi1q_3V-Cw7UARyiVm7JqaWxk1-ALsk9cyGHwbxHf9w6ZuKRdtY3JU9GIDdEWqCnQckqUH6yF_USzTp9vAvuBCdVaLRlwq2z7jE--1y4eTE1JsXQK3mKozQ-goJym4dk396GG47quk4Ibc&sig=Cg0ArKJSzDtdQzDZkO-8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sid Show response
mug.criteo.com/ Frame E195
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=tRgeP3w4NWdydEtEV1hYRDdzcStuU2taMHFrNUNkNFFDK203L2U1VVpCbEUyL0hTODBvcUFRNjV1Zm8yd0NyVVpJc0MrZm1TVkNZRWNkTFJrUzk1VlhXSVdzWTI4MWZQb3BIVFl1S1ZOYW0ydGtLb1VNaTVibFFPS3d5SU...

361 B
614 B

16ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tRgeP3w4NWdydEtEV1hYRDdzcStuU2taMHFrNUNkNFFDK203L2U1VVpCbEUyL0hTODBvcUFRNjV1Zm8yd0NyVVpJc0MrZm1TVkNZRWNkTFJrUzk1VlhXSVdzWTI4MWZQb3BIVFl1S1ZOYW0ydGtLb1VNaTVibFFPS3d5SUVhYlpoYTZ5NEo0N09lb0IwZVJSc1Nta0lINEh5d1VpdzdEeXhsY0NCVEx6WDg1bkpMdm8zN3NMRWpVUTVZVnZhZUFTQlhZQk5RZXZ5MURCekQvUEpkZnp0ZFdrUVRGektYRVAxaHh3dFFVNUs5YXVxMENlZVh0L21FQXVRR1dqcy9XNFhKYWs2bGlhSmJueHJXQWZiNTlHQlk5RWdxNnJCdHUzNXFHejlrSUZOT2RGbTB3cjZVYzVTU01SUzdVeVFtekR2cnl0ZHw&cppv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9426c4594477421caf1394b0713dffbecf1495d64241b4fb6aa6631dd4f20c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 01:05:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3315
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 01:05:49 GMT
location: https://mug.criteo.com/sid?cpp=tRgeP3w4NWdydEtEV1hYRDdzcStuU2taMHFrNUNkNFFDK203L2U1VVpCbEUyL0hTODBvcUFRNjV1Zm8yd0NyVVpJc0MrZm1TVkNZRWNkTFJrUzk1VlhXSVdzWTI4MWZQb3BIVFl1S1ZOYW0ydGtLb1VNaTVibFFPS3d5SUVhYlpoYTZ5NEo0N09lb0IwZVJSc1Nta0lINEh5d1VpdzdEeXhsY0NCVEx6WDg1bkpMdm8zN3NMRWpVUTVZVnZhZUFTQlhZQk5RZXZ5MURCekQvUEpkZnp0ZFdrUVRGektYRVAxaHh3dFFVNUs5YXVxMENlZVh0L21FQXVRR1dqcy9XNFhKYWs2bGlhSmJueHJXQWZiNTlHQlk5RWdxNnJCdHUzNXFHejlrSUZOT2RGbTB3cjZVYzVTU01SUzdVeVFtekR2cnl0ZHw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2474
content-length: 594
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1532
date: Tue, 30 Nov 2021 01:05:49 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D79 0
0 78ms
78ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8G4ijn0jBV3ux6-hiaZI-hH5f2vpjYEvcV0Hh_Megvz1lkz4q08pir1i9J9WWg6KlVC7RhFAxad7ckPX_n6N0K-oa7xTWbrFvoLKxDWPVfVcj-J9YcSQJF479CDBqsKyHPtv4gwvj2NuwBzPh2UmPqZbbOHCaz2g2Kq8vLvm9Z1hOf-lJY2mDhAwl3zIdm56jnZynwMgc6vlS8VBnwoK2ULvke2WjuUiz8lYaQuOCOHG9f88U2-0qwsi3ig0hI4CvywATHlQB2kdF_9D5X3B_gI7OevWZFBkK8SOSMf5CwjAquTA4jGVP-fsuSxn8PmzeTSJssdjTGBj_f0tDyQU-LcjEBHKo1_4&sig=Cg0ArKJSzCOduRsgF3RIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4D79
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=yWvTk3xGa201dEE3emJWS04zSnBEM0xkcVNBVnFpMDF0Y2xtSWorNjdGNDM3YVM3OVd5N3AyZU9ZZCtPTUVvNjBTVWNOS3dKTE9UY2Z0T1hJWG02YXRHWGRXT2JxeURaTnM0SDJTNE05dUNEdFdSclVpdldHdGp0VU9ieG...

339 B
600 B

16ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yWvTk3xGa201dEE3emJWS04zSnBEM0xkcVNBVnFpMDF0Y2xtSWorNjdGNDM3YVM3OVd5N3AyZU9ZZCtPTUVvNjBTVWNOS3dKTE9UY2Z0T1hJWG02YXRHWGRXT2JxeURaTnM0SDJTNE05dUNEdFdSclVpdldHdGp0VU9ieGQ2REdyd0JVNTVQSHpKOVJhbE9LK0R3MG9kMlVIRFFlRWpPYzJsMnF0RkZMbEhTRnFtUEtGUEM2TTUvbEdmdjJZalFINGg5b2QyamlVRVRlUzFFQncvRjJMaWdDdGlCMURhYWozR1c0c3JTanJCOUVtbStXMnFQODBnRTQ5MUxocnd3VWRzV0J4a2t1WkVtdEZSdElCcXQxQWM2ZFlINjJPTVV4VWlzQTFLYkpJQ2tnN0V0RThTMU9tVW15TWJDcTFXdHVGNCtyZHw&cppv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

876bd7c024157e0a3b1c558fcedbbf77a7e91cd9b8ffbc69f8b1631ea6eadd25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 01:05:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2143
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 01:05:50 GMT
location: https://mug.criteo.com/sid?cpp=yWvTk3xGa201dEE3emJWS04zSnBEM0xkcVNBVnFpMDF0Y2xtSWorNjdGNDM3YVM3OVd5N3AyZU9ZZCtPTUVvNjBTVWNOS3dKTE9UY2Z0T1hJWG02YXRHWGRXT2JxeURaTnM0SDJTNE05dUNEdFdSclVpdldHdGp0VU9ieGQ2REdyd0JVNTVQSHpKOVJhbE9LK0R3MG9kMlVIRFFlRWpPYzJsMnF0RkZMbEhTRnFtUEtGUEM2TTUvbEdmdjJZalFINGg5b2QyamlVRVRlUzFFQncvRjJMaWdDdGlCMURhYWozR1c0c3JTanJCOUVtbStXMnFQODBnRTQ5MUxocnd3VWRzV0J4a2t1WkVtdEZSdElCcXQxQWM2ZFlINjJPTVV4VWlzQTFLYkpJQ2tnN0V0RThTMU9tVW15TWJDcTFXdHVGNCtyZHw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1885
content-length: 594
expires: 0

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 68ms
14ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156981&purl=https%3A%2F%2Fwww.detik.com%2F&tst=1638234351&iid=52504516-8507-489d-bad1-7a5ca44c5bcf-nddif&bidid=58dd1e75ee2c857&pid=927&pdvid=59&slot=div-gpt-ad-1535014085963-0&pn=ix&en=0.04&eg=0.04&kgpv=%2F4905536%2Fdetik_desktop%2Fwp%2Fmedium_rectangle2%40300x250&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 4D79 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2796e4ca03de1524c5d3808d2e308fcf9c84bd217330ed2de4bc2caaa57855f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 4D79 114 B
289 B 64ms
23ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&m=0&ar=553ffc12ef5-clean&iw=265807c&q=2&cb=0&ym=0&cu=1638234350572&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457456&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=275833786&cs=0&callback=MoatDataJsonpRequest_63011300
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 27b76e15284a1033775c53694f63ddb3d751d7142a30b8768ab0c79cb8ce6ead

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "97e0a1d1c77a79fe615dfdd91d1b9a589205b352"
content-length: 114
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 15ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&m=0&ar=553ffc12ef5-clean&iw=265807c&q=3&cb=0&ym=0&cu=1638234350572&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457456&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=292814860&cs=0
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
DATA 200
OK truncated
/ Frame E195 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d0d054862737624602bbf7fe3f5a66ab6f24d56eecc5aa5b8508c6150a6c40c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame E195 113 B
287 B 24ms
23ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&m=0&ar=553ffc12ef5-clean&iw=265807c&q=2&cb=0&ym=0&cu=1638234350675&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457696&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=1439695829&cs=0&callback=MoatDataJsonpRequest_17316587
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: b66de7b2fa73b6970c4231eecd03e8f028277b0f1eedd72c702d75d0e8133d11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "907d6445bc1317fad1c4df8c2a2d8ad9333114f6"
content-length: 113
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&m=0&ar=553ffc12ef5-clean&iw=265807c&q=3&cb=0&ym=0&cu=1638234350675&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457696&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=1453020133&cs=0
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:50 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 16ms
16ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1075
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 14ms
13ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156981&purl=https%3A%2F%2Fwww.detik.com%2F&tst=1638234351&iid=52504516-8507-489d-bad1-7a5ca44c5bcf-nddif&bidid=60912c7a0ff201b&pid=927&pdvid=59&slot=div-gpt-ad-1629684611153-0&pn=ix&en=0.01&eg=0.01&kgpv=%2F4905536%2Fdetik_desktop%2Fwp%2Fleaderboard%40728x90&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B526 969 B
1 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=48303088;rtbwp=YaV47AAAAABx7-tKfMyMqHSLHEYuMcauiDWc0w;rtbdata=bN-gJ_rN8wUW2NIAD54RP2DKL7gHfSTTsbSF2mpWC4mx0yQ2RWErNwIrfO7kDf_sC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N88f9Z3k3VnRO19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z3bc8C-4PfYpB4SKZKGrNxw2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

094dea6cab1cb7f1f94d6f4b109481df30026fb412a138877b43b4d38f4d03ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 824
expires: -1

GET
H/1.1 200
OK v1
a2197.casalemedia.com/impression/ Frame B526 43 B
303 B 31ms
7ms Image
image/gif 185.170.60.228
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2197.casalemedia.com/impression/v1?bidID=d7417bff-3692-4370-84b5-5f396250993c&traceID=c6inhr0ki55r2nf36tag&dspID=111&userID=&cmpro=0&ap=${AUCTION_PRICE}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.228 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:50 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 17ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1881
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF78 0
0 81ms
80ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8JQ792rVsjiWdAR_2piksdmdI-mzVZWpPPFcR_5rIfye_oI7B66YDLvxZJGFhFAPlnvCR_Wfl-tKRwVKjDVFrg7dv6E6enlbE88WG4NgWrzRpgE5DC2eFbeKDH8LqR5Pg42S_X2Zt6P-Ifkdf_hVOXQt9oBTtTJPW6PauGcO7oimkFN2pP4onTPXSYxudVlYepIkbkRo2rxjP26SrxPfpO07m1LNofRmcsuT9cShM4gCY7GVQ1lh7h3cGHQx8SZTgtTtiT_rHrFdkdyrHkxS9sh1xFc6zxEWVqkaNL7hMT2fQ-7KBgWrUa1IRQZjsO4SrS4fmDgTy7d8BUWSjbfyW5wMowTqrdjIdxpwec58&sig=Cg0ArKJSzA925P0QnGkzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sid Show response
mug.criteo.com/ Frame DF78
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.detik.com%2F&domain=5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=kRf-SnxjQ0k5Y01EL3FRTTlnQlc4clpIcTA1YURqZkpkejZaQnNiVCtvcklVZ1ZBTlRCbUxCMUs2UC9GYzd2aEFIdUY2ZTBoVThGY1FxWTkxWjZlNUJjTkQvQk4vNmxUZXMyak5mRlE1RUNVRmF3amxLMVZsNHBRS3llZE...

350 B
609 B

16ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kRf-SnxjQ0k5Y01EL3FRTTlnQlc4clpIcTA1YURqZkpkejZaQnNiVCtvcklVZ1ZBTlRCbUxCMUs2UC9GYzd2aEFIdUY2ZTBoVThGY1FxWTkxWjZlNUJjTkQvQk4vNmxUZXMyak5mRlE1RUNVRmF3amxLMVZsNHBRS3llZEZSK09WU0p3VVJNWGdwT2krQzZlL3preXFwcTBDVmZ6ZzVXMjB5THRlaDVlcUx6NFpHbkZNenc0TmFiZ2YvY0I5QVErWTA5Zzh1U2FHbFBNNjNYbVorWnZyS2N5aWhZVGp0T3ZMVy9ucXFpOXgxWGZtUmpZSktEeEJQRGNCS1I2SGkxU1NXNEI5RWJyZ3Rkb01rTzhpY0JMcVpiaFZhZDN0Wk5wTVRTbUdMVW1oQzcxNnMvUDJmMnkxN0JUQlpCQW1uWXZIbW80RHw&cppv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c7c980e78ff0de9fcb0b990b993772ed16e13c7446a3c487351b7a2aa3ab89d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 30 Nov 2021 01:05:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3158
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Nov 2021 01:05:50 GMT
location: https://mug.criteo.com/sid?cpp=kRf-SnxjQ0k5Y01EL3FRTTlnQlc4clpIcTA1YURqZkpkejZaQnNiVCtvcklVZ1ZBTlRCbUxCMUs2UC9GYzd2aEFIdUY2ZTBoVThGY1FxWTkxWjZlNUJjTkQvQk4vNmxUZXMyak5mRlE1RUNVRmF3amxLMVZsNHBRS3llZEZSK09WU0p3VVJNWGdwT2krQzZlL3preXFwcTBDVmZ6ZzVXMjB5THRlaDVlcUx6NFpHbkZNenc0TmFiZ2YvY0I5QVErWTA5Zzh1U2FHbFBNNjNYbVorWnZyS2N5aWhZVGp0T3ZMVy9ucXFpOXgxWGZtUmpZSktEeEJQRGNCS1I2SGkxU1NXNEI5RWJyZ3Rkb01rTzhpY0JMcVpiaFZhZDN0Wk5wTVRTbUdMVW1oQzcxNnMvUDJmMnkxN0JUQlpCQW1uWXZIbW80RHw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4480
content-length: 594
expires: 0

GET
DATA 200
OK truncated
/ Frame DF78 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2985814b9c8ca8bc26f98afdedcfc1f9a3da8bc9b2407404f10f04d6cbb3ca9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame DF78 114 B
288 B 24ms
23ms Script
text/html 18.169.85.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&m=0&ar=553ffc12ef5-clean&iw=265807c&q=2&cb=0&ym=0&cu=1638234350762&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457576&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=1958786803&cs=0&callback=MoatDataJsonpRequest_62821631
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.85.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-85-185.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: beff7d0ffd9195f3a7895560fbacc85d4fbe448ace417b027b7b4ed304d0864d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "a6b7c48b2a3c4304a5fc089416d8ea2b7077e132"
content-length: 114
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=DETIKCOM_DFP_DISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&m=0&ar=553ffc12ef5-clean&iw=265807c&q=3&cb=0&ym=0&cu=1638234350762&ll=2&lm=1&ln=1&em=0&en=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&bo=3905656&bd=144457576&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&gw=detikcomdfpdisplay520406812784&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=195402&na=1354934950&cs=0
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 362E 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=43799646;rtbwp=2263ED4000E94345;rtbdata=P2CGoVTHz3SMEphiEqzcfOEORNekb81AOztTo-jCDZvAE0sVFQ799lRxvSZSu7VCR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajXPRrgftpVkXeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDhNuTKE8DEq8xOP7EGRkIKg1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f4ca1bf11-6607-4d96-8cbc-a039f5424e0d%2f;js=1;adfxid=1x;10363;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

96ce8d483c7fc0c72684f082e455f2162e5a2a56148920f08893e3a0d325c624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2597
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E619 6 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=51332348;rtbwp=4FE348B5EC8B63CB;rtbdata=Qv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f475c6615-8d66-4ba9-9cfe-73ddffe2043f%2f;js=1;adfxid=2x;5384;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

39fda6429dfd610991d2d56a4da599117c792355d7eaa27a506bbb17f56f8d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2772
expires: -1

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 15ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1077
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D8E4 974 B
1 KB 21ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516439;rtbwp=YaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg;rtbdata=aoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

63b3db5c49d642c4b70a7affe78ea5d2a7e9850bf302094149a6a9834f3e649f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 835
expires: -1

GET
H/1.1 200
OK v1
a2197.casalemedia.com/impression/ Frame D8E4 43 B
302 B 7ms
7ms Image
image/gif 185.170.60.228
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2197.casalemedia.com/impression/v1?bidID=132c235c-7a3c-4bca-b21f-b8761eff8ac2&traceID=c6inhr0ki55r2nf36tag&dspID=111&userID=&cmpro=0&ap=${AUCTION_PRICE}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.228 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:50 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=99
Content-Length: 43
Expires: 0

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3648 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=42256465;rtbwp=2263ED4000E94345;rtbdata=dHCRDO3w5XMB0bk99LE8fbCCY28GX3rWZH0FPxiV463KsOvUMJTU01ibVU-NbXPjR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajavrTeTwiY69PR7tgaq7yWVOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDAuLSEzIOiOGSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fa1f14ac1-c50c-4030-85bd-056bc118e62e%2f;js=1;adfxid=3x;4515;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

db9a1416d2a942bd0bf3e6c4541a8c0039def96024eb0632327f688a57ada1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2598
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B397 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46848273;rtbwp=2263ED4000E94345;rtbdata=MLJLdSn2DudgWtIM2Meq7jQVaiMOJtFHd82MexC9oVGfZwiMixeAJAEPZDIiCfVWR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajUCzadlf9GEOeeVjd3HJbrpOJO6BeDkwnhUCzFW9mulooNBpjRTzEoNEEExhct9hDDDkqdzwSB-ZSX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDs4e6UJ19UI7xOP7EGRkIKg1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f8ebb3796-d773-40ba-b577-253c32182e10%2f;js=1;adfxid=4x;2235;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8bc288c37eec108ebfb35b9d7ed85e60cf03414e4cc556a35272d246be45d592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2606
expires: -1

GET
H2 200 wt
t.pubmatic.com/ 17 B
17 B 14ms
13ms Image
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.pubmatic.com/wt?pubid=156981&purl=https%3A%2F%2Fwww.detik.com%2F&tst=1638234351&iid=52504516-8507-489d-bad1-7a5ca44c5bcf-nddif&bidid=59956b83354af85&pid=927&pdvid=59&slot=div-gpt-ad-1572110512991-0&pn=ix&en=0.04&eg=0.04&kgpv=%2F4905536%2Fdetik_desktop%2Fwp%2Fmedium_rectangle1%40300x250&piid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 17
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 15ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 908
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B526 33 KB
16 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=48303088;rtbwp=YaV47AAAAABx7-tKfMyMqHSLHEYuMcauiDWc0w;rtbdata=bN-gJ_rN8wUW2NIAD54RP2DKL7gHfSTTsbSF2mpWC4mx0yQ2RWErNwIrfO7kDf_sC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N88f9Z3k3VnRO19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z3bc8C-4PfYpB4SKZKGrNxw2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8515 964 B
1 KB 22ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=41599563;rtbwp=YaV47AAAAAAhkVxBYl-cEcBnpneqSiAURYRnZA;rtbdata=WH0HVrhA8QAQtAzCHtXcsa73XaBqS494_Xn3KGn88h-_gVt4ihSWVoru8NEKxVSfC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N84mvcVJTbZmQ19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z86uCOY1mK81B4SKZKGrNxw2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

31d4ab09293f2c39c42f28534891108975e94605a636a1068b19e19e4c774f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 821
expires: -1

GET
H/1.1 200
OK v1
a2197.casalemedia.com/impression/ Frame 8515 43 B
302 B 7ms
7ms Image
image/gif 185.170.60.228
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2197.casalemedia.com/impression/v1?bidID=4fe4ad60-40f4-42e9-bacf-709db8f82139&traceID=c6inhr0ki55r2nf36tag&dspID=111&userID=&cmpro=0&ap=${AUCTION_PRICE}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.228 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:50 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=98
Content-Length: 43
Expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E619 36 KB
13 KB 187ms
18ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13089
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLN8sHvV0fmG5PZi2dV%2BjuviRqYr0CosMatzMPAOdIKF%2FRatbzgotS4l9ASxp6J1Z3E6XVAeJpdeQdtBz5gz%2Fg%2FW4SSWljavGmOCL3BA8K9zZsr2qsnTXX0uTRS%2BoiryrmQMqJo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Mon, 29 Nov 2021 21:27:42 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b602b762fb74ee6-FRA
cf-bgj: minify

POST
H2 200 /
track.adform.net/csimpr/ Frame E619 35 B
503 B 33ms
33ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51332348&csi=sy5UvihALyn86PGYg11zkCqI0cbyKNB4_aLphoSQYbTZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D8E4 33 KB
16 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516439;rtbwp=YaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg;rtbdata=aoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 362E 85 KB
36 KB 27ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:50 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame E619 33 KB
14 KB 33ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d83c5d7125b0f6a6517bf52a5a4cffe2e5eea8d60e1c414baabf1a391442d64c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:35:10 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 362E 6 KB
3 KB 191ms
28ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/873648/analytics.js?si=207612&di=www.detik.com&ap=&dm=15&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2beb8a4ddc4ca5c694ee2f72dca6175a67f48c303a75839d456710e580c5400b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 01:05:50 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2885
Expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 88AD 281 B
554 B 44ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 01:05:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D864 1 KB
749 B 51ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Nov 2021 05:53:44 GMT
expires: Tue, 30 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69127
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 362E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a218f9ffd6a31b0c7d99692bdbeca5573948f38a305eef7a0adefae0e8cea216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 8515 33 KB
16 KB 28ms
27ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41599563;rtbwp=YaV47AAAAAAhkVxBYl-cEcBnpneqSiAURYRnZA;rtbdata=WH0HVrhA8QAQtAzCHtXcsa73XaBqS494_Xn3KGn88h-_gVt4ihSWVoru8NEKxVSfC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N84mvcVJTbZmQ19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z86uCOY1mK81B4SKZKGrNxw2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:09 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B526 4 KB
3 KB 25ms
25ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=48303088;rtbwp=YaV47AAAAABx7-tKfMyMqHSLHEYuMcauiDWc0w;rtbdata=bN-gJ_rN8wUW2NIAD54RP2DKL7gHfSTTsbSF2mpWC4mx0yQ2RWErNwIrfO7kDf_sC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N88f9Z3k3VnRO19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z3bc8C-4PfYpB4SKZKGrNxw2;js=1;adfxid=5x;4986;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

19de641fa177dcc6ea4d7ae136d47f756c811c45108170aa621f47aeb410d450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2281
expires: -1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5441 281 B
554 B 39ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 01:05:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5333 1 KB
749 B 46ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Nov 2021 05:53:44 GMT
expires: Tue, 30 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69127
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3648 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 454d612a31f9c8c6038f0e7597e4aaeefa22f59b3ee422975d9c1c8dfbc0e655

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame B397 0
64 B 125ms
29ms Script
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=207612&di=www.detik.com&ap=&dm=15&pi=1021400&ti=8ebb3796-d773-40ba-b577-253c32182e10&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 644C 281 B
554 B 34ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 01:05:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 196B 1 KB
749 B 43ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Nov 2021 05:53:44 GMT
expires: Tue, 30 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69127
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B397 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed28eeb995dd9ec626e42f3c221b1edf8ffadfaf0fe2223cfcf4fe9578b31565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 3648 85 KB
36 KB 26ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:50 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B397 85 KB
36 KB 31ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:29:50 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D8E4 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=38516439;rtbwp=YaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg;rtbdata=aoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0;js=1;adfxid=6x;9476;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

f85446c54b8870c204123178f05fb2b41169b438f88f4e9ccb3d63580fcb83b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2486
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 362E 35 B
503 B 27ms
18ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43799646&csi=XiN_NG1JaXooYdF1d80Rp8PJkerR1EUAgnkERfXufw3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 43437088.png
s1.adform.net/Banners/43437088/ Frame 362E 43 KB
43 KB 30ms
22ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/43437088/43437088.png?bv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6d3c928004737df5276d4badf780be0744d436906990620df834d1bf2572a9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Tue, 02 Feb 2021 15:25:36 GMT
server: nginx
etag: "60196ef0-ab74"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 43892

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame D8E4 36 KB
13 KB 30ms
16ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13089
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBPTcIQObf5wpyRJmY%2BFkXuu%2F%2BmKZYTo18C0kbHw8YqxYbYht6Lshvk58U095nwb7gskxZyyXGuVtIf%2BjFi%2FPQyca2%2FYQz9TZWpvfbYCPded%2FKbaryNu6%2F3ipvcxwpx9x8tD3Ww%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Mon, 29 Nov 2021 21:27:42 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b602b765983434b-FRA
cf-bgj: minify

POST
H2 200 /
track.adform.net/csimpr/ Frame D8E4 35 B
503 B 22ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516439&csi=tf-e4d3acr4zV9F2kDjqFuZI2e7lboj5nKRWaOGiMrAJDwKV3Zer3DaGGzHu3PahlphiAHD0O_kClw2KEJdGv2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E195 0
0 72ms
72ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxBWNuBNCDsveWG9SDBeZ1-vHSwFfYO05vIuznnGGPLA8iRysWVZUjc1lm-7YvmKF7cjBfUTX5DqqpM_ZFe1miwQ8p5SN6uwLhZcRDIOVpCgG9I3QvIfne6y4XWJXewwepp-TlmBP_-PuL63xnDxZf45bhHWNM9zGxm3hY2zbWIvm8fxILNbtGcgrpiCw1wLFp1ocbIzimdO29IaBbifKHWFJY6k0zsdDYqg536qXHGGQDniAuJH2tASb9hCo87hsPxJo7hhr4_GPGJCgbi_DlUFCPenzLsYE-bkhv01BxXJP1jUeAgKPZ1fQqJBNlU7BJMclSavL-8Eiii51NbqMcC2o&sig=Cg0ArKJSzKIGMf2wB6uqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8515 4 KB
3 KB 22ms
21ms Script
text/javascript 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=41599563;rtbwp=YaV47AAAAAAhkVxBYl-cEcBnpneqSiAURYRnZA;rtbdata=WH0HVrhA8QAQtAzCHtXcsa73XaBqS494_Xn3KGn88h-_gVt4ihSWVoru8NEKxVSfC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N84mvcVJTbZmQ19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z86uCOY1mK81B4SKZKGrNxw2;js=1;adfxid=7x;2183;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.detik.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

fe11737432b2af2a642083cb673b021cd39b874aa05168e6c47e311d24b74a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2303
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 3648 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=42256465&csi=17jXaRjTym20AsOh1PAX1D0d_Gak5aJ7vIsbYrw2PEPZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 42177725.png
s1.adform.net/Banners/42177725/ Frame 3648 37 KB
37 KB 21ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/42177725/42177725.png?bv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8ec5cd8a3e097e59c97233173a63d5dd6b685690c5515dbc1188c2355b4c3e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Mon, 30 Nov 2020 12:51:39 GMT
server: nginx
etag: "5fc4eadb-92b8"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 37560

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame D8E4 33 KB
14 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:38:14 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B397 35 B
503 B 46ms
46ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46848273&csi=36zNiQ7UcevNLBMq3zACFP0MFyFM5Dg8IU69DjnYMbTZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 45827068.png
s1.adform.net/Banners/45827068/ Frame B397 89 KB
89 KB 21ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/45827068/45827068.png?bv=2

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

36b47b4d162904e6e9117b6de3f3959aef44b3293a9ed4c635fc3dea423f4453

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Thu, 10 Jun 2021 08:35:58 GMT
server: nginx
etag: "60c1ceee-16456"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 91222

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5441 32 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16860
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Tue, 30 Nov 2021 05:46:51 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 644C 32 KB
10 KB 7ms
6ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16860
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Tue, 30 Nov 2021 05:46:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF78 0
0 74ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlJ_HtJ2p2Ix3I_2UCwKyg5tCcEVmMOlBKmxTePWRNEJplp0KtA6z2dAwtiu9gb5JxXNK2DYImNsms3pgyoasgjZEDMgNB40Xrr_zWxsSUrS-T3t1gqsy2ZO5RKX8jP73zcEK6F6NufeYX4WwV41E2h6HvwXss_LFGuLA1APxOjNPPXq72-90Xe3vfPDrUCtdew4EdUava0DTbEbBdOjjdRWII9RksvncJOcS2BFVDac5VdOi2Z97pYISacv69D3Zyh0ZapBPx049wq1BKVvVEeVNpBebbWtJGhE2YIpkXbKa_EJxik5O-FBhXmKfGBjcYYqNNFTwrt9TlY3fqcyyZtNs&sig=Cg0ArKJSzOAJYc0ZIJrdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 88AD 32 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16860
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Tue, 30 Nov 2021 05:46:51 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2D36 281 B
554 B 7ms
6ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 30 Nov 2021 01:05:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C985 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Nov 2021 05:53:44 GMT
expires: Tue, 30 Nov 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69127
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E619 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fcd5ac78d6f2a840375f81747c437116dc2be006ed93cc910cf9682d779e198

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B526 85 KB
36 KB 22ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:33:50 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 108ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?oz_pl=1&ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=207612&di=www.detik.com&ap=&dm=15&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.rubiconproject.com/2/2.40.1/ Frame 362E 153 KB
47 KB 30ms
30ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/2.40.1/main.js

Requested by

Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=207612&di=www.detik.com&ap=&dm=15&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a03d26332b3b68759f4c9d3e807ef41fd49a4402056c85072c964d7307e39920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:50 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48169
Expires: Thu, 07 Aug 2053 19:40:21 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1683 2 KB
2 KB 15ms
15ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Tue, 30 Nov 2021 02:05:51 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 159107
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNrItbfzPx3BIY43fytP%2F7fy3l9ko4Wz3qVckxuPsTOXKcJhbi0v5QU6XDXpwMeuVbe%2FlWUe4vavav7eVIEcNkDb2w%2FtUxvBEenobJ2B67wgWn80HtAV0oph6DFDOOX8Usdhh3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b602b771a9c434b-FRA
content-encoding: br

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 8515 85 KB
36 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 04:33:50 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
120 B 27ms
26ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156981
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.detik.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.detik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame EE4F 2 KB
2 KB 14ms
14ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Tue, 30 Nov 2021 02:05:51 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 159107
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmPHhNjaSqHT09V7RdraYEpkNtXUj4YZZzSP2SRo%2FvPqv5r2KnpcNcmI44nFMBUyjiywu8UidCzshYLil7Mp8J1tDwmvGaIPPmoyFER7DrVMED%2Fkv05FHkJF2sp9xJDKrmQEaYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b602b773ac2434b-FRA
content-encoding: br

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 644C 284 B
1 KB 31ms
7ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2D36 32 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16860
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9511
Expires: Tue, 30 Nov 2021 05:46:51 GMT

GET /
google2waycm.netmng.com/cm/ Frame D864 0
0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame D864
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEJZ-3_AmAaef6PdZBgRDML4&google_cver=1&google_push=AYg5qPL3snTGry5cpf45bF2OiJPUqzeccJ2TWfwuzN2J74T4JuaD8xWcuOBqIKstF5ssVdo-DBTUHkqC6UsDpOmLoEd4Toc...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL3snTGry5cpf45bF2OiJPUqzeccJ2TWfwuzN2J74T4JuaD8xWcuOBqIKstF5ssVdo-DBTUHkqC6UsDpOmLoEd4TocKEKJN&google_hm=Njk1NjgyMDA...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
804 B

64ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D864
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDV...

43 B
394 B

167ms
165ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b602b790bad4e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1410
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b602b77aa5c4e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI0JMZRzeRw-laVAQgl1pn4G9jSPmp8cltLPdmurNpKfu1cqHmX50_YZVvbp_98E_QC7KC1-leGB70DqIOkdUTNxGCBfDVS%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame D864 0
141 B 56ms
18ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM9cF9rUhqorF3S7M_dtzEA&google_cver=1&google_push=AYg5qPLa2ttUp6MnLKbwnGt4APZUNvRKRKwisGJJYpyXHC7DYZeANMTZLJ5Tzmi3t55l6HvlS8Wc4z5DKO_BbXu_xh9CisAR6imi
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D864
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELjCjVim35kYuzA8yuZj9-M&google_cver=1&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFY...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczMzYzMjY2Mw%3D%3D&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFYM5ws...

170 B
188 B

51ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczMzYzMjY2Mw%3D%3D&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFYM5wsgXTpPe0LAK

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczMzYzMjY2Mw%3D%3D&google_push=AYg5qPIFg2cHMa3A-UboSclCVqGoOyUsiZa2iCaFlwBOKl5Yw_yAUBwKXX0vOhG9R91I83i3rjiGfLhmcTqmFYM5wsgXTpPe0LAK
Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D864
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBOB6bmfx0CjekoVZBdcSzk&google_cver=1&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8WpOmYVS_FFRU

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8WpOmYVS_FFRU

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIv5pKCL4l08TyDzfNWzcU-u_omrgEFJafaBgZJ4t-t7Cf8zYfkj42ALjNr6W6bB0ys8BgU1g_HuGGM9X-8WpOmYVS_FFRU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ncUReCFxTfWNGIIbIQWtN23CbLK54dtIYnDZD4Z_-wcocdw_y3SNfA==

GET

pixel
cm.g.doubleclick.net/ Frame D864
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jK...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3S...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D864 0
12 B 95ms
47ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNn2qB0JO3Jj8UArX6usl7990y4leKiLOn0VrzD2FJxU_loZV2Y-yl9lQiRCxNqsno63tu

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5333
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1&google_push=AYg5qPJa864hrIU4MwN6SQQAQpny8h_53lBN_RdYGy9l7h9N_kxV6Tt72cdgimNdqSksanb9lG5Bp9vLWZ68gWsrzkLFZkOQ68HVUQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc4OTc4MzkzMzM1MjUwNjk5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1

43 B
407 B

29ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHmyDBBLqQj7mVKYDHr8pS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELjCjVim35kYuzA8yuZj9-M&google_cver=1&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8ly...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczNDI4ODAxNA%3D%3D&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8lydMb3...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczNDI4ODAxNA%3D%3D&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8lydMb3PiNT_NAw0ShQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNjE2Mjk2MDczNDI4ODAxNA%3D%3D&google_push=AYg5qPJnJqbqTnrxrjdV9QyHpulYc2gdggkcZiFmjtz8E9SDxC_IcwHUHqaEgGxvjn09yUJbW7GGHUUR_Kk8lydMb3PiNT_NAw0ShQ
Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI08m2FVk23qGClnZxxF5JY&google_cver=1&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlh...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI08m2FVk23qGClnZxxF5JY&google_cver=1&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d&google_hm=t553WMxCQRu86tRXoXpDUA==

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d&google_hm=t553WMxCQRu86tRXoXpDUA==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d&google_hm=t553WMxCQRu86tRXoXpDUA==
Date: Tue, 30 Nov 2021 01:05:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGXz_XkMNi59bprB-MuRZ4M&google_cver=1&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5A-w1-fw&google_hm=MjEzNTAwNDQ3ODc5NzE1...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5A-w1-fw&google_hm=MjEzNTAwNDQ3ODc5NzE1NDc1NQ%3D%3D

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 30 Nov 2021 01:05:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKNQRWf3v7fZhqHOXFyOgTuDBMcHw-98t--sHH6p1Ngpmi4Mewrj79hJ-xQIeZSD9-mV3yZ8jGkDn27-3Lv0exAtE5A-w1-fw&google_hm=MjEzNTAwNDQ3ODc5NzE1NDc1NQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhbl...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKh...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJfuGneCDExa2N9DC4LIW7X1X-H0NKjgEiivTqdhXYcpeaeM-De4oGd0bwm5FI_mexY5tGZNxYVpjXx_QfIQtTKhblsfUQj
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5333 43 B
350 B 56ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF3uY_H2MYvcPkdFEi3wQCc&google_cver=1&google_push=AYg5qPIewwEPhtf-l8596QO2nRDGREH62N42aKhga7YfH39wqjaMOt--ZvhpyQsIB7NljW9ThxKlwrC8pLqZJth1qgrr2w5VH3NpAw
Requested by: Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kaiemnnobnqd9fdo9e85bmhh2e3bokic

GET

pixel
cm.g.doubleclick.net/ Frame 5333
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7Vj...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQs...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQ...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5333 0
12 B 91ms
48ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCtH2hSmCd7SZzfM_ZP53H1CmK8crij0OnvGBb3ikZe-Yn4brPkD1IuRml_HPiXexRahr8

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 196B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENLnE4113sKToskRHAUqAPc&google_cver=1&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQwtQPBztSnY-b

170 B
188 B

50ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQwtQPBztSnY-b

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJf1QJzfSHwIaQdrmg8gtVwpLH3JUhMFiTk5eopV08Si9-O9rsXTm9LJqdf1otIkq65ZIGwU14QnqEKTpBQwtQPBztSnY-b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 196B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF...

43 B
417 B

183ms
174ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b602b78fba14e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1507
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b602b77ba5e4e32-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHvGYa-GBJz78Ysq8jUcb0I&google_cver=1&google_push=AYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIjE-K_HYtNo2IJVI6y78DMpgcOFJ-JlfuyDJWPpRrA8lz5zbFB2IiO_4Q2fJ6smFU6puWDNadyTLh5lTsmIBkxkaw0dQF3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 196B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIEJHBwtX59kQTdx2vOXuRg&google_push=AYg5qPKfriqC-3o8zMbsjyFb_yRufNRbyXRuNuAIFHIVghMz3uI4xH_uuq...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIEJHBwtX59kQTdx2vOXuRg&google_push=AYg5qPKfriqC-3o8zMbsjyFb_yRufNRbyXRuNuAIFHIVghMz3uI4xH_uuqeHd9dfoUSUurJWBF9UXT4N425EyTVrCq5ChNleTn2y

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638234351.326612,VS0,VE100
x-served-by: cache-hhn4070-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIEJHBwtX59kQTdx2vOXuRg&google_push=AYg5qPKfriqC-3o8zMbsjyFb_yRufNRbyXRuNuAIFHIVghMz3uI4xH_uuqeHd9dfoUSUurJWBF9UXT4N425EyTVrCq5ChNleTn2y
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 196B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMI-Y8SSeRoQnYYd5lfqp-8&google_cver=1&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMI-Y8SSeRoQnYYd5lfqp-8&google_cver=1&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog&google_hm=8991e3cf0d52cc11c1ba...

170 B
188 B

51ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog&google_hm=8991e3cf0d52cc11c1ba7650

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLs1bAQ6s_5z551owcfFCmeKMUJ-S_fEY35R-FflAkKkyMNYU4qRXubD-QoP_E2wqWFqRajDZxmuphRKZV73kxCAp1XeXLjog&google_hm=8991e3cf0d52cc11c1ba7650
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame 196B
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESELhKxOCaOq4V2K1pGmbO6cQ&google_cver=1&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-e...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcH...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 196B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKf...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKf...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm8...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKfQW4404QLHH7HyPbbzSISMk2dNZoA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPK2Y5XUn94qdbRXUucRAmay8QYGJ4URvkOyMj3cFatd3kRiiSvm89gYLezhID_tsVmXKfQW4404QLHH7HyPbbzSISMk2dNZoA
date: Tue, 30 Nov 2021 01:05:51 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 196B 43 B
577 B 126ms
44ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMjkF2RP_3Jnu3eS2ZYJvgE&google_cver=1&google_push=AYg5qPJYPVjAUiJhZ67jqJkm70q4WPNyzhvdg2EQcMjx7usC13KYXmkuP2s2DQxdAUFGk19cYuYkpvSdYQg5pJCfzUXb5J3bJAf0TQ

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Dec 2021 01:05:51 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 196B 0
12 B 86ms
48ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J55w_Fer7RBuQxv89Y-MA43858TG1LyHV9dItjx9RwGSdAuaFVjDh2MTSKSpZkdrOcfITFkkU

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3229664771529343&bg=!c3ClcDTNAAZQLpa_UC47ACkAdvg8Wns-t7kXZyR0sFrfVApGLoAMziY1VwEs8e60d_ZCCOUALjK-pQIAAAE1UgAAAD5oAQcKACBlJNlRof2Jy9AdC2qpJXS2hwMmZgTYOeCj5I-DQGngz5kCcvV6EgzP2CifYvnAWdTRY7e_1Pcm-huIpol-R9uhXw-BcynZGHSqXL01mD2YNscB3GkZzmFW4Kyf2pd_TCosovOdSF9WdXlvVMXXYjla6cqa-JUyJX8P3kUrJJ_A7QWtqOVDQm1fvHImeYewQZg9XkKUFmCHGKyfOeTkBJTL6GCx8ooUIRSKAbzSYWZhKfcX4QYDnU3B9WKf3cMo8JWdjagaEqezm8kcDks6Sv4yQOt2HU3ok7TpRC-2Q9axXR5pgHNN0NRGlni5BmeMIvGahUhvLVq-m4Mj1CBkw7VRLsEPD2tuZmJAfORdEBO5aJjDAY3fTcXBM_wEj1pErijwA2kM_qSN8msokw5z_cgkC3RFCOriA0VKypjVTUY-QZOSpPJfx1qAhLQjSy099N7JU1_Ar9V7NQanUoqTKxjxwbgmNSMIhV8l8VcRKK7XSKF_JiUQESE-sDH8BK_I9zlvfIEZSS9ceWUMzI5WDhlPYK-bEBkjFeMU7X7NUkTMQNmDptdUVaSyM0bh2I2EdGQTlDuHYZaJGiJnmTU5K5MfMXuZ0BDPfTtC3gZnIm_oHXCUeHphjOCUMk6H6bqiBe5rbxHtnK9PSwiLTHY-X5Vwv69zEkU9HYR0BMNU_7GLFWtVKMIKEBtPeAuqQuRGs0FHZMQF21X7_HctVEbhasVEpX-o_HhyluyuIwaWEnqEQbbAkdvRGQpJP9lfsY_jl6OCmgmQovbB9BRnTQhb5SGfpt5vuYtbhFP9dJr84qSB9DF3OJ5Oz-c-IyzcC5loWWxSRSd_sUyqza1ma48tFshCxK0s1Nl6DArzMz_nGzuE7F7jktSC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B526 35 B
503 B 22ms
22ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=48303088&csi=bwPRuNza_4Sd84KsJSCixAbEDof9pZTeqfGmviX1ah7rygPkIxxfkzaGGzHu3PahPSEHlPVFJllsDcF-td0rSGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 46949527.png
s1.adform.net/Banners/46949527/ Frame B526 29 KB
29 KB 21ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/46949527/46949527.png?bv=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a6803bd60073724fc13dd655fa1d66dabfe33e01676a0d245f05975d223c9230

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Tue, 27 Jul 2021 07:50:12 GMT
server: nginx
etag: "60ffbab4-749a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 29850

POST
H2 200 /
track.adform.net/csimpr/ Frame 8515 35 B
503 B 24ms
22ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=41599563&csi=LJm20VbzU56f9tEV9FnCmNVl64Cj_PtoUAnKX1JmMS8JDwKV3Zer3DaGGzHu3PahAssBaWrIv9zYaSCqPZA5_WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41707641.png
s1.adform.net/Banners/41707641/ Frame 8515 28 KB
28 KB 21ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41707641/41707641.png?bv=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

866d3fd1dd1e8b8c2bdc2b20828bae63e9170593e3a7e57f696a721398a44da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Wed, 11 Nov 2020 07:05:36 GMT
server: nginx
etag: "5fab8d40-6ef4"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 28404

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
27ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?oz_pl=1&ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=207612&di=www.detik.com&ap=&dm=15&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D79 0
0 76ms
76ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuXXsCyjUrbFbl5X0BJp7EzK2Qw_6jkpdbDX4NEfXTMLqC15PmEJuBJb90H_R3IyB50Qd2T6_yJHuHeIiKE_PRTy_VcBGejXUJTiL6HVHtWPtYalpeCgIY6GqfkeREZHtwiX-3uC2C8HJ_OEuOxuJPXzQAK5--jzItpnq0aw3PloW9PsB2txp5tsOsy33bSx6RuLJ7rbsN5ed1V3CnOjJn9vgpMxwO_3NUgIN3iqzXuPm2XmHqZVgL8Yz_iuWQyuHouvH1AzmFjVg938qdggJ4IQILXzJkKouzFQpmL2qRTJKIOi7xhyd20TxL3ITZ4kiJaBmK3ygxO4klyVs&sig=Cg0ArKJSzNjl5YRpYzdrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 01:05:51 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 28ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234351390&oz_l=236&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET /
google2waycm.netmng.com/cm/ Frame C985 0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C985 35 B
463 B 28ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAEb-ruAYo3-K8cgtr_Mzo8&google_cver=1&google_push=AYg5qPI8tjbsbi2XzsfIPAjbCt-v-GjugmdEIvmh93YcCozVqEJk-XH6H3Mvx_90PiVVfJT08Zr4InPtX9prQfscPAzEZ0lCuBbnyg

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C985
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENLnE4113sKToskRHAUqAPc&google_cver=1&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=rAJhpXjvTwCgDTqW24bZMA&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExjWiMQvEt7...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=rAJhpXjvTwCgDTqW24bZMA&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExjWiMQvEt7tjygnQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=rAJhpXjvTwCgDTqW24bZMA&google_push=AYg5qPJhFRKY8F-xEqOEio_sJZFV8xIrDmKfDKLAVnzx7v4j8ikh8uNf3B8v9JpZX08yokypJJQArHWdKa3UNExjWiMQvEt7tjygnQ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C985
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEAJoGhAO-0o_nFbYs1kLc0U&google_cver=1&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEAJoGhAO-0o_nFbYs1kLc0U&google_cver=1&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Cwiosomxnqx0aZYr-iQMrg&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggk...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Cwiosomxnqx0aZYr-iQMrg&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggkGU6ijbKDZOnXAfddXXC

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Cwiosomxnqx0aZYr-iQMrg&google_push=AYg5qPK9dz45IICpT3OzpI5tlOhiUZmx3NUh4joT62MvmolXnUDa33_wZws76eL6mkveasE6hsceD7ggkGU6ijbKDZOnXAfddXXC
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C985
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWDagqGItCFv-XH1YcD_N8&google_cver=1&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt7iT0r8Q

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt7iT0r8Q

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKsXa6gyLi1aTQcLMWzOkEvgKeKAsQZ7vLYK_YV3gQ6M76w6OpR4ZfwHPC60rG9Vovol3LKqA-G0P81gPg5eeZtYbt7iT0r8Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET

pixel
cm.g.doubleclick.net/ Frame C985
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEPE5VVlMfk8JFGLvTnxIbqE&google_cver=1&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8f...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzB...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C985
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENfkh7ZoyjZyCKdTp2PbPEY&google_cver=1&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3EDmZ5Iir88wtaPLWqO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3E...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3EDmZ5Iir88wtaPLWqOHVFHh82gmREkWTAixsGtvouD511wY

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tQ29CQlVsRTJ1R1QwdWVSbHl6MjRPY1A4OE1fYk9wY35B&google_push=AYg5qPLWJ04uiH9hR7_Y7NwNTxPMxyYuiaAG4h2wZfSg_6RvHm5TIHI3EDmZ5Iir88wtaPLWqOHVFHh82gmREkWTAixsGtvouD511wY
date: Tue, 30 Nov 2021 01:05:51 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C985 0
12 B 49ms
47ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf7lSPqr_6FTWNGQb78ZhR6gtkImwH1UGb7s2M0AISdzbA4ynpZqdxVPvL8KonuQY974DLBA

Requested by

Host: 5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
URL: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 644C
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAA...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5178aca1-e08d-4146-ae08-6ef6fd63bead&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBA...

42 B
1 KB

30ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5178aca1-e08d-4146-ae08-6ef6fd63bead&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5178aca1-e08d-4146-ae08-6ef6fd63bead&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 601

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 644C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoW...
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ac0261a5-78ef-4f00-a00d-3a96db86d930&expires=28

42 B
1 KB

30ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ac0261a5-78ef-4f00-a00d-3a96db86d930&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Tue, 30 Nov 2021 01:05:51 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ac0261a5-78ef-4f00-a00d-3a96db86d930&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 30 Nov 2021 01:05:50 GMT

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 644C 42 B
417 B 58ms
19ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 644C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAA...
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggA...

42 B
1 KB

13ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEJvisEjPNc4iFuuyc9b5PYk&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESEJvisEjPNc4iFuuyc9b5PYk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

E48CXl4ChVAoAXd0M32AIQ
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 644C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQE...
https://pr-bh.ybp.yahoo.com/sync/rubicon/E48CXl4ChVAoAXd0M32AIQ?csrc=&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAH...

43 B
322 B

34ms
34ms

Image
image/gif

2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/E48CXl4ChVAoAXd0M32AIQ?csrc=&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/E48CXl4ChVAoAXd0M32AIQ?csrc=&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 644C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dMRUZOSEgtUi1LWkdZ&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCA...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dMRUZOSEgtUi1LWkdZ&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dMRUZOSEgtUi1LWkdZ&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 644C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAA...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWE2YzQ1ZDlkNmJlNjU4YjZjZTEzMTExOWM3YTQ1ZDRkZGRkYjUyOA&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQA...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWE2YzQ1ZDlkNmJlNjU4YjZjZTEzMTExOWM3YTQ1ZDRkZGRkYjUyOA&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWE2YzQ1ZDlkNmJlNjU4YjZjZTEzMTExOWM3YTQ1ZDRkZGRkYjUyOA&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 644C
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWLEFNHH-R-KZGY&sigv=1&esig=2~008d9cb9fb158b1b436c0106412bf974c5bfd56b&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCF...

0
445 B

77ms
21ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWLEFNHH-R-KZGY&sigv=1&esig=2~008d9cb9fb158b1b436c0106412bf974c5bfd56b&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWLEFNHH-R-KZGY&sigv=1&esig=2~008d9cb9fb158b1b436c0106412bf974c5bfd56b&gdpr=1&gdpr_consent=BPQdrlCPQdrlC__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
BLOB 200
OK e19120e7-3ac2-44e7-9034-b147492c74d6
https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/ Frame 31F3 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H3 200 rs Show response
ad4m.at/ Frame D8E4 882 B
1 KB 25ms
24ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ed1c190c19334211938f9666af7b418bc88fc8ad2fd9c4f98356c4b3f6f0e27

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b602b791c5e4e68-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOV54YpDRX7ZIjmeXuzapwX%2FKtTY904VOFZ891lWMja6kLklXXR2Xs5YeSDxGzyAn6D2cFKFqhtbf%2FolL5OT82NweStAh1D4tjaAxCQO1s9ONu2KcwS5m%2FbpBB7enlq36263oUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-dzqn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 32ms
23ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-dzqn
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtEL28AyjXniCNOAnfoDYoaqyQygpctiTxw69HOMEkoB0oAl3ndCUT%2FazbxzCmWoDUxJBK%2BPdAfpAvvViyxtppJtxEnKw4rti%2Fx%2FKV62E4V4KK%2B9nhW4l1D4%2BdqUdCGQAEMzFdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b602b78fc3d4e68-FRA

POST
H3 200 rs Show response
ad4m.at/ Frame E619 1 KB
1 KB 38ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a6d789731ebbcd4de6ab860b289a9c0fb5b93705fc78a7a635b5bd1a68e66d

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6b602b792c654e68-FRA
date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BGSQJxy5lPJVv%2FF4Ggms10ABqky1JUrX1qQdtT6248lwZKPIrLnWMMsPDo7d4bpMwxWmnivGrW8vZokuMu%2BeTVpPZPNO3wBUV8twNbCsWvP356s5wMw1Zw5EK3iPq9VGmUhw38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-dzqn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 24ms
23ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-dzqn
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqziMaqmIeS79VDPQOd%2BZYHT8Tm3Afw0BRZQLVPCD8KSBnVYELVAZ%2B%2FBLGP%2BXW4%2FMOiyV02OJHYBdoTmKmkRuGowzp5v%2BSR11BMaJaSC%2FAKqUo63kblQq%2F2DUW9MMXueIeTDGyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b602b790c414e68-FRA

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234351540&oz_l=5949&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:50 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame A397 2 KB
2 KB 28ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=rFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU&g=9c2acb8b66e34aa5c838811efa287aef%2F4920212618127326735&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351554&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%3Bcrtbdata%3DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a206d1c287e99671b9076ca423463caa56708fb9593866093a4f79c35d45d853

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b602b795a6e4ee6-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C997 2 KB
2 KB 27ms
26ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c67972b50be912923b1f7d5761022685dbb9e1e6d557edd034ed8a18ef5c26

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b602b796a7a4ee6-FRA
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.16/one-ad/ Frame A397 80 KB
11 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.16/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=rFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU&g=9c2acb8b66e34aa5c838811efa287aef%2F4920212618127326735&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351554&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%3Bcrtbdata%3DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4346366ecd27b5b329f232b11b918109e4e570e4a01ffd1546c79f403be600c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=rFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU&g=9c2acb8b66e34aa5c838811efa287aef%2F4920212618127326735&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351554&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%3Bcrtbdata%3DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 27742
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=82445
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Mon, 29 Nov 2021 17:23:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b602b798d4a434b-FRA
cf-bgj: minify

GET
H2 200 90645FF1EC8CD55627A0D33AD2444878267E13904B5D8A56FE43317B14B6338E6EF254F5C0A3F083E9D27B6C144DA38CCD40932835CD01F113A9D4E5400467A5
assets.ad4m.at/product_image/ Frame A397 15 KB
16 KB 25ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/90645FF1EC8CD55627A0D33AD2444878267E13904B5D8A56FE43317B14B6338E6EF254F5C0A3F083E9D27B6C144DA38CCD40932835CD01F113A9D4E5400467A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1&f=prgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE&c=728&d=90&e=rFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU&g=9c2acb8b66e34aa5c838811efa287aef%2F4920212618127326735&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351554&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516439%3Bcrtbwp%3DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%3Bcrtbdata%3DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%3Badfibeg%3D0%3Bcdata%3DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a786bd1747df86249acdfa1c4e6256269ac954f9eb662a4fa45618f66ca862d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=S30ceA==, md5=5T4C7/lq+NrY2ff6YFjS4Q==
date: Tue, 30 Nov 2021 01:05:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 473633
cf-polished: qual=85, origFmt=jpeg, origSize=70795
x-guploader-uploadid: ADPycdsSYxUAK1XSDCsKLW-15_Qh8xLIBZnSfqITU4TWtfblf3u1TvH_oCBAS6Jb_KJy6ljNtgF_-r7tiHyMnEfBRO3F23OAPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15508
last-modified: Wed, 24 Nov 2021 13:31:58 GMT
server: cloudflare
etag: "e53e02eff96af8dad8d9f7fa6058d2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZ%2FJqk53HUlMi9xejfoszOPSI%2FYaF%2Biz2ayZYGAh1Cd4JuPg1rnS8KOzQn%2BptpbNn%2FGf%2FyntY3VAQPIQ3ZhkABScTR62rIzigjC9ciHU0ODbafwqa6XmFU7cwcyjBUk6sEpgCHxzjs%2BSZ0Ku"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637760718112167
content-type: image/webp
expires: Wed, 01 Dec 2021 01:05:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 70795
accept-ranges: bytes
cf-ray: 6b602b799ac94ee6-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.16/one-ad/ Frame C997 80 KB
11 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.16/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4346366ecd27b5b329f232b11b918109e4e570e4a01ffd1546c79f403be600c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 27742
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=82445
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Mon, 29 Nov 2021 17:23:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b602b79bd7d434b-FRA
cf-bgj: minify

GET
H2

200

panasonic_FR_prestige-beauty-eh-xt20_amazon-dsp-ad-static_300x600.jpg
data.mediaintelligence.de/wmimport//328_Panasonic_Prestige_Amazon_Rank_Booster/FR/ASIN2/ Frame C997
Redirect Chain

https://mediaintelligence.de/trck/eview/e8caad8c035fb9169508bad34c2a3e36
https://data.mediaintelligence.de/wmimport//328_Panasonic_Prestige_Amazon_Rank_Booster/FR/ASIN2/panasonic_FR_prestige-beauty-eh-xt20_amazon-dsp-ad-static_300x600.jpg

101 KB
101 KB

54ms
18ms

Image
image/jpeg

46.105.198.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/wmimport//328_Panasonic_Prestige_Amazon_Rank_Booster/FR/ASIN2/panasonic_FR_prestige-beauty-eh-xt20_amazon-dsp-ad-static_300x600.jpg
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Server: 46.105.198.150 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: daaf65e6b31a387c2c30e44c51c592ee49c98f35b7b2799fa357e89913a3a8ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 17:23:27 GMT
x-cacheable: Matched cache
x-cdn-pop: sbg
content-length: 103264
x-request-id: 395022019
last-modified: Thu, 18 Nov 2021 16:25:46 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "61967e8a-19360"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 22 Dec 2021 17:23:27 GMT

Redirect headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
x-cacheable: Cacheable
x-cdn-pop-ip: 137.74.120.0/27
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
location: https://data.mediaintelligence.de/wmimport//328_Panasonic_Prestige_Amazon_Rank_Booster/FR/ASIN2/panasonic_FR_prestige-beauty-eh-xt20_amazon-dsp-ad-static_300x600.jpg
access-control-allow-credentials: true
x-cdn-pop: sbg
access-control-allow-headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-origin: *
x-request-id: 541266293

GET
H2 301 e8caad8c035fb9169508bad34c2a3e36
mediaintelligence.de/trck/epv/ Frame C997 0
1 KB 245ms
217ms Image
text/html 46.105.199.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaintelligence.de/trck/epv/e8caad8c035fb9169508bad34c2a3e36?t=htlp&subid=oneidQxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5Joneid__asuid_LFeJMGwRepdDpQKeOTP1hErewf638Jaasuid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170257&b=QxZt4fjfPPYqFxH8tRHGtpwKh6S4T5jgfj5J&f=2b9F6fqfjjpJTVH6tbHwCAqmuxS7T7p1tpzJ&c=300&d=600&e=_LFeJMGwRepdDpQKeOTP1hErewf638Ja&g=1971d9a56e5d72754a42486d6988f13e%2F15718877946795906523&i=28781&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1638234351571&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D51332348%3Bcrtbwp%3D4FE348B5EC8B63CB%3Bcrtbdata%3DQv2py2XD87INgFeTL9j6WW50cJsT4bzeliHWJ4r0T9oqp6wrDLM40ELplGEKlAwnR2Vhx4h2U1kHRm_VWFYjrlsc4PSJZcINRyg5lpcxzApbfiB1WviajZhc0DyKkOAyPR7tgaq7yWXcGXM552OsLRUCzFW9muloSGb_imvv0MlEEExhct9hDHBxdgIJD0T_SX3-dSXBve2JLgOX-HfSVrzgn6DE2sF0NBLDjgdTiHRNxjF45wKGNTQBwsSKhf35bDOdcPrMb7Y0TpBFeD6RGH1KoVu4ujmwV2_c4HphKxZc4diwRsnCw-NvxdODYgUKGR-Wq7xGT0IBmBcHHkBHkEpuheZiAbZEV4oH0iUmW93vHZicytZWwpKL1YeXbPFxn7hLRNoRfgHJO1CyXfDNDkzgb2alv4FYxOP7EGRkIKg1%3Badfibeg%3D0%3Bcdata%3DA0s56eHOEv0Cbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4TupVUNwTeT5adFO59gQTes-O02qOoNOvZ1N7x7J468XQct1q0Fn1fCMPs08K5RfO6oHSdrB7scys32wC2b9X_W0KxhtH4Cs22mpci_-4F7F9xBXciLOzs6jBuHfSmDQP0uuFqwhPKLxp9ZaqdCtyQR10%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.detik.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:05:51 GMT
content-encoding: gzip
x-cacheable: Cacheable
x-cdn-pop-ip: 137.74.120.0/27
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=UTF-8
location
access-control-allow-credentials: true
x-cdn-pop: sbg
access-control-allow-headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-origin: *
x-request-id: 541266294

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D164572%26b%3D54xUXfP28JfG9RzSpHPtPH3tRXptETVT28t1%26f%3Dprgf1fDew7HmP8bSkHDtDHJCRMztgTRTYdHE%26c%3D728%26d%3D90%26e%3DrFlM0UBK8vhfk5C2dg97SOOmDt5lZqBU%26g%3D9c2acb8b66e34aa5c838811efa287aef%252F4920212618127326735%26i%3D27903%26j%3D22%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3DadfPros%26r%3D1638234351554%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D38516439%253Bcrtbwp%253DYaV47AAAAACv6CR26g-mX0WcMLso046N8t3qxg%253Bcrtbdata%253DaoEYOKqeTUUVwvmcjBuIzF-rQUVCd0VqUgFLOuYnCxxqSjj9mTQSNTImUfzBQ60UC9FD74xm0TShhPh7p_auYTQRXy3DXE7byO5vwNZPzVN_SUGD0BVsxc9tILjej1_ub1z1HD4Vkb9VCuEPgrjlvjC2o_JF4lvgQXtiIpsCvIlu3JqLLZEJne6qLQvtkQ6L0-0FrOUsdJOn-zH1HqS6nOFBboVeNKvP0%253Badfibeg%253D0%253Bcdata%253DioYIK1D6MJmox-6TPFTWI86uGK6vuZIxwTDVhTY9YIwzV9F2kDjqFkPNadqa8sTWLGxsY8Y2xGOpTefaqNO5NCnf4dx0c636fCqQqkGf7-0YLgVbvIPdybvmZRF-QNuJrp6LXEfYDW4ONWbbc59IJ8Tj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.detik.com%253BC%253D1%253Bcpdir%253D%26y%3D1%26z%3D0&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=1121&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=179&cd=0&ah=179&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=402685184&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=1133&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=0&ad=11&cn=0&gk=11&gl=0&ik=11&ic=11&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=179&cd=179&ah=179&am=179&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=220846321&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234351703&oz_l=4820&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated Show response
/ Frame B420 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs1.adform.net%2FBanners%2F46949527%2F46949527.png%3Fbv%3D1&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=1061&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=110&cd=0&ah=110&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1009820720&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs1.adform.net%2FBanners%2F41707641%2F41707641.png%3Fbv%3D2&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=1055&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=146&cd=0&ah=146&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1402686155&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 11ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=1154&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=0&ad=48&cn=0&gk=48&gl=0&ik=48&ic=48&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=110&cd=110&ah=110&am=110&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=758047152&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 9ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=1106&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=0&ad=27&cn=0&gk=27&gl=0&ik=27&ic=27&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=146&cd=146&ah=146&am=146&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=82993998&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:51 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:51 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 28ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234351894&oz_l=202&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234352044&oz_l=1289&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 94fbd903-1e9e-4cf1-9057-50965b80f40a
https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/ Frame 362E 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/94fbd903-1e9e-4cf1-9057-50965b80f40a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3acd759fd1cfc42be525e3869b65a2b72876a13aae28f0094d4c92843324119f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 795

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E195 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSUGuU8uPPst6JmlgfGP8XtijPhnAxnyyqvW1KFnisj_6GuIFdJrh6-dKlSjEFPdpctGSjxSX04TpqpLxaCVzamNoSihnVWZ7BtqUC4Muu27XydF4_&sig=Cg0ArKJSzNb6HqlCTQuiEAE&id=lidar2&mcvt=1000&p=760,1010,1010,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3782855166&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638234350020&rpt=1061&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF78 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstL_2qFLlvqfR7DqK13YrGeLMFW_1mYEmIjZedCmGpTAY3S3Vo_5QHUPKibmOKdPgfMeyoC77iG9bqw6eOBMCdGXi9tYwHqDL3HxasFyeN8pzGaq0d&sig=Cg0ArKJSzFfX91yjkS7eEAE&id=lidar2&mcvt=1003&p=486,1010,736,1310&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1060388571&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638234350009&rpt=1170&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
27ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234352205&oz_l=2753&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234352388&oz_l=982&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D79 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswfIcurieUdn0vRMkRJwY6uZgIAVUByFf2emmbxIBYgtnZIT45I4i1XnvzTqRR1NClJxMndigByTyyl-_iWp5EYTLlZu6NDnguXn3UnXGQh-hKJtBD&sig=Cg0ArKJSzBXe7hoTXbACEAE&id=lidar2&mcvt=1000&p=62,599,152,1327&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=559046543&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638234349969&rpt=1446&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 626.json Show response
id5-sync.com/g/v2/ Frame E195 211 B
580 B 8ms
7ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/626.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

3413b4613b0f53afef99a2baf1c76121d33ed4f2c4827f6f4a5b6c0edc4028e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
Date: Tue, 30 Nov 2021 01:05:43 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame E195 44 B
162 B 19ms
19ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame E195 63 B
371 B 38ms
38ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 017966915233556a7e21674b427df0dfa78f9ae1072eb9bcec66a7524ee8b70b

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.31.184
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E195 108 B
689 B 31ms
30ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8cf88d0c8d09a343e5424048f6bc28f0df41441c5d77d4392a0305f1c636fecc

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 30 Dec 2021 01:05:52 GMT

POST
H/1.1 200 626.json Show response
id5-sync.com/g/v2/ Frame 4D79 213 B
582 B 8ms
8ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/626.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

f447b4da18bef5471b994d98355128e1ed32d60664b0bb2b8ecb8ef3c81d6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
Date: Tue, 30 Nov 2021 01:05:43 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 4D79 44 B
110 B 19ms
19ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 4D79 63 B
370 B 73ms
73ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a117a48dc995c6f588a01ce51891bc306e2570fd076391c6867b4cb94db5822c

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.11.41
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 4D79 108 B
689 B 31ms
31ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8cf88d0c8d09a343e5424048f6bc28f0df41441c5d77d4392a0305f1c636fecc

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 30 Dec 2021 01:05:52 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame B526 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@48303088,7982399008279184110,100|1101|0|0|0|0|0|0|0||43|1|1538|01d59c63-1e5f-4030-8377-afb7027d86a4_1|||1|0|0|9D5oNND981FX7EYoWZQhUXAlLaL7Alrzg_ccvIRXucGErrniojT2yMkllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame B526 35 B
303 B 22ms
21ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=48303088&event=178&time=2&baid=46949527&name=Viewable%20impressions&imprid=7982399008279184110&icid=8401923219642848550&eData=bwPRuNza_4R4VIOmE82G1tNj7Pr3ERe64fn4X_ACi5iuBxduoAX9eqAW4tNw_sCB0CjgmFjEo-oau94oJsHc8Q2&rtbdata=bN-gJ_rN8wUW2NIAD54RP2DKL7gHfSTTsbSF2mpWC4mx0yQ2RWErNwIrfO7kDf_sC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N88f9Z3k3VnRO19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z3bc8C-4PfYpB4SKZKGrNxw2&rtbwp=YaV47AAAAABx7-tKfMyMqHSLHEYuMcauiDWc0w&rnd=36610291

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=2141&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=1&ad=1018&cn=11&gn=1&gk=1018&gl=11&ik=1018&ic=1018&ez=1&co=1018&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=179&ah=1007&am=179&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=94272257&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=2142&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=1&ad=1018&cn=1018&gn=1&gk=1018&gl=1018&ik=1018&ic=1018&ez=1&co=1018&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=1007&ah=1007&am=1007&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=16290191&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=2142&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=1&ad=1018&cn=1018&gn=1&gk=1018&gl=1018&ik=1018&ic=1018&ez=1&co=1018&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=1007&ah=1007&am=1007&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=305706541&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

POST
H/1.1 200 626.json Show response
id5-sync.com/g/v2/ Frame DF78 213 B
582 B 10ms
10ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/626.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

b04586a35d86afdeddb58239f07c446ae5662c0fc7dad414b1cec800b52036b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
Date: Tue, 30 Nov 2021 01:05:44 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame DF78 44 B
110 B 25ms
25ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame DF78 63 B
370 B 40ms
39ms XHR
application/json 52.215.102.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 60d16de89c91e3ce76d1b1fbacf9935f382fefc7cc4cac6d29541fed4277076b

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache
x-server: 10.45.26.21
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame DF78 108 B
689 B 31ms
30ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156981/927/59/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8cf88d0c8d09a343e5424048f6bc28f0df41441c5d77d4392a0305f1c636fecc

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 01:05:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 30 Dec 2021 01:05:52 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8515 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@41599563,8588138549165190689,100|1195|0|0|0|0|0|0|0||47|1|1538|f01d6624-57ce-44ef-aeb6-1d4427db9e15_1|||1|0|0|UFPA4ZbQLlG48M5tcwHHbXAlLaL7Alrz9kQRo54tMeq1277lOt2IlckllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 8515 35 B
303 B 22ms
21ms Image
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=41599563&event=178&time=2&baid=41707641&name=Viewable%20impressions&imprid=8588138549165190689&icid=8401923219642848550&eData=LJm20VbzU575CepKoDOAtdNG6G8ax2lmYaJU2uM20NmuBxduoAX9eig1Hglh-MNmTy848kZNCNEau94oJsHc8Q2&rtbdata=WH0HVrhA8QAQtAzCHtXcsa73XaBqS494_Xn3KGn88h-_gVt4ihSWVoru8NEKxVSfC9FD74xm0TShhPh7p_auYTQRXy3DXE7bRyf4q6rR3_fYVlQFer6N84mvcVJTbZmQ19NLepO_5wDV1E6wAM-Rrt4qgE4iyCSwD9QtMdHyvmPlXDBDOg3nl2zcWpcQ8R5z86uCOY1mK81B4SKZKGrNxw2&rtbwp=YaV47AAAAAAhkVxBYl-cEcBnpneqSiAURYRnZA&rnd=303980488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=2168&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=1&ad=1063&cn=48&gn=1&gk=1063&gl=48&ik=1063&ic=1063&ez=1&co=1063&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=110&ah=1020&am=110&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=2069649379&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=2169&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=1&ad=1063&cn=1063&gn=1&gk=1063&gl=1063&ik=1063&ic=1063&ez=1&co=1063&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=424949285&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=2170&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=1&ad=1063&cn=1063&gn=1&gk=1063&gl=1063&ik=1063&ic=1063&ez=1&co=1063&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1013320975&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=2109&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=1&ad=1031&cn=27&gn=1&gk=1031&gl=27&ik=1031&ic=1031&ez=1&co=1031&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=146&ah=1003&am=146&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1581501119&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=2110&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=1&ad=1031&cn=1031&gn=1&gk=1031&gl=1031&ik=1031&ic=1031&ez=1&co=1031&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=868697528&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=2111&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=1&ad=1031&cn=1031&gn=1&gk=1031&gl=1031&ik=1031&ic=1031&ez=1&co=1031&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=966854137&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:52 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:52 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame D8E4 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@38516439,1581234266534483861,100|1200|0|0|0|0|0|0|0||41|1|1538|56c4b0ef-4a96-4691-a9a3-a866c7db2b71_1|||1|0|0|MDgv3RhQTdC48M5tcwHHbXAlLaL7Alrz9kQRo54tMeq7Ym4A2bx_NMkllzAqADQrA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E619 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuidafnoH7y-wHd7rynZduFAy11tZQdT3qg6OJFYiImRjTqdi3KuyU7xTO7R854OWGFY0OIwPU3XwRBMRghWYI0Cw&sig=Cg0ArKJSzLWRiZJRtMtXEAE&cid=CAASF-Ro8dVvmSrFCxRGVkVBFCtiNqHNwStx&id=lidar2&mcvt=1000&p=1230,1300,1830,1600&mtos=716,900,1000,1083,1083&tos=716,184,100,83,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2698433970&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638234350036&rpt=1408&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame E619 35 B
503 B 22ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@51332348,1078998754115999607,100|1199|0|0|0|0|0|0|0||108|1|31|d6957765dc4c51fd4b27f06ffa294bfa4c8c8a6d_1|||1|0|0|KwMa7q5mZSfi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 362E 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@43799646,3649293663617425455,0|0|0|0|0|0|0|0|0||0|1|31|b3c8e6d424ddbdc21cc83f7e8cc85614a6e46aa4_1|||1|0|0|9fcJ20Fq7rbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E619 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@51332348,1078998754115999607,100|2199|0|0|0|0|0|0|0||201|1|31|d6957765dc4c51fd4b27f06ffa294bfa4c8c8a6d_1|||1|0|0|KwMa7q5mZSfi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3648 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@42256465,3214881001533201596,0|0|0|0|0|0|0|0|0||0|1|31|ec70b1566ab4c583c84c08214c0b42527fc2b295_1|||1|0|0|0tG3ar7bWDzi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame B397 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46848273,9120669362349531922,0|0|0|0|0|0|0|0|0||0|1|31|45cde6b05fb703c4097410864a0fc92676bc2d00_1|||1|0|0|mihS3VkGg1vi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D8E4 35 B
503 B 21ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@38516439,1581234266534483861,100|4299|0|0|0|0|0|0|0||147|1|1538|56c4b0ef-4a96-4691-a9a3-a866c7db2b71_1|||1|0|0|MDgv3RhQTdC48M5tcwHHbXAlLaL7Alrz9kQRo54tMeq7Ym4A2bx_NMkllzAqADQrA7z_uuw_WOM1|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame B526 35 B
503 B 22ms
22ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@48303088,7982399008279184110,100|4700|0|0|0|0|0|0|0||184|1|1538|01d59c63-1e5f-4030-8377-afb7027d86a4_1|||1|0|0|9D5oNND981FX7EYoWZQhUXAlLaL7Alrzg_ccvIRXucGErrniojT2yMkllzAqADQrA7z_uuw_WOM1|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8515 35 B
503 B 22ms
21ms Ping
image/gif 37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8401923219642848550@@41599563,8588138549165190689,100|4695|0|0|0|0|0|0|0||183|1|1538|f01d6624-57ce-44ef-aeb6-1d4427db9e15_1|||1|0|0|UFPA4ZbQLlG48M5tcwHHbXAlLaL7Alrz9kQRo54tMeq1277lOt2IlckllzAqADQrA7z_uuw_WOM1|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=6158&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=1&ad=5034&cn=1018&gn=1&gk=5034&gl=1018&ik=5034&ic=5034&ez=1&co=1018&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5023&cd=1007&ah=5023&am=1007&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=6911735&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:56 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/ Frame 362E 0
145 B 27ms
26ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.40.1/873648/AO52EWYOEeNdUpif/postback?ci=873648&di=www.detik.com&ap=&pi=1021400&ti=4ca1bf11-6607-4d96-8cbc-a039f5424e0d&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&dt=8736481428691810142000&si=207612&dm=15&sid=AO52EWYOEeNdUpif&oz_sc=f456d3b256467b0ffa2b0cdd&oz_df=1638234356754&oz_l=392&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.40.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Nov 2021 01:05:56 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=6179&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=1&ad=5073&cn=1063&gn=1&gk=5073&gl=1063&ik=5073&ic=5073&ez=1&co=1063&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5030&cd=1020&ah=5030&am=1020&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=862737301&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=6132&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=1&ad=5054&cn=1031&gn=1&gk=5054&gl=1031&ik=5054&ic=5054&ez=1&co=1031&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5026&cd=1003&ah=5026&am=1003&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=314314285&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 4D79 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Q9tnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350572&de=564120227685&cu=1638234350572&m=6359&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A695%3A695%3A1449%3A688&aa=1&ad=5237&cn=5034&gn=1&gk=5237&gl=5034&ik=5237&ic=5237&ez=1&co=1018&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5223&cd=5023&ah=5223&am=5023&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761162&bo=3905656&bd=144457456&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457456&hv=friendly%20iframe&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=589204400&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:56 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame E195 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350675&de=639321909878&cu=1638234350675&m=6383&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A782%3A782%3A1064%3A683&aa=1&ad=5278&cn=5073&gn=1&gk=5278&gl=5073&ik=5278&ic=5278&ez=1&co=1063&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5230&cd=5030&ah=5230&am=5030&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761126&bo=3905656&bd=144457696&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457696&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=911255844&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:57 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DF78 43 B
260 B 7ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=DETIKCOM_DFP_DISPLAY1&ol=3102011010&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FxYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-4g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.detik.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.detik.com&lp=https%3A%2F%2Fwww.detik.com&t=1638234350762&de=585731057475&cu=1638234350762&m=6333&ar=553ffc12ef5-clean&iw=265807c&cb=0&ym=0&ll=2&lm=1&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A793%3A793%3A1171%3A780&aa=1&ad=5255&cn=5054&gn=1&gk=5255&gl=5054&ik=5255&ic=5255&ez=1&co=1031&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5227&cd=5026&ah=5227&am=5026&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=4597213627%3A2352056143%3A4739042325%3A138238761123&bo=3905656&bd=144457576&gw=detikcomdfpdisplay520406812784&zMoatOrigSlicer1=3905656&zMoatOrigSlicer2=144457576&hv=friendly%20iframe&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=543431996&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 01:05:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 30 Nov 2021 01:05:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=ow-client

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEF5TZSe4VxElsMs_GlG50dE&google_cver=1&google_push=AYg5qPKH7bj96nkvUGp-1-MJ6nnyveDMiXzXCxpo3fH_L-wwmPl_g7Efpu_fo903PJxsz5CYILHZBIvK36uUWSnAqTcaM8tsUBw

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEF5TZSe4VxElsMs_GlG50dE&google_cver=1&google_push=AYg5qPLU2pJDSbq60jSCUlBk7kB4FNr8HXdvwqxWlOHsdqnpPhfTQFvxkTQkDilsVOyZd_oxEPN3SgsndRaT3LyY_ha_Vj7QYcHDPg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.detik.com/	1970-01-19 23:47:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.eyeota.net/	1970-01-19 23:03:54	Name: SERVERID Value: 21750~DM
.detik.com/	1970-01-19 23:47:06	Name: pbjs-pubCommonId Value: f8fca9f1-8e5f-4b96-9d1f-676fbef91ea3
www.detik.com/	1970-01-20 08:25:30	Name: cto_bidid Value: BvhiPV96M0VQS2VuOE1pdCUyRjZROU56R2JybjlwR3VmeXVvTG5tSjUlMkZHT2FON3oycmQ4VE52RGRNQnRPV3A0VERNNWZHaTVEQW5hcGdFJTJGc2t0T3oxcSUyRjVvV0p3JTNEJTNE
www.detik.com/	1970-01-20 08:25:30	Name: cto_bundle Value: xKdtEV9ERkJ0dDdGa0pOY3Q5aVFRJTJCNjgzQlpWWDhTUVdxSDRGVmJ1MXUxckFNRVlIZk5pNm11UXB0b1V2bk8zRiUyRk1tb1FWcFdsbTBCR01veGVVV3Q2OWc4M3NPaHIlMkZtdTVzZEZaSTBBMk8xZHhVNGplU2t6M0VLUHZnTkxpejklMkJIZ2Nj
.detik.com/	1970-01-20 01:13:30	Name: _gcl_au Value: 1.1.1396899917.1638234348
.detik.com/	1970-01-19 23:03:56	Name: __asc Value: c95de87917d6e605bcaa5c735c3
.detik.com/	1970-01-20 07:50:56	Name: __auc Value: c95de87917d6e605bcaa5c735c3
.scorecardresearch.com/	1970-01-20 16:20:42	Name: UID Value: 1Q7TGHFNGLFASAQFF2YYTQg1638234348
.detik.com/	1970-01-20 16:35:06	Name: _ga_CY42M5S751 Value: GS1.1.1638234348.1.0.1638234348.60
.detik.com/	1970-01-20 16:35:06	Name: _ga Value: GA1.2.633002176.1638234349
.detik.com/	1970-01-19 23:05:20	Name: _gid Value: GA1.2.1684453788.1638234349
.detik.com/	1970-01-19 23:03:54	Name: _dc_gtm_UA-891770-59 Value: 1
.detik.com/	1970-01-20 01:13:30	Name: _fbp Value: fb.1.1638234348592.1793780736
.detik.com/	1970-01-20 07:49:30	Name: _hjSessionUser_909149 Value: eyJpZCI6IjdmODJkNzMwLWFlN2MtNTcyNS1hNjEwLTM4MDhmMTQ1ODU1OSIsImNyZWF0ZWQiOjE2MzgyMzQzNDg2NjUsImV4aXN0aW5nIjpmYWxzZX0=
.detik.com/	1970-01-19 23:03:56	Name: _hjFirstSeen Value: 1
.detik.com/	1970-01-19 23:03:56	Name: _hjSession_909149 Value: eyJpZCI6IjM3MTdlZTliLThlOTEtNGQyMS1hN2FhLTg3NGI3NWNlYmQ5YiIsImNyZWF0ZWQiOjE2MzgyMzQzNDg3NDh9
.detik.com/	1970-01-19 23:03:56	Name: _hjAbsoluteSessionInProgress Value: 0
.detik.com/	1970-01-20 16:35:06	Name: __dtma Value: 146380193.32988601.1638234349.1638234349.1638234349.1
.detik.com/	1970-01-19 23:03:56	Name: __dtmb Value: 146380193.1.10.1638234349
.detik.com/	1969-12-31 23:59:59	Name: __dtmc Value: 146380193
.detik.com/	1970-01-20 07:49:30	Name: dtklucx Value: gen_45e1d06d-135f-2b5a-7c5c-7e456a2e9109
newrevive.detik.com/	1969-12-31 23:59:59	Name: OAGEO Value: SE%7C%7C%7C%7C59.3247%7C18.056%7C%7C%7C%7C%7C
.casalemedia.com/	1970-01-20 07:49:30	Name: CMID Value: YaV47XXA78OkSVU5GhToNQAA
.casalemedia.com/	1970-01-20 01:13:30	Name: CMPS Value: 3276
.casalemedia.com/	1970-01-20 01:13:30	Name: CMPRO Value: 1166
.casalemedia.com/	1970-01-19 23:05:20	Name: CMST Value: YaV47WGleO0A
.casalemedia.com/	1970-01-20 07:49:30	Name: CMRUM3 Value: c461a578ed05a0&f161a578ed05a0&6f61a578ed05a0&2d61a578ed2760CAESEHBdt4_IIGmOPZlpiYJrhT0&2761a578ed0b40&4061a578ed2760no-consent&e661a578ed2760&dd61a578ed2760
.crwdcntrl.net/	1970-01-20 05:32:42	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:32:42	Name: _cc_id Value: d8d4ecc3c9611ee624806dcc81092505
.crwdcntrl.net/	1970-01-20 05:32:42	Name: _cc_cc Value: "ACZ4XmNQSLFIMUlNTjZOtjQzNExNNTMysTAwS0lOtjA0sDQyNTBlAILEpRVvQTQUAABhKQse"
.crwdcntrl.net/	1970-01-20 05:32:42	Name: _cc_aud Value: "ABR4XmNgYGBIXFrxFkhBAQAdkAJs"
.detik.com/	1970-01-20 07:49:30	Name: FCNEC Value: [["AKsRol-Zovp2XOebPbtredFXAUX_Q3qL1vF9f6r0k7iYJjsUlSIQ1EhE2Y_pk2ox-2DmNQDlMfwCwa1PFAPXAKEXlAOuXyEccxcuw1GrfkGo9aW0YAL2JJzpHcjKPnCkAdUG033rSitOie2N6bGKlWEUVMoadqkjdA=="],null,[]]
.detik.com/	1970-01-20 08:25:30	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1638234349587],null,null,null,[]]
.doubleclick.net/	1970-01-20 08:25:30	Name: IDE Value: AHWqTUlqP1B2O0Ce-_jRDrt6HMLVDQiSfZ164yrnPVl9rjMmLl-AbPWEu0TfxoDTCY8
.detik.com/	1970-01-20 08:25:30	Name: __gads Value: ID=a3e08a0721e6e8c7:T=1638234349:S=ALNI_MZpLoAnTK3caX3zFmaKa3E-7sfypg
www.detik.com/	1970-01-19 23:03:57	Name: _lr_retry_request Value: true
www.detik.com/	1970-01-19 23:47:06	Name: _lr_env_src_ats Value: false
newrevive.detik.com/	1970-01-20 07:49:30	Name: OAID Value: 4de1b110f2a6e19e5342ebcdf79cdc55
.adsrvr.org/	1970-01-20 07:49:30	Name: TDID Value: 5178aca1-e08d-4146-ae08-6ef6fd63bead
www.detik.com/	1970-01-20 00:30:18	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%225178aca1-e08d-4146-ae08-6ef6fd63bead%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-30T01%3A05%3A50%22%7D
www.detik.com/	1970-01-19 23:47:06	Name: id5_storage Value: %7B%22created_at%22%3A%222021-11-30T01%3A05%3A41.684786Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.detik.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638320750079
.adform.net/	1970-01-19 23:47:06	Name: C Value: 1
.adform.net/	1970-01-20 00:30:18	Name: uid Value: 8401923219642848550
.adform.net/	1970-01-19 23:13:59	Name: TPC Value: 1638234350956
.rubiconproject.com/	1970-01-20 07:49:30	Name: khaos Value: KWLEFNHH-R-KZGY
.adfarm1.adition.com/	1970-01-20 01:13:30	Name: UserID1 Value: 7036162960734288014
.bidswitch.net/	1970-01-20 07:49:30	Name: tuuid Value: b79e7758-cc42-411b-bcea-d457a17a4350
.bidswitch.net/	1970-01-20 07:49:30	Name: c Value: 1638234351
.bidswitch.net/	1970-01-20 07:49:30	Name: tuuid_lu Value: 1638234351
.blismedia.com/	1970-01-20 07:49:34	Name: b Value: 61A578EF453531F2BB2B2C2DBLIS
.mathtag.com/	1970-01-20 08:29:49	Name: uuid Value: ac0261a5-78ef-4f00-a00d-3a96db86d930
.turn.com/	1970-01-20 03:23:06	Name: uid Value: 2789783933352506996
.lijit.com/	1970-01-20 07:49:30	Name: ljt_reader Value: 8991e3cf0d52cc11c1ba7650
.de17a.com/	1970-01-20 07:42:18	Name: guid2 Value: 1.5809839501234342508
.360yield.com/	1970-01-20 01:13:30	Name: tuuid_lu Value: 1638234351
.360yield.com/	1970-01-20 01:13:30	Name: tuuid Value: c80a8acd-c922-4282-a1e6-19b9d7b715cd
.bidswitch.net/	1970-01-19 23:03:54	Name: google_push Value: AYg5qPKFX-LXw7cT-Ey1WuHx3nV4RD5vDQaXB_bVxItnHbhV4b1fSsODE0zbq8wMx7hxFR3cPtyzgEvLVFfKw4UwyHlhZIOQEi_d
.rfihub.com/	1970-01-20 08:25:30	Name: rud Value: H4sIAAAAAAAAAOMSMrM0NbMwMgACY0MjA0MgIcRnqJtckR2am5GUHWwZ4iXFa2hmbGFkbGJsamhiYAgAlvEW5zMAAAA
.rfihub.com/	1970-01-20 08:25:30	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129YrSNY53zHVMTE0zC0iJckoPcvH1MQniNTQztjAyNjE2NTQxMHzFiMoHAHS5AGk9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSMrM0NbMwMgACY0MjA0MgIcRnqJtckR2am5GUHWwZ4gUAaUOgpyQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129YrSNY53zHVMTE0zC0iJckoPcvH1MQEAvWDrVR4AAAA
.analytics.yahoo.com/	1970-01-20 07:50:56	Name: IDSYNC Value: 18yx~21td
.yahoo.com/	1970-01-20 07:49:51	Name: A3 Value: d=AQABBO94pWECELE5-NpUuln95-8acpHHcVgFEgEBAQHKpmGvYQAAAAAA_eMAAA&S=AQAAAhUjRYobtPyEFVaeGPp0GEw
.everesttech.net/	1970-01-20 07:49:30	Name: everest_g_v2 Value: g_surferid~YaV47wAIUAb3fgBR
.quantserve.com/	1970-01-20 01:13:30	Name: d Value: EFABCQHsJIEA
.quantserve.com/	1970-01-20 08:34:08	Name: mc Value: 61a578ef-71d79-1037f-fc683
.mathtag.com/	1970-01-19 23:47:06	Name: mt_mop Value: 9:1638234351
.adsrvr.org/	1970-01-20 07:49:30	Name: TDCPM Value: EhYKB3J1Ymljb24SCwigp5Xc8umZOhAFIAEoAg..
.rlcdn.com/	1970-01-20 07:49:30	Name: rlas3 Value: xzjZF/WgOzpRSPAscolVTzF/SVp0x1RgfrZXqAm1i4E=
.rlcdn.com/	1970-01-20 00:30:18	Name: pxrc Value: CAA=
.rubiconproject.com/	1970-01-20 07:49:30	Name: audit Value: 1\|M49vm0He0hMwSLVGW6A1sa+sPUxN65X5li9K0yaZAg1ak9jTNpkojq2xRdm5wXKI8Pa9SR8wlN32P6YB1bf/YDg6CFNUugm1rkBdyp4hJ40D7znAfc7zDGBvX/ZuTL2xGpPqc0uZCul0NQ91ihtFtvIs7joTOKgHqusxtkTkyIwq2j8UqcK3tSVhu+sKeVKsiAPAm7Zo0kfOao5DTvj+ws6go6/1Gn8EhXmDkXMNEu7Dm5xBB77c8zmX7ABkmwk4K0N42l/z2BlnbLUCa/lQcmncuGwUQODolOyCXXZigKOkijDvRvoOtG0buZVvebdsD+CS/UH/v9WDKg2qbJ9boNUtcG3V6s7ZJtS0b3dQrj+9vHUPH7JUiiTyjTT5kZ2y/HsIuyzmi+ZPyJiRVdWHuZ8hRyA94VJsyNDg7NOzsfpmGXcUvJp7Bhz9Xwv31mN7jLm6mljgtzM9YJOu6wAzhm+i5nSG+684OBic89iELPs3Ng/HPLIfdkzOgNQaHcGClOyCXXZigKOMFS4ihYoVUWH9i61iv258
.m6r.eu/	1970-01-19 23:03:57	Name: test Value: true
.m6r.eu/	1970-01-20 01:13:30	Name: cct Value: 1638234351641
.m6r.eu/	1970-01-20 01:13:30	Name: id Value: 0b08a8b289b19eac7469962bfa240cae
.tribalfusion.com/	1970-01-20 01:13:30	Name: ANON_ID Value: awnseFyOZbSEoJTyBqKeLUQOEb4GZdVuMvqy0UY6Tqvrg1AZdo5gtNqtNaNd0NA60gqtfZbZaBhUuwZcQHb5rc0FaP
.mediaintelligence.de/	1969-12-31 23:59:59	Name: session_trs Value: 61a578efe1145c67ba4a2f1e
.mediaintelligence.de/	1970-01-20 07:49:30	Name: trs Value: 61a578efe1145c67ba4a2f1e
.mediaintelligence.de/	1970-01-20 07:49:30	Name: trscj Value: MTYzODIzNDM1MXxMM1J5WTJzdlpYQjJMMlU0WTJGaFpEaGpNRE0xWm1JNU1UWTVOVEE0WW1Ga016UmpNbUV6WlRNMlAzUTlhSFJzY0NaemRXSnBaRDF2Ym1WcFpGRjRXblEwWm1wbVVGQlpjVVo0U0RoMFVraEhkSEIzUzJnMlV6UlVOV3BuWm1vMVNtOXVaV2xrWDE5aGMzVnBaRjlNUm1WS1RVZDNVbVZ3WkVSd1VVdGxUMVJRTVdoRmNtVjNaall6T0VwaFlYTjFhV1JmWDJGa1psQnliM01tWjJSd2NsOWpiMjV6Wlc1MFBTWm5aSEJ5UFRBbVoyUndjbDl3WkQwd3xUazlPUlE9PQ%3D%3D

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
worker	error	URL: blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6 Message: Mixed Content: The page at 'blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6 Message: Mixed Content: The page at 'blob:https://5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com/e19120e7-3ac2-44e7-9034-b147492c74d6' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js(Line 131) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js(Line 131) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://z.moatads.com/detikcomdfpdisplay520406812784/moatad.js(Line 131) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJBkmBYSp_jPg_dSVnm7rLntd-qCqsiaA5JMsYp646NA97NpqJdn10GpyANWK3OqNcn85RRX4tOXLDDEt7R6rahunrs-ectXA&google_hm=LUV3M1J3V1YtQ2pZcHFlUEpueGo5SkRIYWd5Y3I5N1VsUEhQRlNWc2d3WQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJb0o2Py8lblMAe_3USvLy4E2i6roXXpBCd184n4LddLb2gPdNLGUWHNYBoPmkDDeNuEDu52d1oubLpVT3SeoV5jKZwhPU9 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPJa8iIS-Ri4n-f1oNXzd4hBfBKibhxypLUy-V6ANzxdRUFXRNSU1F2GlwRKP0KWbDwbSp0uZXhPZm8v_WQsAvQ7VjeJr5Simw Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yAqKzckiQoKh5hm517cVzQ&google_push=AYg5qPLF3aWzJgHxAE5T799jsco8Dxhk0Ie5OXiLpySje7Mr9aommD4vxETdl44Bf026VLzPy_2g3YpRQk4HxzBp-Y-J8fanxvL5Nw Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; always
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	'1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5815fd7bf2f02918f559ec5b2b4ff237.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a2197.casalemedia.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
akcdn.detik.net.id
analytic.detik.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
as.ad4m.at
assets.ad4m.at
awscdn.detik.net.id
awscdnstatic.detik.net.id
awsimages.detik.net.id
bcp.crwdcntrl.net
c1.adform.net
cdn.detik.net.id
cdnv.detik.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.adsolut.in
d5p.de17a.com
data.mediaintelligence.de
datawrapper.dwcdn.net
detik.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fundingchoicesmessages.google.com
geo.moatads.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
js-sec.indexww.com
kayumanis.detik.com
match.adsrvr.org
mcs.tobsnssdk.com
mediaintelligence.de
mug.criteo.com
newrevive.detik.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
ps.eyeota.net
pubads.g.doubleclick.net
px.moatads.com
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.update.rubiconproject.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
sf16-scmcdn-sg.ibytedtos.com
ssum-sec.casalemedia.com
static.dwcdn.net
static.hotjar.com
stats.datawrapper.de
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
tracking.m6r.eu
tv.detik.com
ups.analytics.yahoo.com
vars.hotjar.com
www.detik.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hanover67alive2.shop
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
google2waycm.netmng.com
hbopenbid.pubmatic.com
103.132.192.30
103.136.220.204
103.49.221.132
103.49.221.211
103.49.221.244
103.49.221.99
104.109.78.125
142.250.184.194
142.250.186.98
143.204.98.115
143.204.98.32
143.204.98.39
143.204.98.58
143.204.98.76
143.204.98.87
15.197.193.217
151.101.130.49
178.250.2.146
18.169.85.185
18.185.142.87
18.203.96.5
184.31.84.150
185.170.60.228
185.29.134.244
185.64.189.226
193.0.160.128
2.18.232.7
2.18.233.180
2.18.234.21
2.18.235.40
2001:678:cb4:bbbb::11
203.190.242.102
203.190.242.172
203.190.242.211
209.54.176.128
213.155.156.184
2600:9000:2156:1800:3:74e5:6700:93a1
2600:9000:2156:a000:1b:5138:8a40:93a1
2606:4700:20::681a:f8e
2606:4700:20::ac43:471f
2606:4700:20::ac43:4a81
2606:4700:3032::6815:948
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7000
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a02:2638::1c
2a02:26f0:6c00::210:ba11
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
3.122.214.165
3.126.56.137
34.120.133.55
34.149.209.250
34.96.105.8
35.227.252.103
35.241.10.124
35.244.174.68
37.157.4.24
37.157.6.235
37.157.6.251
44.241.169.29
46.105.198.150
46.105.199.182
51.178.20.140
51.89.21.10
52.215.102.174
66.155.71.149
69.173.144.138
72.251.244.142
72.251.249.13
77.245.57.72
85.114.159.93
017966915233556a7e21674b427df0dfa78f9ae1072eb9bcec66a7524ee8b70b
02d6b712de745b09952abdbc2ba0e66359c99f84b8fc957b0e4f7704fcd043f2
0900f402d8ea027cfac57efc3a3ed1997d5daf01c883da8034e20f4ead90c73e
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
094dea6cab1cb7f1f94d6f4b109481df30026fb412a138877b43b4d38f4d03ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d4a88b1ec18cacbdd8c6dd760ed26b6db26c115955f9ca6b478149886323c88
0d606bb86e2225b4d16e2c7d1177855988d671eea6f227020b48740aec4249b1
0d937b19a279f5fb8ddc647234d0a3842c5f757d34cb9e0035d6a9dddbc2d586
0e90e5e4ded9a732145d975a0467cf556aa10a22393806e0a954f104559f3e51
0ed1c190c19334211938f9666af7b418bc88fc8ad2fd9c4f98356c4b3f6f0e27
0fd63008b882039d3a8195fd2522fbfa4ecac10a1cec10af85a4b3d06065f112
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116fa1480da8337063ea9336d26a49f4789e3f0068a08b1b5bf732bb831f820a
124e8bfe6ee0f1535aae0da632380297e70c99c67e155ba340a896ec6e627063
131fa720762285e5c6bc623b21aa8dad4164c4794e0334c554573fa002276b5c
133dd3475486f4f2adca267bd8eab25a1338ae7530bea46d097339908543d058
14608cab950da2c983905f8159a55e098522917dba6bddee8056df05a45defda
14c67972b50be912923b1f7d5761022685dbb9e1e6d557edd034ed8a18ef5c26
150abe42b35753d4a05047b584ba25b8db817ad242954df3f5faa7240f85535b
1663292354e6d9823258b08da9f0c7ae2eb98f1bfe993c43090e9b3f04c4e51c
16b56714773688b07d26fba863ec09a2fac044374c7076bcf7db1581f3473394
19b411aeaa5cd93ded5d838522ce926acc782c66187fe3614ed955c61c9f553f
19de641fa177dcc6ea4d7ae136d47f756c811c45108170aa621f47aeb410d450
1d352e3304ee0bae6353968e841737b90e80a015c685441dd8eaaa09e9afca2f
1ed5d0d1151d56f014d275984998c9cad68b754617cb6e0a32f085ebb59f898c
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
1fcd5ac78d6f2a840375f81747c437116dc2be006ed93cc910cf9682d779e198
2007a6ed2da99a309f332c23dc111f9e3899e54578c7497af02463d01f6a88d3
2133c6a1109314df959e6fe78fee4fd9641b30554a0848320390d579affba136
25fdca6f0b40fb82105bc04e4bd337c9cd17c0c5a4ef43a8f3e39a6b8fb427a7
27afcca36a726aa23c5ad55f091f97d3d46daa93e1d073fbe08cdad6ede53617
27b76e15284a1033775c53694f63ddb3d751d7142a30b8768ab0c79cb8ce6ead
29b704b5942d3009f4529f4e49d18b2e463b913ad8d04fc854c228fcd218599a
29cfb73cb3ae0a39df6de123e6961e0df9403f357c99d766cfc6f8f4cb1b63cf
2beb8a4ddc4ca5c694ee2f72dca6175a67f48c303a75839d456710e580c5400b
2c0c6742e602bc238c2515b0b448f45937aa5a431fc4f4f1e911a540eee25991
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2d8d7b85fe9da4102cc40235047d59250b0bc27a88292e858086f0c893b01ca4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa38f4e9a47d2447d9e6ba9221348b947dc9b45529494a66d760edb64418655
31d4ab09293f2c39c42f28534891108975e94605a636a1068b19e19e4c774f36
32db0cd28ef34b9423012bd55e365f8ef8937a0bb59008e755bb377b6c289f8c
3413b4613b0f53afef99a2baf1c76121d33ed4f2c4827f6f4a5b6c0edc4028e7
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
369db451823b83d2f1c33d49178d5187b1de13092d52d1bf0faa77a07432b97b
36b47b4d162904e6e9117b6de3f3959aef44b3293a9ed4c635fc3dea423f4453
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39fda6429dfd610991d2d56a4da599117c792355d7eaa27a506bbb17f56f8d02
3acd759fd1cfc42be525e3869b65a2b72876a13aae28f0094d4c92843324119f
3e5083991816b1a8f58b43e5439ce267adada336d15baabfd5213c3e552bcedb
3e8a18812157c4c2d9ec97889775ab89c2c9aefab4905bb7e5f415d041715a81
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4346366ecd27b5b329f232b11b918109e4e570e4a01ffd1546c79f403be600c8
43f68487b1058d9b6e81c9dcb384609cca7e4ff9f681736e84ef42fea0854ed0
454d612a31f9c8c6038f0e7597e4aaeefa22f59b3ee422975d9c1c8dfbc0e655
45fdebc46154ab963f874934c4f746dd29b7d4cc10180a5aaeb252b3e19e1f0e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
481b5a2ca81c65e72c8be1d1f7ccd767350de2d5dfbe975f9aec234c30660982
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491400ae09dccff8c34bb7c4e390759ceb79b437cb5c35af247910c487955b5b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c4bb4bd7264f0c2c0a960ee0d036cd29c67cf2f2d10b6cefab208fc4cfcf8e4
4d0d054862737624602bbf7fe3f5a66ab6f24d56eecc5aa5b8508c6150a6c40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e660117322b78cf89440b7d5f15d74f12fac132787797bba05406f39aba417b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
55e374e77dc21f8bdf33aedcf3686e724e15157dc853e3e5f733acf454590f75
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
576101dd1c25cf0e026a42d0a8ff927e3e8ef2f9277ab02d9856ae637998c123
57a4953c09ed67b9652fd1f5603e75f794cd8d640b48b6544961ffd9fbdfa1bf
57a5a8627e8f31bf2cf2d73800b9e425e3ce56a7b0b46047725d1319a1ceade9
57d1f073bdbcaf46d5234c4ddde527db3c353343b6aedab8ab5560af1e9a85da
5900f64e14003363aa5bf0f675df2fc13e9b925b74362bee75a7e9ebcc4ee73e
59566996d35a9fbbe7e0e4e8c0be458474a3bdfefb37d949e4bba94874839e64
5bc821dd0f5ddf6176429e96bbe9d928433e076754076c84b3d5e9f00bcf1a51
5c08574a12b111e057c3a36b8698c23376183478b8033b9ab746c08f2ab65c0c
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
5cea90b4ebb66c0fc97ced5faec03a41e5a192ca819c1d2b4751bc7ef52aeedd
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e09cdc6d7c119f12794ad8dbe37dbdbff4d048e1f780dada2e4783405dca57a
5e20d51d1e22dd199b65c368a703ddd6becc865591966a1cd745c489815994d3
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ee052bef67b25d0a57d247785659861753af42ab6dfbdf0c25abfb12e2e6db1
60d16de89c91e3ce76d1b1fbacf9935f382fefc7cc4cac6d29541fed4277076b
6348d0efb7f3e11d132e8b3fa1bcdaa390180ed11e52a6047cc61169512d3c8a
63b3db5c49d642c4b70a7affe78ea5d2a7e9850bf302094149a6a9834f3e649f
64eafcb995dfd84bf17ef82846df5fb78bfc6871e6f808e8ddbaf4823369ded0
67d89b1b6b75350fad2bed330d4381cd77d384d1f06c85aa6a030d9792c72365
684634b9fcf7a99af22ad70b330306df80f3a5cff79f887c960273ccfa9b8014
6a786bd1747df86249acdfa1c4e6256269ac954f9eb662a4fa45618f66ca862d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aad1e9d5e42e84d31448760fe868f369234cbca18e02aa50f0d6ab5dccc1dc9
6d3c928004737df5276d4badf780be0744d436906990620df834d1bf2572a9d3
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8
7164f213865636c46f64426df8d0f836fece8ccd7e2770df6c61e6231cf926a5
71c3d82281ad4b7e3543bf164d704ac7e94669bb6a814ac828d275fbee7565ba
720a0cdd43c5ccbb65096517e5b1e8d7e1b924565a6d5fe0f29c0d74d9628ac1
73efc027fd385f73d2f08e88b98949bce837fad29f6f9fc895ba8a131d2d2e36
750fee75408cb472d21dc2c9f9b30d32ebe8259c59515b9288dd4d3693e4ed3b
753f357b767a131eb7f0d497e9b83b6dc1fb2b3a7e478b15e51e6a3213312432
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f399355acf4f1f1165064536a2704a287007b3f0c1bcba0f6d43d087928eda3
7f9f02543d9f15d2e904696faea8e003351b1ed0ffc5b76dff1c119b5490de2b
807f8962dc768ad74cbb51b04b78315c14f725da38d6403b6955f8e2ae776ed0
813e4c546afc35ebe374ee6c899fc9ef4ab539f6cb003f73130270e6e969229f
81d33f026d43fdac3db17fad20b0d95e9b8edd7ff34008ad64e7f716493c0534
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a7ba255d337be130b8ca951982f41583ca0ead28ce3a7b04f9f858e72054fa
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8632de9f393da13082356649a11e28f518e6da614a4f1502d00f23407082dfa5
866d3fd1dd1e8b8c2bdc2b20828bae63e9170593e3a7e57f696a721398a44da7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
876bd7c024157e0a3b1c558fcedbbf77a7e91cd9b8ffbc69f8b1631ea6eadd25
889f982abda1b271ec9a74e4d3d52c1aa5348c267b6a0170917057d0d0a39eeb
89927a687665f853776a97c7507fa9068a32c0a0fdc5e00ab5686f7af46022ed
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0238fccea9da640dc5455fbef88036eeebf12f18162cdc8fd4f66704c8a595
8a2bdfbb90f7f1e1ed1fe490392dcbfee3640431020d195d6a4462765f1947fe
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bc288c37eec108ebfb35b9d7ed85e60cf03414e4cc556a35272d246be45d592
8c9fe0a40d829e6ff37886c0161369e7c4dcb959deb185368a889e99d05f5e1d
8cf88d0c8d09a343e5424048f6bc28f0df41441c5d77d4392a0305f1c636fecc
8d0d316e176bbbd41a092c059dfbb1b7bedb279906ba942b2c955828cb2f3491
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da4fa2e9729cb8c7d4c666d99e01a7b061ce657d031e524943d0eb035ef0e7e
8ec5cd8a3e097e59c97233173a63d5dd6b685690c5515dbc1188c2355b4c3e23
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5
90c72c7634086a466522958a8fd1bd8803834ed0f30aaf7652d76e06fb143727
937a3477372a826e2221ab76df0804efbd2912f2b7d7c217dcea698a7007391c
9426c4594477421caf1394b0713dffbecf1495d64241b4fb6aa6631dd4f20c42
94b1f967daf97deea052547f63fd1906ca2b416f855620f7ae05dadbcf0294a4
96bb4558c6329a9aecb5a5563294b25663a1aae0958040229e225ee0fc3daac7
96ce8d483c7fc0c72684f082e455f2162e5a2a56148920f08893e3a0d325c624
989d3389d5fe64e445a33e50cd557cb8257a1e8bd18bba07e706d85cfc0e35b4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2c55f3f8624a6fb5ea1bc9ba0991149bcffc9cdbec5db607d242e1adcff6f9
9d9c3ec50dfffd55390e1b0a50a0f04381345b847bca98d739234aa18983cff6
a03d26332b3b68759f4c9d3e807ef41fd49a4402056c85072c964d7307e39920
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a117a48dc995c6f588a01ce51891bc306e2570fd076391c6867b4cb94db5822c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a206d1c287e99671b9076ca423463caa56708fb9593866093a4f79c35d45d853
a218f9ffd6a31b0c7d99692bdbeca5573948f38a305eef7a0adefae0e8cea216
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26ec8c7ef110f69a5bf807b90ce0248b5207b8fef73b7cddba24c852cf6e820
a390c359e73eefc290f00c384e6018507ec82f49c794bbac35c1bbe2dc741c98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5f741f3e9ba2c3b53234524fb27465eddbd8ac521d37c24da0b6b2ad38f15cf
a6803bd60073724fc13dd655fa1d66dabfe33e01676a0d245f05975d223c9230
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d751eacefd0df573e7453c66f7a1cb216e7c2343fc6b26ff706fa3fd7cbcd0
ac4e614ef4779d0f208be8f709052483d57550c0c8843da6a0481c854e402b3c
aec16c4f40af3413039bb76f140fb4938cf9e539b5dfcad8a9f53dc36cef4da7
b04586a35d86afdeddb58239f07c446ae5662c0fc7dad414b1cec800b52036b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2796e4ca03de1524c5d3808d2e308fcf9c84bd217330ed2de4bc2caaa57855f
b2a6d789731ebbcd4de6ab860b289a9c0fb5b93705fc78a7a635b5bd1a68e66d
b2f281776e5a6912e915583f3b3fd8adaa9ff1062cbcbc15b5aa299df44ec27d
b338281a00b6748ccfd9391e5e67d90da3aaf3d8ed01d099e390d6d6fc1e1df7
b3fbe9e709ba8ff9076160a7a80e2f089d24b9c3cd7812f3439dfc22ad6af736
b591d9a2aa94d6d5c5dfb25d24a7b078b8465341b5b1deebc19a80f1bff915c4
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b66de7b2fa73b6970c4231eecd03e8f028277b0f1eedd72c702d75d0e8133d11
b6e4f9dbc0b0fba6dea8dc07e2b0eda8f834e697ada973f2b16c66563425e574
b714a01f6ea7bb6a05d6f63931cd5f70755a8c64d804b3c34350d57d2c3355fe
b76ccf78ac35223ff1ac2200118356be97095198d55e68dd054e05c07c0a1723
b7ba4683eed3e3769e4416da3464ce98a65717cd7250af160190af0d3be03229
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
beff7d0ffd9195f3a7895560fbacc85d4fbe448ace417b027b7b4ed304d0864d
bfe9bfc2c6ec412a27a27b8434496c9ce9de677e7032b8eb3ec5b1bf72ff22aa
c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7
c05a66ffa40366ad9d86b7a0764c2d8cf873ce246863af2373d891af0a8c40da
c0a839f19f5546e5cb42f139ccd6b5a57be62534f17c3dc43040a50d3f391d17
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d6766c04cabc648589b4dcf70951d577f77471f3dba67418792115994a16ae
c45af2243d049edfc56a0c85d23bcd822bd5b888e1cf14ac3a6f802cc97328f8
c4c6e6957d372ad47f0868cd89467c9b58341d201f8c9e0fadd04154500d03be
c4ec93642c5afe976b4309c54ce8b60794d6d360b29fd0497083fb740b4a9fa7
c5d74ccdb3ce58377a376496ee17a784de7bcb462e0bd34555258f06e5b1af6a
c65ad3507aa9c487819ce5c6c2aac61866f0cd7bf0fc621fd78a3e365ca06bfd
c6ac9d7e0a31d5690be20b5477a797847a6e5dbd685c0c349660989663941859
c7c980e78ff0de9fcb0b990b993772ed16e13c7446a3c487351b7a2aa3ab89d4
c83021352e6ee2000abb5ff57e553f874055a46faa62fc67ec1c334680abb3ab
c84201cafd43a3b8a1b32039822c8d0255964b346b4c8bb1aea5cdd2a9bc07e8
cb5c9f0c9d7bdd13436a7fb0915f69cdb52344ac6b0913b5590c5abf91113d72
cbc6d96a10fe09c21274f5ab748324d4241ff038d8851029fc29ddefa78db993
ccc11037a03006200015d5017493a36fac2baed9ff8209d769412f897ba0bebf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2ef81050879e007101ec36f847a6064dfaf77b98f048610b6d856ac673726b3
d3f4fbe39ddfd9709c204d38af775572b0fe7fe9486d7c5554609a4d6a36833d
d60541e69f397ba5101d5d3744d08553b1bdd38034a4e4e17541f2d121f36ded
d6141c95cc33476b599c5a9d5bd42ddb264c34238a2033ed661429b5afb85dc4
d83c5d7125b0f6a6517bf52a5a4cffe2e5eea8d60e1c414baabf1a391442d64c
d95a9bfee7df710fcec6580360b2a2f855704d25bc90b54b3c46618b87d86a63
da2a2f371c7490c5a26d8ea5ff6a47570bce1eaba7670fb1f824dbf6fdd9ad9f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daaf65e6b31a387c2c30e44c51c592ee49c98f35b7b2799fa357e89913a3a8ee
db3918087fd5e7c7c05fafa1a16fbe8eed2ccd10512bf676681f9d228d677a2a
db9a1416d2a942bd0bf3e6c4541a8c0039def96024eb0632327f688a57ada1d0
dc486043a92be179141ef26533d717d392eea15dd84494f4c8e9d6493d2dbd43
dd0383fb605df75491cc0fb146947adeabb5382f1129715d6cf5f856cf133b15
ddbbbe4f92e38639d65c4fb728318a0e9222d97403573eee4bd3048394be3ccb
de79a7fd03c582d564c9e95cb617eed371c23b3c7d6b96d040aab027509eb803
de8029b3b1632793980941fe9149f352daa84f87b087b78f4aec8d7f6a5b647b
e24ae5a0801ee8de91fb3e7c3e52d88e887dbc0694dfba5dce350ab8bef7e7d4
e286beb3c4b45c67256be02b881f15b3fbc65dee248371e7a8b96c288f9503cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c48eaa0f6cff2fabe511e0ebaf0f37dd83d9082030256c2dd0ddd71a8fdf2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61f1ad265195ede649df53cb089704bccfc17ada7c2e0a4528974f05e61df48
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e7c75d12aec808995d82031cb294aeb8031d941b54ad7fb656b99ec754af6d26
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9
ed28eeb995dd9ec626e42f3c221b1edf8ffadfaf0fe2223cfcf4fe9578b31565
ee44b46b51314b828929c081c5d63a6d6a5409b88b171cd046700dc1f4616056
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46d087ded4c5a2b7d6dc3ead6ce1b10412e6d43045666f50c79991391b2825
f130f6a42c1476916d628e70ae1cdc25c4cec372d86af665bada8c3b56010c39
f2985814b9c8ca8bc26f98afdedcfc1f9a3da8bc9b2407404f10f04d6cbb3ca9
f342631d586aa3f6926546ac232dc52cf1b15013f4b8d567e44ebdb726740a22
f447b4da18bef5471b994d98355128e1ed32d60664b0bb2b8ecb8ef3c81d6a69
f47078fbf216b118d0bd5b55706d5b9dcccbc918a531fe06f28a5e1e6099df1a
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f6e3839884fef67510234ed0856c8bc02d92c32314d2d28e954636e80068bde2
f77a5372db63b21b314c76904f7808aedb0a4c496dda87f66c36facc0af95263
f85446c54b8870c204123178f05fb2b41169b438f88f4e9ccb3d63580fcb83b7
f88bbcd2ea141ee0c209c4154dcbb36a90787f060a8d11c177a44fd97d9e6896
fe11737432b2af2a642083cb673b021cd39b874aa05168e6c47e311d24b74a20
fe546db9dbf0126f75275414c79988c9554d5277fd5e02e1a1f898c931be51b1

www.detik.com Open in urlscan Pro 203.190.242.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

453 Requests

90 %HTTPS

34 %IPv6

58 Domains

105 Subdomains

77 IPs

12 Countries

4402 kBTransfer

10369 kBSize

80 Cookies

125 Outgoing links

Page URL History

Redirected requests

453 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.detik.com Open in urlscan Pro
203.190.242.211 Public Scan

Screenshot
Live screenshot

Full Image

453
Requests

90 %
HTTPS

34 %
IPv6

58
Domains

105
Subdomains

77
IPs

12
Countries

4402 kB
Transfer

10369 kB
Size

80
Cookies

453 HTTP transactions
8 data transactions