bank.terselubung.id Open in urlscan Pro
2606:4700:3037::6815:1f8b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bank.terselubung.id/
Submission: On November 30 via api (November 30th 2023, 8:37:07 pm UTC) from US — Scanned from US

Summary HTTP 145 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 40 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3037::6815:1f8b, located in United States and belongs to CLOUDFLARENET, US. The main domain is bank.terselubung.id.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.

This is the only time bank.terselubung.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3037::6815:1f8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:402... 2607:f8b0:4023:1402::5f	15169 (GOOGLE) (GOOGLE)
2 18	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
10	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:402... 2607:f8b0:4023:140f::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:402... 2607:f8b0:4023:1413::84	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:402... 2607:f8b0:4023:1404::5e	15169 (GOOGLE) (GOOGLE)
4	142.251.176.156 142.251.176.156	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:402... 2607:f8b0:4023:1404::93	15169 (GOOGLE) (GOOGLE)
4	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.51.53.13 23.51.53.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
2	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.73.244.44 23.73.244.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.36.206.138 23.36.206.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	147.135.71.24 147.135.71.24	16276 (OVH) (OVH)
12	2606:4700:1::... 2606:4700:1::6813:834c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 3	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
2 3	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
3 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	142.251.166.157 142.251.166.157	15169 (GOOGLE) (GOOGLE)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700::68... 2606:4700::6813:9822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1 1	2606:4700:303... 2606:4700:3035::ac43:bfac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	34.237.148.223 34.237.148.223	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13 19	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 4	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:5fe:b313:24e7:89dd	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.22.94.120 52.22.94.120	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.4.98.207 52.4.98.207	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	141.95.33.120 141.95.33.120	() ()
145	35

23 2606:4700:3037::6815:1f8b (United States)

ASN13335 (CLOUDFLARENET, US)

bank.terselubung.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4023:1402::5f (Columbus, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4023:1404::9d (Columbus, United States) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4023:140f::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4023:1413::84 (Columbus, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4023:1404::5e (Columbus, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.176.156 (United States)

ASN15169 (GOOGLE, US)
PTR: yucmhaa-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::93 (Columbus, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.53.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-53-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.244.44 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.206.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-206-138.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.71.24 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns105611.ip-147-135-71.us

tracker.direct.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.138.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.28.129.37 (Ashburn, United States) 2 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.132 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.166.157 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: gl-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.51 (United States) 2 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:bfac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.148.223 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-148-223.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 8.43.72.98 (United States) 13 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:5fe:b313:24e7:89dd (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.94.120 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-94-120.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.98.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-98-207.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 cdn.mgid.com — Cisco Umbrella Rank: 11503 servicer.mgid.com — Cisco Umbrella Rank: 9134 s-img.mgid.com — Cisco Umbrella Rank: 9069 cm.mgid.com — Cisco Umbrella Rank: 1303 a.mgid.com — Cisco Umbrella Rank: 13689	160 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	442 KB
23	rubiconproject.com 15 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4410 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	29 KB
23	terselubung.id bank.terselubung.id	145 KB
15	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	134 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	156 KB
7	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	5 KB
6	pubmatic.com 5 redirects ads.pubmatic.com — Cisco Umbrella Rank: 544 image8.pubmatic.com — Cisco Umbrella Rank: 661 image2.pubmatic.com — Cisco Umbrella Rank: 859 image4.pubmatic.com — Cisco Umbrella Rank: 1224	65 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	1 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 650 ce.lijit.com — Cisco Umbrella Rank: 835	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
3	a-mo.net 2 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751	885 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 711 idsync.rlcdn.com — Cisco Umbrella Rank: 408	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1010	528 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	697 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 666	660 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 7622	789 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 564	936 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
2	e-volution.ai 1 redirects tracker.direct.e-volution.ai — Cisco Umbrella Rank: 6176 sync.e-volution.ai — Cisco Umbrella Rank: 1756	377 B
2	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 4388 sync-eu.connectad.io — Cisco Umbrella Rank: 3826	864 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com	34 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	279 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 836	500 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	633 B
1	krushmedia.com 1 redirects cs.krushmedia.com — Cisco Umbrella Rank: 2606	548 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 3872	779 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 8024	158 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1072	413 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 904
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
0	sonobi.com Failed sync.go.sonobi.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
145	40

	Domain	Requested by
23	bank.terselubung.id	bank.terselubung.id
18	tpc.googlesyndication.com	googleads.g.doubleclick.net
13	pixel.rubiconproject.com	8 redirects bank.terselubung.id
12	cm.mgid.com	jsc.mgid.com bank.terselubung.id
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	bank.terselubung.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	cm.g.doubleclick.net	4 redirects bank.terselubung.id
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	bank.terselubung.id googleads.g.doubleclick.net
4	s.amazon-adsystem.com	2 redirects bank.terselubung.id
4	s-img.mgid.com	bank.terselubung.id
4	cdn.mgid.com	bank.terselubung.id
4	www.googleadservices.com	bank.terselubung.id
3	aax-eu.amazon-adsystem.com	2 redirects bank.terselubung.id
3	px.ads.linkedin.com	1 redirects bank.terselubung.id
3	image8.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects bank.terselubung.id
3	prebid.a-mo.net	2 redirects bank.terselubung.id
3	www.googletagservices.com	googleads.g.doubleclick.net
2	pixel.tapad.com	1 redirects bank.terselubung.id
2	capi.connatix.com	1 redirects bank.terselubung.id
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	ad.360yield.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ap.lijit.com	2 redirects
2	creativecdn.com	2 redirects
2	ps.eyeota.net	1 redirects bank.terselubung.id
2	ups.analytics.yahoo.com	1 redirects bank.terselubung.id
2	x.bidswitch.net	2 redirects
2	id.rlcdn.com	1 redirects bank.terselubung.id
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	c.mgid.com	bank.terselubung.id
2	jsc.mgid.com	bank.terselubung.id jsc.mgid.com
1	id5-sync.com	cdn.id5-sync.com
1	a.mgid.com	bank.terselubung.id
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ce.lijit.com	bank.terselubung.id
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	cs.krushmedia.com	1 redirects
1	cm.rtbsystem.com	1 redirects
1	cm.idealmedia.io	bank.terselubung.id
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.e-volution.ai	bank.terselubung.id
1	tracker.direct.e-volution.ai	1 redirects
1	t.adx.opera.com	bank.terselubung.id
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.connectad.io	cm.mgid.com
1	ssc-cms.33across.com	cm.mgid.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	www.google.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
0	sync.go.sonobi.com Failed	bank.terselubung.id
0	cs.admanmedia.com Failed	bank.terselubung.id
145	63

This site contains no links.

Subject Issuer	Validity	Valid
terselubung.id E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-11-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://bank.terselubung.id/
Frame ID: 47F714FC4B570EE2617CDC233F0C0CFF
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 89C9AA8766C934A776A70B88B91050D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&adk=1812271804&adf=3025194257&lmt=1701376623&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbank.terselubung.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701376622928&bpp=3&bdt=589&idt=385&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4861066327630&frm=20&pv=2&ga_vid=1146838255.1701376623&ga_sid=1701376623&ga_hid=499278895&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C44795922%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2634495507094600&tmod=354707356&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=404
Frame ID: F8F1ECF61E2F309B72FDD1378C3F0388
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701376623&rafmt=1&format=260x600&url=https%3A%2F%2Fbank.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701376622931&bpp=2&bdt=591&idt=411&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4861066327630&frm=20&pv=1&ga_vid=1146838255.1701376623&ga_sid=1701376623&ga_hid=499278895&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C44795922%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2634495507094600&tmod=354707356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=416
Frame ID: 3C8CF81FE2834244BBBF77C89D12434F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 49903D630B61FE7E5B3C29E19EF3F687
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CF19714181DBC8D2897199AE443E6527
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 8C2E9D82CAB645FBCD0C8E631472881E
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EB2C8AC2C7910F099073A88098BEC864
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A1EF0A179A25F77CB2FC4A05ACEF81A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: EF6F7B8EB52DC7355BC55D0825F33FB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 79E1712000EF60D8F5F2C26514DF7ECE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
Frame ID: 1D3FF60120F0D51C6A81AAE0CAE36815
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: 139780C2316BDB5E700A4D37E25055F7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 940A34C65B1A202F47736CE05A1661BF
Requests: 20 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: 26FA281FD880542E7B0DA91920ABAB00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank News | Berita Aktual dan Terpercaya

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

145
Requests

73 %
HTTPS

33 %
IPv6

40
Domains

63
Subdomains

35
IPs

6
Countries

1369 kB
Transfer

3774 kB
Size

71
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=CE5Yub_JoZeSYH5i54_UPtJK94AiOs6vFdL3A2sfmEZWJxZaNDhABIMD9nY8BYMmGgIDco8QQoAHThueUKcgBCakCU24ivAlPsj6oAwHIA8sEqgSLAk_QlbYS_IpHXEdHbZXNSBDVXdk1-LKUQaWdkzDK3J7xS3D3Z2UUGY_nR-p6eg14JA5Xpq1vybgLw5ZSc_aLxSKfW9nhIUeo6l9x3mcajHPwucDTF8pp9gGX4OBJMoXnNJDqOaPuA43FCKO8QjBjhRpfx0izLDI0UH6F5CxTSZLIGMLQoXcMyPAGAdCjK5z9ztXmPfKmDqEAbeM9oSS1wrw8KvN84ujAilbIo38jlfxJU60bLSn84bWvQNhicmMzsR54-m3Ufc8h7dfiftIj9xhllNdZbRJRK5AjYbslMeQrzSCcWQWxn2VLIGsUK_7DDyaiL1KMcOLKBjXhZdb126bJPyV8SBwEtSGUWMAEs_POjccEiAW61avITJIFBAgEGAGSBQQIBRgEoAYugAfTvrf0A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEO3aAtIIHQiAYRABGB8yAooCOgKAQEi9_cE6WOKUlurJ7IIDmgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBEKCxDQyIWko8-R2oUBEgIBA7gT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMjEwMjM2NTY0NzY2ODY4OBgA&sigh=f6Cg-QKBEcU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN9T9ILLoNkvFNBu427Z0HHO9_uOIXbdYPZYfQYS-_do0oNlUHfCkg_tWd51sgc6qH38rpV-yfA4e9RyP_YxxbIxZLkZB9SbHnyBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c0466c1b2fcfeef0000000000000000%22,%222%22:%220x54c6ad29d3e2fea80000000000000000%22,%223%22:%220x96ddab7871c7dd320000000000000000%22,%224%22:%220x2ee8f388526bfb3e0000000000000000%22,%225%22:%220x6cf677bc7c33f4490000000000000000%22},%22debug_key%22:%2210315408994593429422%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221587869036910855553%22}&andc=true

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://googleads.g.doubleclick.net/pagead/adview?ai=CkYcyb_JoZcWjH6XB998Pkb-dyAvlm9SsdPna4aaJEs2L6qnBARABIMD9nY8BYMmGgIDco8QQoAGeu4P7KcgBCakCU24ivAlPsj6oAwHIA8sEqgSMAk_QrpE9WX75vjbNV9e5UL7rWFR8AtyJvi4UhpyHpTS_xe107dV6cu6xlVDKevc2hwyqI_ZB4-6Q8lFppukQ5W9Un1Ll6gmSqOCv1dwG1LcgPJQgb3UsIaiVmb4mV5OEgXE0zPPGHqR1uu9DP_X3kb1xLxLe10zIzOsAnAF1jr_Eh4wleF5R8bAdDbuAm8KOzmMGyCDti4wY0-Oq9GmprMHqbj6q2FcZW2XV6Lcv-YBzgnmeYujXlUrmsHQ0U90G3tamb3YmQVDeAdAMy0Q6nYUi12MDFHc-OYS4xZdnLaPzGEvHRLSM8JRPOx6XGxXrq9xSmBGzXf5W_J6rbkCOToE7fhV-aRb--8Sa3W_ABJO09YjFBIgFoLK3nk2SBQQIBBgBkgUECAUYBKAGLoAHnvPT2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCppgTSCB0IgGEQARgfMgKKAjoCgEBIvf3BOljjmJbqyeyCA5oJG2h0dHBzOi8vdGVtcG9zZWFyY2guY29tL2RzcoAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDA05L2kvC4iaIBEgIBA7gT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMjEwMjM2NTY0NzY2ODY4OBgA&sigh=wv0yBnPOKpo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNKlSmcoy0bcNt8DmsRwhfS619I3FsljoZBOFoMaCkd6f5AqGE1jCgThYBg75RPLT2nbAjdMBl0yeP6LCny38rY3vb1R48z862gxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15366b9e425ec2240000000000000000%22,%222%22:%220x1f64ddb6ac36b4a10000000000000000%22,%223%22:%220xd82cc9f7854bae260000000000000000%22,%224%22:%220xdb254c011b9b81d50000000000000000%22,%225%22:%220xba8909d54e3b62f10000000000000000%22},%22debug_key%22:%224149208137687547733%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263860126%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212661217192099569377%22}&andc=true

Request Chain 102

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 103

https://id.rlcdn.com/712056.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCPHko6sGEgUI6AcQAEIASgA

Request Chain 106

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=737576&c=bdf5b9f5-cee2-c2e8-93bc-c8d3328db57c

Request Chain 107

https://x.bidswitch.net/sync?dsp_id=303&user_id=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent=&verify=true

Request Chain 108

https://ps.eyeota.net/match?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent=

Request Chain 109

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=411XmTp3DvTmbPWQfseJQDXJy1zVJ4SVqtQkonkiadY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 110

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6554%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De3aec3db-36cb-4e31-a95d-41be764ccb98%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F6554%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253De3aec3db-36cb-4e31-a95d-41be764ccb98%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/cchain/0/6554?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e3aec3db-36cb-4e31-a95d-41be764ccb98&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=933256858392541781 HTTP 302
https://cm.mgid.com/m?cdsp=779131&c=e3aec3db-36cb-4e31-a95d-41be764ccb98&gdpr=0

Request Chain 112

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTY1RkZBQUEtQzIwNy00RDdBLTg3OTEtRkRDNTA3NzY1Rjc4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DE65FFAAA-C207-4D7A-8791-FDC507765F78&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=E65FFAAA-C207-4D7A-8791-FDC507765F78

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmF1NExGb0pOdkJj&muidn=nau4LFoJNvBc HTTP 302
https://cm.mgid.com/google?muidn=nau4LFoJNvBc&google_ula={guid},5&google_gid=CAESEBIiqKgsUsSWrNX_jSqaxME&google_cver=1

Request Chain 115

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true HTTP 307
https://cm.mgid.com/m?cdsp=709070&c=Hvp1jLZHVFtffsyfQEWRu6KE

Request Chain 116

https://cm.rtbsystem.com/mgid?c=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
https://cm.mgid.com/m?cdsp=556372&c=aa044d4e-7241-5417-9d6c-e5ba054a44dd

Request Chain 117

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=07efd070-b0da-4078-a4e5-cdbe3d3bb4b4

Request Chain 118

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=6103fd8c-c3f4-4582-8a5e-2a7b7f02d34b

Request Chain 119

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=827026&c=1499b19b-e682-4338-aa4b-d1ae15a24376

Request Chain 120

https://idsync.rlcdn.com/712107.gif?partner_uid=nau4LFoJNvBc& HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398&expected_cookie=d116e5ab-bbcb-425d-b7f3-65ad93316cb0

Request Chain 126

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LPLNPQ87-22-DROU HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LPLNPQ87-22-DROU&gdpr=0

Request Chain 127

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=54350fb1-a512-45ba-aa11-1337bb330a5d&gdpr=0&gdpr_consent=&expires=30

Request Chain 128

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPLNPQ87-22-DROU&gdpr=0

Request Chain 129

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTlkNjg2Zjg3NmY4NTBhNjQ5NWZjMWIzMjUzMjNhMzhmYmE1NDNkNA&gdpr=0

Request Chain 130

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBMTlBRODctMjItRFJPVQ==&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEEVyvwHnPQR8hjreObNw7zc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBMTlBRODctMjItRFJPVQ==&google_push=&gdpr=0

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGSuJAbjdLvtQ8PxgWQu7Sc&google_cver=1

Request Chain 132

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1vAbOG1bQlCT_mCj5uhAKg&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1vAbOG1bQlCT_mCj5uhAKg&gdpr=0

Request Chain 133

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HAJCNMfbQJeFHQiBu5Yxlg&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HAJCNMfbQJeFHQiBu5Yxlg&gdpr=0

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPLNPQ87-22-DROU&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 135

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/7pMpwwGYsSasYl9PuK4Wo8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHf8_jFE2oKhsLzUJA2sqars6tel0jA0kREO5g--~A

Request Chain 136

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABDik7K0eUAABMqhL3P7A&expires=30&gdpr=0

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

Request Chain 138

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPLNPQ87-22-DROU&gdpr=0

Request Chain 139

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f971625-2db3-4d48-acfa-3f012ea0417a&expires=30&gdpr=0

Request Chain 140

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0

Request Chain 141

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LPLNPQ87-22-DROU&gdpr=0

Request Chain 142

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPLNPQ87-22-DROU&gdpr=0

Request Chain 147

https://id5-sync.com/i/231/8.gif?id5id=ID5*Q6GsL1lb1Tvel3YdQGACD5sCJcT2wLunhGeSfO_835hxuV1u2C_1IILrt4MsvLUmcboUrjHb0o2x4yI_2pkPJg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/796/7/2.gif?puid=7f971625-2db3-4d48-acfa-3f012ea0417a&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/108/6/3.gif?puid=a7d12bdb-704a-4710-b7f2-b097f9fc4970&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=

145 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bank.terselubung.id/ 29 KB
8 KB 1363ms
1111ms Document
text/html 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: fc8ad001d8342ba5d00a7ca1720708209c54f48f1bd46c70bc26da1458fd86a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e5e2cace8d21e7-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:37:02 GMT
link: <https://bank.terselubung.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6D%2B9TOGQWiRebEIILEzo8QTb8oaV014J26zjq8wNlTNdNqO2yTlAkRc9VuCiAot0GNAoFy44i1L39Epo1BkA7PoEJTfJ18sANFySV2OeUKqdDwJEYG6dUClA78CHqShCI%2FHgQyCeAVIuyTfW3ocr9ze"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/8.1.24
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
bank.terselubung.id/wp-includes/css/dist/block-library/ 107 KB
15 KB 214ms
207ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-6568d3c3-228d4a6fd0224091;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYcEELqQ56XcdMP%2BXIKuO6%2F3VksEBY2mLc5KVRK35g2MgPZ5RzfudmxJocZQOA9tc05nxTEHD%2FAtaffGkmnsW0z91MpqkcixP5%2BA5AAtIIiOJ%2Bd58xk2A%2F0mG51u1NvmI8EU1NOiOuBAmhs8zy8kDi1j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9921e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 styles.css
bank.terselubung.id/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 156ms
149ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b2b-6568d3c2-e4c54fa9d6d7daa0;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV0p75%2BioHeUmUXeCvuIBO0AssSJHqdCB7mpaA3b6ZGahRKwLMQ9dcsA3tqbTiaOlxK8WuZSh1OIcM0gRIahFVVYQ4j47BSBuP9ZK2gl4B6tEjdCDICgNKDNEyqsQXrEOYxHtPOrblKs3H88aM%2BPNPpL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9a21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 224ms
86ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:31:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:37:02 GMT

GET
H2 200 style.css
bank.terselubung.id/wp-content/themes/revenue-pro/ 54 KB
11 KB 165ms
159ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/style.css?ver=20180523
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d99b-6568d3c3-1b17f60bb8079229;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1b1Z9fkuAxvpnsXVmP6lSy4Q0YTv89oqBpbKKhS4YWilUbCbUONX%2FbdSvrYhos40349iII2P0RPiaSNm659eUsZZpUNgDCYlfS%2FxKHeoZJah9bNhNcGm%2FP8HutoOxwePzRFnI8cJASkbSEcFVVD1rs4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9b21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 genericons.css
bank.terselubung.id/wp-content/themes/revenue-pro/genericons/ 154 B
430 B 159ms
154ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9a-6568d3c3-569f26bd0daf416a;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEBR0VSWYHNj5%2Fbhj2VYZqq3zjxKpAPa87fMQvAMSfAgLFoPeQdNKYNBLakIGCPHmGBDFH2kh9gRApU3HG5B1yD9L5LCuIlrEDBM%2F4qwRbKO59vLQU%2BY9qNQk12J%2FeRqCuw759E3MBYBUTo6cyTLuY3v"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9c21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 responsive.css
bank.terselubung.id/wp-content/themes/revenue-pro/ 7 KB
2 KB 158ms
153ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/responsive.css?ver=20171012
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ccc-6568d3c3-beabf2ef9daffea9;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J35jfruVxhX4d7Vvg5%2FUyZmZhlwUHVf1WQtbZo9dk7%2FrTWJrl94GxPZFNT2m4JzncJJZzkueCSMDh5VgL95nRpgxnG%2Fp4SbRX7XdhUtyrKbSKJuvremK0nSudYKIrnCqJgSQA%2BPlQi%2B0ru4XysnGvCy3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9d21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery.min.js Show response
bank.terselubung.id/wp-includes/js/jquery/ 86 KB
31 KB 214ms
209ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-6568d3c3-5d6d6c330c68579a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P453EfU1eVUI4DUIzkPbuHJaB%2Fn%2FPa8jK3Ez5%2Fx37ckHtMogIpHUeL97iTZpUjZedK6nj9akknwdECH4IN%2BYBZ47xt1lAElhksj%2BJY9WT%2FumdkJIwAVN8pa5FJKJoMvULHZ%2F9aoq2E9V6kQLzfe1bv2N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cf9e21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery-migrate.min.js Show response
bank.terselubung.id/wp-includes/js/jquery/ 13 KB
5 KB 161ms
156ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-6568d3c3-bb97f3d09eea492a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee4%2BHBvZOHiFJZ0TLldn5CcTVPCRbyPKD5hKwbPMwx0%2BB87jCnKnbgmXb9B7Z3oNfb0hUJmt81yWJCacI%2FWUEr5QUswwISsoCK80kT1L%2FgBsN8M%2FhV2V4DWlvdFpG0ROLy9P565nHOvOI7O0zuVHAVhI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cfa021e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 checkclicks.js Show response
bank.terselubung.id/wp-content/plugins/cfmonitor/js/ 49 B
417 B 156ms
151ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/cfmonitor/js/checkclicks.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31-6568d3c2-1511bc09b99ae12;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LQR13wG42bVNiJHlUCl2nGb5WmNzcT936qkA85EYP71SUrz4EFZ8rthM9vRFJQkq8eWGnyT8LBEginVtW4%2Bt9DIandCxsH57IsMkM75BaCbPdUCD3Pqb12esQg7z1kc4Yn7E4O4W3rpi6QaE666dj0O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cfa221e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 updateclicks.js Show response
bank.terselubung.id/wp-content/plugins/cfmonitor/js/ 52 B
395 B 162ms
158ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/cfmonitor/js/updateclicks.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34-6568d3c2-ef08e7f466442b45;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPCP4bnd%2BobJNEfN%2F2aTX8Pk3SItHlEjJiZxOJavmj9Xx2hNsXtas5msv0qK%2BF76jZaFELn%2FCS%2FQtvjzap4fOTvGVdLZAAbwacEhaY7uWX0FAUetUAuXUBHWpOugTQzbndHHsQyKfs97vHo%2FBQ%2ByAhCp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cfa321e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 check_min.js Show response
bank.terselubung.id/wp-content/plugins/cfmonitor/js/ 13 KB
5 KB 159ms
155ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/cfmonitor/js/check_min.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3514-6568d3c2-b9a1a9f548df9047;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MfHUyoDbiGba0YVZ0lNyf%2FHPBH%2Fr%2FAz%2BQUD75bswWjFoah9tgwXqvXUtDkv8TZx5RKANMpXJVZTYxgb0HJGJ20ada%2BGrbjUR31rq1gP7LIgLdV4J7GsaJXkc4rBtSt2I6Tj8QFcGLG%2BMNUYRYKPnKJD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1cfa421e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 223ms
92ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b989344fb07b529e5ac4044614e37c2110fcc53ad7ee118a5406c0682a721a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52621
x-xss-protection: 0
server: cafe
etag: 17847824785224470860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:02 GMT

GET
H2 200 reeboksneakers.biz.1523443.js Show response
jsc.mgid.com/r/e/ 4 KB
2 KB 721ms
630ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:03 GMT
x-amz-version-id: ohM.LHhQqoDhYolB2cy63j7gKRCTfMl7
content-encoding: br
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KG0KK2FNMEX1SRJF
cf-polished: origSize=3773
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yFps7EEr5Jj250nv0XHfci/IIBjjCGB+Tf6s85Fld6xfDKIJqco5xfjaMXfNMQj11WieZzMgYqNnV7kPXfxVCWwE2MoCgCE1
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:15:08 GMT
server: cloudflare
etag: W/"e9270e0784d11cef70522026cee4882a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e5e2d4dcf467e1-MIA
expires: Thu, 30 Nov 2023 23:37:03 GMT

GET
H2 200 index.js Show response
bank.terselubung.id/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 194ms
190ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a12-6568d3c2-336193ce2ef66bc9;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYbuwcumlxJp31IP%2Fkpvs0u5%2BkISPMlXI14nWZfgxCft8nYkya31GKiSY6fbj9mn0%2FaPf%2F0QwlnsDqvmqADzySTVssJuL7BYA74Xi8h%2BPBAUnAc9uiTCixk31RyhoXw9QIRoOMpYMpOkBD%2BIPYwNG3ik"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffd421e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 index.js Show response
bank.terselubung.id/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 224ms
220ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"328f-6568d3c2-dfaff10081779bcf;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc3VQAWORJjfTnSutnUNmIpc7f%2BkWUvgylb2YAgVS36jWJrE2B2Z4CKrUowUGzqA44mPhYruS4vyjKtQlH4H7KLNNw3RNVCRm%2Bg8uOoUtaryTDG463RqnxGwramcBmT2GiRzJfulFXR2kY6acJ2t5yrL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffd521e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 superfish.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 7 KB
3 KB 191ms
188ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/superfish.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d7c-6568d3c3-84b85c79b30a6544;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iaWP0I8Q9k15UPzypQa9AfVnSGJ%2BH7ABK%2Fbqos4A%2BPeM%2FJhFVhzNVLMf%2FreVDNzja%2FtBln0kg1diqje95pP26hw%2B5kd%2BqQDK39smv7SSX6fN5PMpRcFA5ZlwVdZTf%2BAQO4J1BD2jK0OgBoPmFn%2B%2FGIX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffd621e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery.slicknav.min.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 8 KB
3 KB 187ms
184ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.slicknav.min.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20df-6568d3c3-8310002a07a28588;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn%2FXXnGEIx4IPn%2Fh9VmRjMDd%2F31scHK8KLUoeWYsEIUNTJHhlq9DMBxjRF%2Fq5V7pKfgGevzahU%2Fbbqxd%2FXDyl6NEPHhEgJmNwu4aLsBS8jD3Ck%2BNz9AXYdZCe8MNEy8W%2BkAVU3DoQLSyZ9R5I8qZ7XYP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffd721e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery.sticky.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 192ms
189ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.sticky.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2765-6568d3c3-caccba7dd02e3105;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekxl8iYG1U9gfoyoUh49%2FjmuVYl3eEZim8oy%2By%2F%2FqcM2mAmt%2Fy9Vto4EKMNYTUFrPrkyKRhrGhqfh5%2BqfUbP8QceNuOBPrvf3wCOL4uLpbLOLN3nCm3DYpRG5dXEMi0biSHxgXJ8J1%2FVMTTWN8rdrEW4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffd921e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 modernizr.min.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 15 KB
7 KB 189ms
187ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/modernizr.min.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c36-6568d3c3-20d31cf2711be41;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrHbm0vZRLX21wF%2FQgU9lx28WA8kQg162XLXmv%2FwNydsqdGEhpTx2QmQN9E2ESzPYM8ULqqtWyz7uM086UFbHTyiTuxsyyLSjU%2BbeE44FWsQBy01DOVbmBSmw6fP5xXkpJzvsneIQ2q7DjinHjjx21N%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffdb21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 html5.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 188ms
186ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/html5.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"285a-6568d3c3-b08162f199324278;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjzvJMwEXGOPJCrUFAYGKwHU1J6hT2FJ0OOU8qW6AvtZsUB4ye7LG15oIkPxpvcqMArQ9H%2FHkzEDgybo15PtFIevkLAH69pxiR4KBSm6a1u7L1VEeROnimGf%2Faen5JVUcxiYo3BKvVY7obOfIVuwSM5k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffde21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery.bxslider.min.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 66 KB
16 KB 240ms
239ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.bxslider.min.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"107e0-6568d3c3-d747c51c304c34b9;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMiLP1BKn4cf7JnlWX9H9vkS2faXPVO%2BK%2FwbrrdmEeHYeRumRzN2rw6lDjfqqLYnjzS8t0YK176baPXzDmdTDtA8%2BAieeVa7oa4abiXhJuav83uQyGbVqN3cbLeW5zyCFokH%2BbLv7B1LwJAmS2ceeskF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffdf21e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 jquery.custom.js Show response
bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 4 KB
1 KB 193ms
192ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.custom.js?ver=20171010
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1046-6568d3c3-89ce6ea2c53773c5;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKvemkm40n7g3by1i7XQZaLs03N%2FsmPtAqc1W1hYmrn7S1g7AmXg53vypDXi4vqabVHvz8fsQXOujGnPAG7PIcZdy%2BJ33SMM6L3tFS5c%2FsG3%2BoSMXWBJL74DWjuF%2Fm1%2BB27nWI%2Fhfkr6cri0g4ghM4FE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d1ffe121e7-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
BLOB 200
OK da4bf821-7b1a-41fb-8336-f3530398a8d2
https://bank.terselubung.id/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bank.terselubung.id/da4bf821-7b1a-41fb-8336-f3530398a8d2
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 genericons.css
bank.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons/ 28 KB
16 KB 207ms
206ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6e6a-6568d3c3-e26928b531ec92d7;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW1r7NMEINuH6py0HCvADft33eHSSxel06%2BcGqAm7MQ8KLo%2Fk7eDJzhG4Ryva6lKjcsEoGmp8SBCbmRlLHdoWCpPuCDaO0X49aRgTh1v88I4oDJAfapLnW0wfiLxL5OLoAd6UeaiT9jL2S9KMMejIMg7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d2cdd3d9d1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 196ms
65ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:41:58 GMT
x-content-type-options: nosniff
age: 28504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:41:58 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 212ms
81ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:30:22 GMT
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:30:22 GMT

GET
H3 200 wp-emoji-release.min.js Show response
bank.terselubung.id/wp-includes/js/ 18 KB
5 KB 152ms
151ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.terselubung.id/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Nov 2023 18:26:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-6568d3c4-9526e5046d3cee72;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaJSF9r%2B%2FRQEkysa4oszciBm1xFSGptwG8IJRutf9Vc7zQ69POCm%2F4W3XHGHPUH9HJiQ%2BpC%2BOGCo1THQBXBOWr4I6t3Fj62Rt2%2Fzz%2FP1tbxm9wwFGdt5CiaPDO32YIdcx3C2VEOExhb8wwwFWZZbhAFg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82e5e2d48848d9d1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 20:37:02 GMT

POST
H3 200 admin-ajax.php Show response
bank.terselubung.id/wp-admin/ 35 B
658 B 751ms
750ms XHR
application/json 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.terselubung.id/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=a30af38bb5

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.24

Resource Hash

bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bank.terselubung.id/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.1.24
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: https://bank.terselubung.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxNfqC%2BQKLo%2BLiKU%2Fqz5acb6sLaDBK55LJXIvhD8J8xRZx5BnijTm5ha2zmedgeMsN5ppylN4AFF8KIF5QSIuOQOfvJAi%2Fy8dB3Pd67FTCjY4%2BlIAWJ4OxlQ8hmkXr6nUQt1heVPjvsYrRVG5VYJyjrt"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 82e5e2d4984dd9d1-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 236ms
106ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137246
x-xss-protection: 0
server: cafe
etag: 2845442418029844221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:03 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 89C9 9 KB
4 KB 199ms
65ms Document
text/html 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 02:15:09 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 02:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8F1 348 KB
80 KB 732ms
731ms Document
text/html 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&adk=1812271804&adf=3025194257&lmt=1701376623&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbank.terselubung.id%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701376622928&bpp=3&bdt=589&idt=385&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4861066327630&frm=20&pv=2&ga_vid=1146838255.1701376623&ga_sid=1701376623&ga_hid=499278895&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C44795922%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2634495507094600&tmod=354707356&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=404

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9a8ba45663a5604297c4a9afe3d151ec473282467350a4488246c8fbd1541ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 81795
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:37:04 GMT
expires: Thu, 30 Nov 2023 20:37:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C8C 124 KB
41 KB 588ms
587ms Document
text/html 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701376623&rafmt=1&format=260x600&url=https%3A%2F%2Fbank.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701376622931&bpp=2&bdt=591&idt=411&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4861066327630&frm=20&pv=1&ga_vid=1146838255.1701376623&ga_sid=1701376623&ga_hid=499278895&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C44795922%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2634495507094600&tmod=354707356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=416

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

608e2f634446c9bae4d650622fb932892308993ca99a1258a2ad7fbc4a08dc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41676
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:37:03 GMT
expires: Thu, 30 Nov 2023 20:37:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reeboksneakers.biz.1523443.es6.js Show response
jsc.mgid.com/r/e/ 315 KB
95 KB 646ms
608ms Script
text/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-amz-version-id: 0J2EPewNx8zBUk7PetQtn_j6vBnUjcAA
content-encoding: br
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: G18JQQXJSD0KGPES
cf-polished: origSize=322222
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bJ+RRwKzwJ3M3TG5lxgyPlGSkHe83jH/p0sXMiKISVkAyeKBbaY4mNjX1Ik/HM2WUHPiZD/d1rBMoA0MXGfW853tWstDJFrg
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:15:08 GMT
server: cloudflare
etag: W/"be6c40568fb47806b940d1699994411c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82e5e2d90d8021eb-MIA
expires: Thu, 30 Nov 2023 23:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3C8C 6 KB
802 B 83ms
82ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701376623&rafmt=1&format=260x600&url=https%3A%2F%2Fbank.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701376622931&bpp=2&bdt=591&idt=411&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4861066327630&frm=20&pv=1&ga_vid=1146838255.1701376623&ga_sid=1701376623&ga_hid=499278895&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078238%2C44795922%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2634495507094600&tmod=354707356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:26:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:37:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3C8C 2 KB
903 B 213ms
73ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3C8C 24 KB
9 KB 218ms
79ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3C8C 3 KB
1 KB 269ms
131ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3C8C 20 KB
9 KB 202ms
64ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C8C 202 KB
64 KB 93ms
65ms Script
text/javascript 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3C8C 37 KB
16 KB 211ms
64ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/4011384612764896702/ Frame 3C8C 19 KB
19 KB 271ms
135ms Image
image/jpeg 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4011384612764896702/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbce5fb4bcacf756f47f86d1669f7e2917919f69ca368a359fa690636855f0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19194
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 16:27:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 20:37:04 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1606282234179638122/ Frame 3C8C 5 KB
5 KB 209ms
74ms Image
image/png 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1606282234179638122/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:53:02 GMT
x-content-type-options: nosniff
age: 24242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 07:28:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 13:53:02 GMT

GET
DATA 200
OK truncated
/ Frame 3C8C 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 95ms
94ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc3decf9f40ea22c69229c6a4ccf4af1de85be11a2919708ac60e54edc2c435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55836
x-xss-protection: 0
server: cafe
etag: 18218369435833834631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
DATA 200
OK truncated
/ Frame 3C8C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e8d962750085c7e5d6482dfa37acf359cbe40d949e11acbefde7dabd550dfa8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C8C 15 KB
15 KB 65ms
64ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:30:22 GMT
x-content-type-options: nosniff
age: 22002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:30:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C8C 15 KB
16 KB 78ms
78ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:41:58 GMT
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:41:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3C8C 15 KB
15 KB 91ms
91ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:26:33 GMT
x-content-type-options: nosniff
age: 631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 20:26:33 GMT

GET
BLOB 200
OK c023a850-f575-40ab-b7e3-95cecdfb6e01
https://bank.terselubung.id/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bank.terselubung.id/c023a850-f575-40ab-b7e3-95cecdfb6e01
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 81191aad-fa47-478d-8e13-f7fc09d733e5
https://bank.terselubung.id/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bank.terselubung.id/81191aad-fa47-478d-8e13-f7fc09d733e5
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 4990 9 KB
4 KB 66ms
65ms Document
text/html 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:44:10 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 19:44:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame CF19 9 KB
4 KB 65ms
65ms Document
text/html 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:44:10 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 19:44:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 92ms
70ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fbank.terselubung.id%2F&cbuster=1701376624295984347242&pvid=18c21f306a7b1e0b2de&implVersion=11&cxurl=https%3A%2F%2Fbank.terselubung.id%2F&site=909306&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e5e2de1db667e1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 css2
fonts.googleapis.com/ Frame 4990 4 KB
671 B 83ms
82ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:27:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4990 205 B
296 B 68ms
65ms Image
image/png 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:10:23 GMT
x-content-type-options: nosniff
age: 523601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Nov 2024 19:10:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4990 604 B
919 B 66ms
64ms Image
image/png 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 15:53:20 GMT
x-content-type-options: nosniff
age: 17024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Nov 2024 15:53:20 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 4990 16 KB
7 KB 75ms
73ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 23:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 23:55:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 4990 22 KB
9 KB 68ms
67ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 22:53:30 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3C8C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CE5Yub_JoZeSYH5i54_UPtJK94AiOs6vFdL3A2sfmEZWJxZaNDhABIMD9nY8BYMmGgIDco8QQoAHThueUKcgBCakCU24ivAlPsj6oAwHIA8sEqgSLAk_QlbYS_IpHXEdHbZXNSBDVXdk1-LK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c0466c1b2fcfeef0000000000000000%22,%222%22:%220x54c6ad29d3e2fea80000000000000000%22,%223%22:%220x96ddab...

0
0

242ms
115ms

Fetch
text/css

142.251.176.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5c0466c1b2fcfeef0000000000000000%22,%222%22:%220x54c6ad29d3e2fea80000000000000000%22,%223%22:%220x96ddab7871c7dd320000000000000000%22,%224%22:%220x2ee8f388526bfb3e0000000000000000%22,%225%22:%220x6cf677bc7c33f4490000000000000000%22},%22debug_key%22:%2210315408994593429422%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211049485139%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221587869036910855553%22}&andc=true

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

142.251.176.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yucmhaa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5c0466c1b2fcfeef0000000000000000","2":"0x54c6ad29d3e2fea80000000000000000","3":"0x96ddab7871c7dd320000000000000000","4":"0x2ee8f388526bfb3e0000000000000000","5":"0x6cf677bc7c33f4490000000000000000"},"debug_key":"10315408994593429422","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"1587869036910855553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 20:37:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 20:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5c0466c1b2fcfeef0000000000000000","2":"0x54c6ad29d3e2fea80000000000000000","3":"0x96ddab7871c7dd320000000000000000","4":"0x2ee8f388526bfb3e0000000000000000","5":"0x6cf677bc7c33f4490000000000000000"},"debug_key":"10315408994593429422","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11049485139"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"1587869036910855553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame CF19 4 KB
655 B 145ms
144ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:23:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CF19 2 KB
857 B 66ms
66ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame CF19 24 KB
9 KB 67ms
66ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CF19 3 KB
1 KB 74ms
73ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame CF19 20 KB
8 KB 75ms
75ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF19 202 KB
64 KB 66ms
66ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame CF19 37 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/1965156860178366984/ Frame CF19 40 KB
40 KB 76ms
75ms Image
image/jpeg 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1965156860178366984/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac75ee18ee38cfe8609e9a70b6d1ebed0c7ac2a2bdbf22917d78fffe12caf0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 15:18:05 GMT
x-content-type-options: nosniff
age: 19139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40723
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 00:15:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 15:18:05 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10810523113920832282/ Frame CF19 5 KB
5 KB 111ms
111ms Image
image/png 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10810523113920832282/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:14:34 GMT
x-content-type-options: nosniff
age: 55350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4885
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 13:45:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 05:14:34 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C2E 50 KB
19 KB 69ms
69ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:38 GMT

GET
BLOB 206
Partial Content 955a5799-9127-46fc-94b8-08dafb5dcd03
https://bank.terselubung.id/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bank.terselubung.id/955a5799-9127-46fc-94b8-08dafb5dcd03
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 css
fonts.googleapis.com/ Frame EB2C 14 KB
1 KB 106ms
106ms Stylesheet
text/css 2607:f8b0:4023:1402::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1402::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 20:28:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EB2C 2 KB
857 B 68ms
66ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame EB2C 24 KB
9 KB 67ms
67ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A1E 143 B
166 B 66ms
64ms Document
text/html 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:54:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EB2C 3 KB
1 KB 74ms
68ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame EB2C 20 KB
8 KB 74ms
69ms Script
text/javascript 2607:f8b0:4023:1413::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1413::84 Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB2C 202 KB
64 KB 70ms
68ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 20:37:04 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame EB2C 37 KB
15 KB 69ms
65ms Script
text/javascript 2607:f8b0:4023:1404::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:21:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 10:56:11 GMT

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 65ms
45ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7WA8KCPZQAH2PZWF
age: 4815
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5e2df1f4e67e1-MIA
expires: Fri, 01 Dec 2023 20:37:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
893 B 64ms
44ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 1708
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5e2df1f4d67e1-MIA
expires: Fri, 01 Dec 2023 20:37:04 GMT

GET
DATA 200
OK truncated
/ Frame CF19 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b143a7042cf4ee9d4b7582bc8abd54bfe0487476b560f3cdfc36e9b68012d0af

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 254ms
115ms Preflight
text/html 142.251.176.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.176.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yucmhaa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:37:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF19 15 KB
16 KB 66ms
65ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:41:58 GMT
x-content-type-options: nosniff
age: 28506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 12:41:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CF19 15 KB
15 KB 70ms
70ms Font
font/woff2 2607:f8b0:4023:140f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:140f::5e Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:30:22 GMT
x-content-type-options: nosniff
age: 22002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 14:30:22 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1523443/ 5 KB
2 KB 129ms
94ms Script
application/x-javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1523443/1?mp4=1&ap=1&w=260&h=1014&sz=257x227&szp=1,2,3,4&szl=1;2;3;4&cols=1&sessionId=6568f270-06c37&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fbank.terselubung.id%2F&cbuster=1701376624590141945556&pvid=18c21f306a7b1e0b2de&implVersion=11&cxurl=https%3A%2F%2Fbank.terselubung.id%2F&scum=%3F0&scuw=%3F0&uniqId=07c43&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=2243

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c622b165394c6c74bafb43bbac05002172f49b8a38b80f49438567de9bde3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82e5e2e0094e67e1-MIA
alt-svc: h3=":443"; ma=86400

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A1E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

182ms
181ms

Document
text/html

2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:37:05 GMT
expires: Thu, 30 Nov 2023 20:37:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:37:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame EF6F 50 KB
19 KB 65ms
65ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:38 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CF19
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkYcyb_JoZcWjH6XB998Pkb-dyAvlm9SsdPna4aaJEs2L6qnBARABIMD9nY8BYMmGgIDco8QQoAGeu4P7KcgBCakCU24ivAlPsj6oAwHIA8sEqgSMAk_QrpE9WX75vjbNV9e5UL7rWFR8Aty...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15366b9e425ec2240000000000000000%22,%222%22:%220x1f64ddb6ac36b4a10000000000000000%22,%223%22:%220xd82cc9...

0
0

192ms
190ms

Fetch
text/css

142.251.176.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15366b9e425ec2240000000000000000%22,%222%22:%220x1f64ddb6ac36b4a10000000000000000%22,%223%22:%220xd82cc9f7854bae260000000000000000%22,%224%22:%220xdb254c011b9b81d50000000000000000%22,%225%22:%220xba8909d54e3b62f10000000000000000%22},%22debug_key%22:%224149208137687547733%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263860126%22],%224%22:[%2211-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212661217192099569377%22}&andc=true

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

142.251.176.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yucmhaa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x15366b9e425ec2240000000000000000","2":"0x1f64ddb6ac36b4a10000000000000000","3":"0xd82cc9f7854bae260000000000000000","4":"0xdb254c011b9b81d50000000000000000","5":"0xba8909d54e3b62f10000000000000000"},"debug_key":"4149208137687547733","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263860126"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"12661217192099569377"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 20:37:05 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 20:37:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x15366b9e425ec2240000000000000000","2":"0x1f64ddb6ac36b4a10000000000000000","3":"0xd82cc9f7854bae260000000000000000","4":"0xdb254c011b9b81d50000000000000000","5":"0xba8909d54e3b62f10000000000000000"},"debug_key":"4149208137687547733","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263860126"],"4":["11-30"],"6":["true"]},"priority":"500","source_event_id":"12661217192099569377"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 79E1 50 KB
19 KB 65ms
64ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 21:34:38 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 314ms
314ms Preflight
text/html 142.251.176.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.176.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yucmhaa-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:37:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
992 B 43ms
41ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7WA8KCPZQAH2PZWF
age: 4815
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5e2e15ba167e1-MIA
expires: Fri, 01 Dec 2023 20:37:04 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
582 B 44ms
42ms Image
image/svg+xml 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 1708
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82e5e2e15ba467e1-MIA
expires: Fri, 01 Dec 2023 20:37:04 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8xMzUzMDkvOGZkM...
s-img.mgid.com/g/17924127/492x277/-/ 8 KB
8 KB 153ms
52ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17924127/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8xMzUzMDkvOGZkMjdlMTNjZDNiZmU1MzFiMzlkODczZTM0NDM2OGUuanBlZw.webp?v=1701376624-9AHsb5tMUWJ8tEkSyIGqTVHPlIcyZh867ERm_hlHGGk

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d232e960083273781aa206a79b87801a165be4c1f380b456c9052f8546e18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 2e817037-d270-4703-8851-18435eab601d
age: 28797
alt-svc: h3=":443"; ma=86400
content-length: 7772
last-modified: Thu, 30 Nov 2023 11:16:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e5e2e1fa750362-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjk0MDMvZWUyM...
s-img.mgid.com/g/17694976/492x277/-/ 18 KB
18 KB 155ms
54ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17694976/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjk0MDMvZWUyMGE4MjY1N2MzMzk1MDI4NjE0NzliN2E3ODU4NDcuanBn.webp?v=1701376624-EQYeq1meBnFUFSSLZUMQcjghTn7Gjv6-euRkVvgdviE

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

407571bf914f7fc37d433bb2331723d08982d94ad9568cba2d1b8bde13005a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: ab73f17f-57ce-4b1b-8246-6524dbc301d1
age: 122967
alt-svc: h3=":443"; ma=86400
content-length: 18172
last-modified: Thu, 09 Nov 2023 09:44:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e5e2e1fa790362-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvYzM5Y...
s-img.mgid.com/g/17551327/492x277/-/ 17 KB
17 KB 153ms
53ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17551327/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC83ODMzODUvYzM5YmYzZjIzMmEyYTM3YjFkNDdlYmMxMzhkMmU3MjcuanBlZw.webp?v=1701376624-ClbFxGcfRptBBDpudlne5Kpu9x-K9KaPgo3A5BEIqDY

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c00a2b31c1b0c8b16a419a32ef5e1fe1ca51d0871cbc03ede20a12252233a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: be5cb5ad-3370-4bdf-b37a-174dcd1b4595
age: 2553833
alt-svc: h3=":443"; ma=86400
content-length: 17030
last-modified: Fri, 27 Oct 2023 04:10:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e5e2e1fa7b0362-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8yMjc0ODAvNGZhO...
s-img.mgid.com/g/16804831/492x277/-/ 7 KB
7 KB 159ms
60ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16804831/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8yMjc0ODAvNGZhOWY1MzA1YmI4ZTNjNmI2NTFkYmM5MDNkNjFhOTUuanBlZw.webp?v=1701376624-yK3hga4kpu8VmFPZMWkOHMYT1inVkPjVdP4vrbj0HK0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8325554d93b902568120731557e70759862d170d7cf5cbd53c18c998692052

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
Origin: https://bank.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 084997e0-f50f-47cc-bd25-12be4335ea2b
age: 763376
alt-svc: h3=":443"; ma=86400
content-length: 6970
last-modified: Sun, 13 Aug 2023 03:21:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82e5e2e1fa7d0362-MIA

GET
H2 200 i.js Show response
cm.mgid.com/ 4 KB
2 KB 78ms
75ms Script
application/javascript 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?muid=nau4LFoJNvBc&cbuster=1701376624844289643965

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65791036da97c4e3df74db3665314241006b5475b7c3d40a10d169b62bd8acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e16bcb67e1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 141ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: P91W47HHEZS8ND2D
age: 1204
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82e5e2e1fd54da33-MIA
x-amz-id-2: BtjRvaFOHKAloduKDjJ/cJr8bM4ZdH9EthIEq23FPyPC5mbd98gFP/3e/ZJLgAUqochKpmMeKj6Lf7o/t9Thyg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 211ms
65ms Script
application/javascript 23.51.53.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-53-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=29636
accept-ranges: bytes
content-length: 63913
expires: Fri, 01 Dec 2023 04:51:01 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 1D3F 0
0 217ms
68ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nau4LFoJNvBc&cbuster=1701376624844289643965
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

date: Thu, 30 Nov 2023 20:37:04 GMT
server: 33XP002
x-33x-status: 2000208

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 1397 1 KB
864 B 169ms
49ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nau4LFoJNvBc&cbuster=1701376624844289643965
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2854
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 82e5e2e2ac9b9aba-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:37:05 GMT
last-modified: Thu, 30 Nov 2023 19:49:31 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 940A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

281 B
555 B

228ms
64ms

Document
text/html

23.36.206.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nau4LFoJNvBc&cbuster=1701376624844289643965
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.206.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-206-138.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://bank.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Nov 2023 20:37:05 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 30 Nov 2023 20:37:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
server: AkamaiGHost

GET
H2

200

1000.gif
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712056.gif?
https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCPHko6sGEgUI6AcQAEIASgA

42 B
303 B

73ms
72ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCPHko6sGEgUI6AcQAEIASgA
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 30 Nov 2023 20:37:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CPi6KxoNCPHko6sGEgUI6AcQAEIASgA
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 0
0

GET
H2 400 sync
t.adx.opera.com/pub/ 0
413 B 401ms
131ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy=
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D
https://cm.mgid.com/m?cdsp=737576&c=bdf5b9f5-cee2-c2e8-93bc-c8d3328db57c

43 B
514 B

103ms
103ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=737576&c=bdf5b9f5-cee2-c2e8-93bc-c8d3328db57c

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e35edadaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=737576&c=bdf5b9f5-cee2-c2e8-93bc-c8d3328db57c
content-length: 88
content-type: text/plain; charset=utf-8

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent=&verify=true

0
121 B

61ms
61ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent=&verify=true

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714&_origin=1&gdpr=0&gdpr_consent=&verify=true
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/match?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent=

70 B
440 B

61ms
61ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent=
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 30 Nov 2023 20:37:05 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=dn2m51u&uid=nau4LFoJNvBc&gdpr=0&gdpr_consent=
Date: Thu, 30 Nov 2023 20:37:05 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://cm.mgid.com/m?cdsp=501037&c=411XmTp3DvTmbPWQfseJQDXJy1zVJ4SVqtQkonkiadY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

43 B
492 B

71ms
70ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=501037&c=411XmTp3DvTmbPWQfseJQDXJy1zVJ4SVqtQkonkiadY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e61bacdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=411XmTp3DvTmbPWQfseJQDXJy1zVJ4SVqtQkonkiadY&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT, Thu, 30 Nov 2023 20:37:05 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F6554%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3De3aec3db-36cb-4e31-a95d-41be764ccb98%26bidder%...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F6554%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%25...
https://prebid.a-mo.net/cchain/0/6554?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=e3aec3db-36cb-4e31-a95d-41be764ccb98&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=...
https://cm.mgid.com/m?cdsp=779131&c=e3aec3db-36cb-4e31-a95d-41be764ccb98&gdpr=0

43 B
492 B

74ms
74ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=779131&c=e3aec3db-36cb-4e31-a95d-41be764ccb98&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e5aaeddaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=779131&c=e3aec3db-36cb-4e31-a95d-41be764ccb98&gdpr=0
date: Thu, 30 Nov 2023 20:37:05 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H/1.1 204
No Content 34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 0
103 B 451ms
139ms Image
text/plain 109.206.161.21
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=nau4LFoJNvBc&gdpr=0&gdpr_consent=&ccpa_consent=
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.161.21 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.161.21.serverel.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 30 Nov 2023 20:37:05 GMT
Server: nginx

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTY1RkZBQUEtQzIwNy00RDdBLTg3OTEtRkRDNTA3NzY1Rjc4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DE65FFAAA-C207-4D7A-8791-FDC507765F78&us_privacy=%24%7BUS_PRIVACY%7D
https://cm.mgid.com/m?cdsp=712807&c=E65FFAAA-C207-4D7A-8791-FDC507765F78

43 B
556 B

69ms
68ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=E65FFAAA-C207-4D7A-8791-FDC507765F78

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e878acdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=E65FFAAA-C207-4D7A-8791-FDC507765F78
date: Thu, 30 Nov 2023 11:36:31 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmF1NExGb0pOdkJj&muidn=nau4LFoJNvBc
https://cm.mgid.com/google?muidn=nau4LFoJNvBc&google_ula={guid},5&google_gid=CAESEBIiqKgsUsSWrNX_jSqaxME&google_cver=1

0
137 B

68ms
68ms

Image
text/plain

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/google?muidn=nau4LFoJNvBc&google_ula={guid},5&google_gid=CAESEBIiqKgsUsSWrNX_jSqaxME&google_cver=1

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cf-ray: 82e5e2e4e984daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=nau4LFoJNvBc&google_ula={guid},5&google_gid=CAESEBIiqKgsUsSWrNX_jSqaxME&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
158 B 185ms
81ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.idealmedia.io/setmuidn/?muidf=nau4LFoJNvBc

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e5e2e4ab115c79-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true
https://cm.mgid.com/m?cdsp=709070&c=Hvp1jLZHVFtffsyfQEWRu6KE

43 B
508 B

74ms
74ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=709070&c=Hvp1jLZHVFtffsyfQEWRu6KE

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e64c0adaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Date: Thu, 30 Nov 2023 20:37:05 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.mgid.com/m?cdsp=709070&c=Hvp1jLZHVFtffsyfQEWRu6KE
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.rtbsystem.com/mgid?c=nau4LFoJNvBc&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
https://cm.mgid.com/m?cdsp=556372&c=aa044d4e-7241-5417-9d6c-e5ba054a44dd

43 B
493 B

84ms
84ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=556372&c=aa044d4e-7241-5417-9d6c-e5ba054a44dd

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e60b94daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

date: Thu, 30 Nov 2023 20:37:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOG1CVcfFHMPvjQ%2F3o0etOn57M%2F3vK%2FP2cSISEL7tqrigyXMClmP%2Bzo%2BphsSgcH831XVr9O645pYOl8effCAmcRDtWMvTIBJjZP92psTQcClmFBBRP71xN08H%2BPqjeOqST2w8hWil%2FHq%2FlI8UKaW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
location: https://cm.mgid.com/m?cdsp=556372&c=aa044d4e-7241-5417-9d6c-e5ba054a44dd
cf-ray: 82e5e2e51da0da43-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=07efd070-b0da-4078-a4e5-cdbe3d3bb4b4

43 B
540 B

72ms
72ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=287839&c=07efd070-b0da-4078-a4e5-cdbe3d3bb4b4

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e7ff88daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=07efd070-b0da-4078-a4e5-cdbe3d3bb4b4
date: Thu, 30 Nov 2023 20:37:05 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=6103fd8c-c3f4-4582-8a5e-2a7b7f02d34b

43 B
524 B

68ms
68ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=665953&c=6103fd8c-c3f4-4582-8a5e-2a7b7f02d34b

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e72dc2daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=6103fd8c-c3f4-4582-8a5e-2a7b7f02d34b
access-control-allow-origin: *
date: Thu, 30 Nov 2023 20:37:05 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=827026&c=1499b19b-e682-4338-aa4b-d1ae15a24376

43 B
524 B

82ms
82ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=827026&c=1499b19b-e682-4338-aa4b-d1ae15a24376

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2e78e93daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:37:05 GMT
Server: nginx
Location: https://cm.mgid.com/m?cdsp=827026&c=1499b19b-e682-4338-aa4b-d1ae15a24376
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=nau4LFoJNvBc&
https://pippio.com/api/sync?pid=5324&it=1&iv=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398&expected_cookie=d116e5ab-bbcb-425d-b7f3-65ad93316cb0

0
142 B

146ms
145ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398&expected_cookie=d116e5ab-bbcb-425d-b7f3-65ad93316cb0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F05D80A20AD7411C9761EAD4199AF57E Ref B: MIAEDGE1406 Ref C: 2023-11-30T20:37:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLZJ1rw5qC757a+Oz/bg==

Redirect headers

date: Thu, 30 Nov 2023 20:37:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 158259D3C5094B4DB0EAD7C1A2835D4C Ref B: MIAEDGE1406 Ref C: 2023-11-30T20:37:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=ea6b98fdf25dbff803ddc1ea2e8bd4656f45dab7aba3e285dc597db8ced319e3791426b5417dce21&rand=01008398&expected_cookie=d116e5ab-bbcb-425d-b7f3-65ad93316cb0
x-li-source-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLZJ1pVLYtMgXTBpiTkg==

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 26FA 0
0 130ms
92ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82e5e2e35d8f9aba-MIA
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 20:37:05 GMT
server: cloudflare
vary: Accept-Encoding Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 940A 46 KB
13 KB 67ms
66ms Script
text/html 23.36.206.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.206.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-206-138.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3c914b1c04627d9c5cb3188c4b490de789aef2de035891eb79703a3d43372e93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 20:37:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 01:23:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17221
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 01:24:06 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C8C 42 B
174 B 419ms
418ms Fetch
image/gif 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspLPQa8h2TzEXDgbD7V2b8trv-W5e36hVOgMTBaleoQKd8W4ftC_vVUrHRoTZ5RTfTYIPSLcSJZUGwfh-nJVQcF65qCeIcUIP6SxVNFYQgfndOBAzWvwb-Fx81WMDWnXYbRMjVmJUeFQ&sai=AMfl-YQ5wbSllMudEkFWcC2IflRzXpaz-whhZ5dtosDGqSZL-uIjMPVd2aj1ZDFpGKrTP9ln4er-SqQWW3jeMGa7ztFu66c4FDSJMVJXFboFjDwbzGBq-oF6xjnb3P3bGsdDZDYtzEhMRm5EmZQxAQhUDr622-qdyj0SWFo&sig=Cg0ArKJSzFYS3dmFgiH6EAE&cid=CAQSTgDICaaN9T9ILLoNkvFNBu427Z0HHO9_uOIXbdYPZYfQYS-_do0oNlUHfCkg_tWd51sgc6qH38rpV-yfA4e9RyP_YxxbIxZLkZB9SbHnyBgB&id=lidar2&mcvt=1004&p=0,0,600,260&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=119056837&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701376623349&rpt=1012&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 940A 7 B
778 B 246ms
62ms XHR
application/json 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF19 42 B
64 B 420ms
419ms Fetch
image/gif 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn4p7LfhbYtfnTMhR4czLDtfb8OwudS_o9j9AAwGdk-Ffi7c_s_XuUFMemIPdpOHEZHxZuxhmJy0Nm1XF4704zwfN8rOiWWYZ-HSaxcwsyteY7oLHAiH1UzM6QVm4jZ16ka2n9DlX_CQ&sai=AMfl-YRwok62kQ2JzYm05cgGfKi4xo8KChP8hX6azj96kPRbOmmgP73WPevyzyOnJ1ZdlePmTy93M2bbeDdr27px2ygM5nvV8fnWfuqzi8jWx-SrZwOdnz0RwhD6v2JDvbzlO5WlC0qQgC9ILPB8Br1QMXP1s6sm_s20qas&sig=Cg0ArKJSzNSblwV8nBM9EAE&cid=CAQSTgDICaaNKlSmcoy0bcNt8DmsRwhfS619I3FsljoZBOFoMaCkd6f5AqGE1jCgThYBg75RPLT2nbAjdMBl0yeP6LCny38rY3vb1R48z862gxgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=123,805,1002,1002,1002&tos=123,682,197,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701376624266&rpt=423&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/ Frame 940A
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LPLNPQ87-22-DROU
https://cm.mgid.com/m?cdsp=43070&c=LPLNPQ87-22-DROU&gdpr=0

43 B
571 B

71ms
69ms

Image
image/gif

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=43070&c=LPLNPQ87-22-DROU&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82e5e2ea4c60daad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LPLNPQ87-22-DROU&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 940A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=54350fb1-a512-45ba-aa11-1337bb330a5d&gdpr=0&gdpr_consent=&expires=30

42 B
844 B

75ms
60ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=54350fb1-a512-45ba-aa11-1337bb330a5d&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=54350fb1-a512-45ba-aa11-1337bb330a5d&gdpr=0&gdpr_consent=&expires=30
date: Thu, 30 Nov 2023 20:37:06 GMT
server: Kestrel
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 940A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPLNPQ87-22-DROU&gdpr=0

0
480 B

120ms
120ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPLNPQ87-22-DROU&gdpr=0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9403D09DC1AE4AE292C328B45CC4D46E Ref B: MIAEDGE1406 Ref C: 2023-11-30T20:37:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLZJ1q8xuvHmxgxLzFzQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPLNPQ87-22-DROU&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 940A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTlkNjg2Zjg3NmY4NTBhNjQ5NWZjMWIzMjUzMjNhMzhmYmE1NDNkNA&gdpr=0

170 B
188 B

81ms
80ms

Image
image/png

142.251.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTlkNjg2Zjg3NmY4NTBhNjQ5NWZjMWIzMjUzMjNhMzhmYmE1NDNkNA&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

142.251.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTlkNjg2Zjg3NmY4NTBhNjQ5NWZjMWIzMjUzMjNhMzhmYmE1NDNkNA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 940A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBMTlBRODctMjItRFJPVQ==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEEVyvwHnPQR8hjreObNw7zc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBMTlBRODctMjItRFJPVQ==&google_push=&gdpr=0

170 B
188 B

83ms
83ms

Image
image/png

142.251.166.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBMTlBRODctMjItRFJPVQ==&google_push=&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

142.251.166.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBMTlBRODctMjItRFJPVQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 940A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGSuJAbjdLvtQ8PxgWQu7Sc&google_cver=1

42 B
844 B

172ms
60ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGSuJAbjdLvtQ8PxgWQu7Sc&google_cver=1
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGSuJAbjdLvtQ8PxgWQu7Sc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 940A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1vAbOG1bQlCT_mCj5uhAKg&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1vAbOG1bQlCT_mCj5uhAKg&gdpr=0

43 B
479 B

67ms
66ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1vAbOG1bQlCT_mCj5uhAKg&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:37:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WRXEBCXPANPZ4EMQP86M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1vAbOG1bQlCT_mCj5uhAKg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 940A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HAJCNMfbQJeFHQiBu5Yxlg&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HAJCNMfbQJeFHQiBu5Yxlg&gdpr=0

43 B
479 B

146ms
146ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HAJCNMfbQJeFHQiBu5Yxlg&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:37:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EJ7EZP14STQ2Q35EFFFM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=HAJCNMfbQJeFHQiBu5Yxlg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 940A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LPLNPQ87-22-DROU&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
720 B

162ms
75ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPLNPQ87-22-DROU&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:37:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 14HWCKM85AA0XQH1ZA34
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPLNPQ87-22-DROU&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 940A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/7pMpwwGYsSasYl9PuK4Wo8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHf8_jFE2oKhsLzUJA2sqars6tel0jA0kREO5g--~A

42 B
844 B

61ms
61ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHf8_jFE2oKhsLzUJA2sqars6tel0jA0kREO5g--~A
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EHf8_jFE2oKhsLzUJA2sqars6tel0jA0kREO5g--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 940A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABDik7K0eUAABMqhL3P7A&expires=30&gdpr=0

42 B
844 B

69ms
61ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABDik7K0eUAABMqhL3P7A&expires=30&gdpr=0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABDik7K0eUAABMqhL3P7A&expires=30&gdpr=0
Date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 940A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

82 B
82 B

91ms
90ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82e5e2ea796c9ab7-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 Nov 2023 20:37:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LPLNPQ87-22-DROU&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82e5e2e9d86b9ab7-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 940A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPLNPQ87-22-DROU&gdpr=0

43 B
1 KB

69ms
69ms

Image
image/gif

68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPLNPQ87-22-DROU&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 20:37:06 GMT
an-x-request-uuid: 12e85390-31ff-4c89-994d-d1cd15054405
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.70; 38.132.118.70; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPLNPQ87-22-DROU&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 940A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f971625-2db3-4d48-acfa-3f012ea0417a&expires=30&gdpr=0

42 B
844 B

61ms
61ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f971625-2db3-4d48-acfa-3f012ea0417a&expires=30&gdpr=0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f971625-2db3-4d48-acfa-3f012ea0417a&expires=30&gdpr=0
Date: Thu, 30 Nov 2023 20:37:06 GMT
Connection: keep-alive
X-CI-RTID: 2514519c-6cec-4828-9298-5b32d7718008
Content-Length: 155
Content-Type: text/html; charset=utf-8

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 940A
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0

95 B
436 B

53ms
52ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPLNPQ87-22-DROU&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 940A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
https://prebid.a-mo.net/setuid/magnite?uid=LPLNPQ87-22-DROU&gdpr=0

0
124 B

60ms
58ms

Image
text/plain

147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LPLNPQ87-22-DROU&gdpr=0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: H2
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:05 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LPLNPQ87-22-DROU&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 940A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LPLNPQ87-22-DROU&gdpr=0

43 B
664 B

207ms
66ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPLNPQ87-22-DROU&gdpr=0
Requested by: Host: bank.terselubung.id
URL: https://bank.terselubung.id/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Nov 2023 20:37:06 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LPLNPQ87-22-DROU&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
279 B 480ms
149ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

0e4a12eabe185343c5a8630fb97c0d7cc17f508316d589d7353aa21f7de0718b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://bank.terselubung.id
date: Thu, 30 Nov 2023 20:37:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 c
c.mgid.com/ 43 B
229 B 74ms
72ms Image
image/gif 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?v=257|210|8|K3V4_MNwuRZMfnKlk1v0EnnimS9bE3IIn1_jRU5wyDP1QU_R8Yh1f8pn-DPaJXyICnFrtjl1Dz_8VdMjco-Cug**&fw=1&f=1&cid=1523443&cbuster=1701376626068968706016&pageImp=1&pvid=18c21f306a7b1e0b2de&pv=3&h2=uhtLXf3QoU3zh6VX8sSo-SRJbz7sxNRMSMwevDm0hHU*&rid=38eec60e-8fc0-11ee-9b69-c84bd6836d7e&tt=Direct&iv=11&completion=1,4&muidn=nau4LFoJNvBc

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: ba362a3e-67f0-4078-9d5f-159816140fb8
server: cloudflare
content-type: image/gif
cf-ray: 82e5e2e909ebdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
200 B 101ms
77ms Image
image/gif 2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=135309&type=c&tg=aa26f537f8ab5657f6c2acec581474c3&gdpr=0&gdpr_consent=&us_privacy=&mgbuster=090d1

Requested by

Host: bank.terselubung.id
URL: https://bank.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bank.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82e5e2e92be967e1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H2 200 v3 Show response
id5-sync.com/gm/ 691 B
1 KB 481ms
161ms XHR
application/json 141.95.33.120

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf8f65cabf7294a0ccc2a2a3dc2d879d193588df30f41933fede3166f6d6cee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://bank.terselubung.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bank.terselubung.id
date: Thu, 30 Nov 2023 20:37:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET

us
sync.go.sonobi.com/
Redirect Chain

https://id5-sync.com/i/231/8.gif?id5id=ID5*Q6GsL1lb1Tvel3YdQGACD5sCJcT2wLunhGeSfO_835hxuV1u2C_1IILrt4MsvLUmcboUrjHb0o2x4yI_2pkPJg&o=api&gdpr_consent=undefined&gdpr=false
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/231/796/7/2.gif?puid=7f971625-2db3-4d48-acfa-3f012ea0417a&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/231/108/6/3.gif?puid=a7d12bdb-704a-4710-b7f2-b097f9fc4970&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:36:18	Name: __cf_bm Value: ijmXC5D8TGZ8iNk0M9rMrrKO4Ro0Vjoqu2oL1wsiUXU-1701376623-0-AWVI2EBCMFjR+R/bWXkyBL2Dnok34d5nGyBHbr+ReTL4L/io1xgVkM67EpLO7X8HP0cxLPRmTzTQeSi5RcCUHnY=
.terselubung.id/	1970-01-21 01:57:52	Name: __gads Value: ID=4f31598620d2416e:T=1701376623:RT=1701376623:S=ALNI_MY4Ke6cFYObRf5cgMwujZYw7tx2rA
.terselubung.id/	1970-01-21 01:57:52	Name: __gpi Value: UID=00000da4dddaf089:T=1701376623:RT=1701376623:S=ALNI_MYno0vDcY-oCdVp4kuGHJ8r4SFu6A
.doubleclick.net/	1970-01-21 02:12:16	Name: IDE Value: AHWqTUlVbH5SPK12-06xUbo5e9ZYigLRDPPDM3D7OFwDdCSHse2hkDG6JqvmIyYS9OQ
.mgid.com/	1970-01-21 01:21:52	Name: muidn Value: nau4LFoJNvBc
bank.terselubung.id/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1523443%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701376624833%22%7D%7D
.googleadservices.com/	1970-01-20 18:45:52	Name: ar_debug Value: 1
.rlcdn.com/	1970-01-21 01:21:52	Name: rlas3 Value: qQOEThMCQeY+Iy7nXoT8fk+A3c5xU4Qwh90g/SxVUjM=
.bidswitch.net/	1970-01-21 01:21:52	Name: tuuid Value: 0d0fd5bf-84ac-4a9d-8ac0-12299c7eb714
.bidswitch.net/	1970-01-21 01:21:52	Name: c Value: 1701376625
.bidswitch.net/	1970-01-21 01:21:52	Name: tuuid_lu Value: 1701376625
.doubleclick.net/	1970-01-20 16:36:20	Name: DSID Value: NO_DATA
.e-volution.ai/	1970-01-20 17:19:28	Name: lluid Value: bdf5b9f5-cee2-c2e8-93bc-c8d3328db57c
.prebid.a-mo.net/	1970-01-20 16:37:43	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-21 01:21:52	Name: amuid2 Value: e3aec3db-36cb-4e31-a95d-41be764ccb98
.prebid.a-mo.net/	1970-01-21 01:21:52	Name: sd_amuid2 Value: e3aec3db-36cb-4e31-a95d-41be764ccb98
bank.terselubung.id/	1970-01-20 17:19:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.eyeota.net/	1970-01-21 01:23:19	Name: mako_uid Value: 18c21f30a4b-11c20000010a569f
.eyeota.net/	1970-01-20 16:36:17	Name: SERVERID Value: 22175~DM
.adx.opera.com/	1970-01-21 01:21:52	Name: UID Value: OPU6c595b92b3954bfdaa142124df729486
.pubmatic.com/	1970-01-20 16:37:43	Name: KTPCACOOKIE Value: YES
.adnxs.com/	1970-01-20 18:45:52	Name: uuid2 Value: 933256858392541781
.yahoo.com/	1970-01-21 01:22:14	Name: A3 Value: d=AQABBHHyaGUCEJpsnQncEaAf7NP_95Ldh_gFEgEBAQFDamVyZdxH0iMA_eMAAA&S=AQAAAlYzEvuoaHwNITPT8Segyh8
.pubmatic.com/	1970-01-20 18:45:52	Name: SyncRTB3 Value: 1702512000%3A220
.pubmatic.com/	1970-01-21 01:21:52	Name: KADUSERCOOKIE Value: E65FFAAA-C207-4D7A-8791-FDC507765F78
.creativecdn.com/	1970-01-21 01:21:52	Name: u Value: ipwvWthAG3elXTh0CDnX
.creativecdn.com/	1970-01-21 01:21:52	Name: g Value: ipwvWthAG3elXTh0CDnX_1701376625377
.creativecdn.com/	1970-01-21 01:21:52	Name: ts Value: 1701376625
.analytics.yahoo.com/	1970-01-21 01:21:52	Name: IDSYNC Value: 173n~2fck
.rlcdn.com/	1970-01-20 18:02:40	Name: pxrc Value: CPHko6sGEgUI6AcQABIFCOhHEAA=
.lijit.com/	1970-01-21 01:21:52	Name: ljt_reader Value: Hvp1jLZHVFtffsyfQEWRu6KE
.rtbsystem.com/	1970-01-21 01:21:52	Name: ut-0 Value: aa044d4e-7241-5417-9d6c-e5ba054a44dd
.rtbsystem.com/	1970-01-21 01:21:52	Name: ut-28 Value: 6184499511020
.rtbsystem.com/	1970-01-21 01:21:52	Name: ut-15 Value: AB044AF860D68E80BD6F52BCCBF6CCE4E1A92A9035B79B4A37B3A2AB6DF7C1C0
.rubiconproject.com/	1970-01-21 01:21:52	Name: khaos Value: LPLNPQ87-22-DROU
.360yield.com/	1970-01-20 18:45:52	Name: tuuid Value: 6103fd8c-c3f4-4582-8a5e-2a7b7f02d34b
.360yield.com/	1970-01-20 18:45:52	Name: tuuid_lu Value: 1701376625
.pippio.com/	1970-01-21 01:21:52	Name: did Value: KTsivjcXT-VHv07e
.pippio.com/	1970-01-21 01:21:52	Name: didts Value: 1701376625
.pippio.com/	1970-01-20 18:02:40	Name: nnls Value:
.pippio.com/	1970-01-20 18:02:40	Name: pxrc Value: CPHko6sGEgYIgr0rEAA=
.pubmatic.com/	1970-01-20 16:37:43	Name: pi Value: 161673:3
.pubmatic.com/	1970-01-20 18:45:52	Name: chkChromeAb67Sec Value: 2
.mfadsrvr.com/	1970-01-21 02:12:16	Name: tuuid Value: 07efd070-b0da-4078-a4e5-cdbe3d3bb4b4
.mfadsrvr.com/	1970-01-21 02:12:16	Name: c Value: 1701376625
.mfadsrvr.com/	1970-01-21 02:12:16	Name: tuuid_lu Value: 1701376625
.krushmedia.com/	1970-01-20 16:56:26	Name: krm_usr Value: 1499b19b-e682-4338-aa4b-d1ae15a24376
.krushmedia.com/	1970-01-20 16:56:26	Name: krm_r Value: 574
.mfadsrvr.com/	1970-01-21 02:12:16	Name: ssh Value: !mgid,1701376625
.linkedin.com/	1970-01-20 18:45:52	Name: li_sugr Value: d116e5ab-bbcb-425d-b7f3-65ad93316cb0
.linkedin.com/	1970-01-20 16:37:43	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2899:u=1:x=1:i=1701376625:t=1701463025:v=2:sig=AQEDJ5CbWFhL4-LsZ8OcdV45XLhc-m6n"
.linkedin.com/	1970-01-21 01:21:52	Name: bcookie Value: "v=2&d9a07b0d-babc-4006-8bc0-98ff39906f9e"
.adsrvr.org/	1970-01-21 01:23:19	Name: TDID Value: 54350fb1-a512-45ba-aa11-1337bb330a5d
pixel.rubiconproject.com/	1970-01-20 18:45:52	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 01:23:19	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMz56OPE-7g8EAUYBSABKAIyCwiG4aSQ2_u4PBAFOAE.
.amazon-adsystem.com/	1970-01-21 02:12:16	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 02:04:46	Name: bito Value: AABDik7K0eUAABMqhL3P7A
.bidr.io/	1970-01-21 02:04:46	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 18:45:52	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2In5oVM#N!]tbP6j2F-.aDabByFnKcfLv@30N[^BmD'kk0WP(@<h8meR1_?qF1`b_T!(hmy7
.adnxs.com/	1970-01-20 18:45:52	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQTE5QUTg3LTIyLURST1UiLCJleHBpcmVzIjoiMjAyNC0wMi0yOFQyMDozNzowNloifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0zMFQyMDozNzowNloifQ==
pixel-us-west.rubiconproject.com/	1970-01-20 18:45:52	Name: receive-cookie-deprecation Value: 1
.connatix.com/	1970-01-20 17:19:28	Name: cnx_userId Value: d1b11dfad81f4a18ab59a884c95c88a7
.prebid.a-mo.net/	1970-01-20 16:37:43	Name: _sv3_7 Value: 1
cm.mgid.com/	1970-01-20 17:19:28	Name: mg_sync Value: {"265689":1701376624,"287839":1701376625,"363887":1701376624,"43070":1701376626,"433146":1701376624,"516418":1701376624,"665953":1701376625,"709070":1701376625,"709071":1701376624,"712807":1701376626,"720798":1701376624,"737576":1701376625,"779131":1701376625}
.tapad.com/	1970-01-20 18:02:40	Name: TapAd_TS Value: 1701376626330
.tapad.com/	1970-01-20 18:02:40	Name: TapAd_DID Value: a7d12bdb-704a-4710-b7f2-b097f9fc4970
.ipredictive.com/	1970-01-21 01:21:52	Name: cu Value: 7f971625-2db3-4d48-acfa-3f012ea0417a\|1701376626351
.tapad.com/	1970-01-20 18:02:40	Name: TapAd_3WAY_SYNCS Value:
.lijit.com/	1970-01-21 01:21:52	Name: _ljtrtb_80 Value: LPLNPQ87-22-DROU
.amazon-adsystem.com/	1970-01-20 21:44:26	Name: ad-id Value: A84vd26emUFgoeeEvI-3wUs
.rubiconproject.com/	1970-01-21 01:21:52	Name: audit Value: 1\|mLzRnrbE3wgQEa/BMEHBpoZx8w9YJ90jwGwU54Wi92mbz16xSA9sXa+wGWRfAK24h4tHIOE2ptIiZ07GJqnMnrT0MEv0F07OHm0QlslGhrY=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ap.lijit.com
bank.terselubung.id
c.mgid.com
capi.connatix.com
cdn.connectad.io
cdn.id5-sync.com
cdn.mgid.com
ce.lijit.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pippio.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssc-cms.33across.com
sync-eu.connectad.io
sync.e-volution.ai
sync.go.sonobi.com
sync.ipredictive.com
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.direct.e-volution.ai
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cs.admanmedia.com
sync.go.sonobi.com
104.18.41.104
107.178.254.65
109.206.161.21
141.95.33.120
141.95.98.65
142.251.166.157
142.251.176.156
147.135.71.24
147.28.129.37
15.197.193.217
162.248.18.37
185.184.8.90
23.36.206.138
23.51.53.13
23.73.244.44
2600:1f18:4e9:5a05:5fe:b313:24e7:89dd
2606:4700:10::6816:3456
2606:4700:10::6816:36ce
2606:4700:1::6813:824c
2606:4700:1::6813:834c
2606:4700:1::6813:854c
2606:4700:3035::ac43:bfac
2606:4700:3037::6815:1f8b
2606:4700::6813:9822
2607:f8b0:4023:1402::5f
2607:f8b0:4023:1404::5e
2607:f8b0:4023:1404::93
2607:f8b0:4023:1404::9b
2607:f8b0:4023:1404::9d
2607:f8b0:4023:140f::5e
2607:f8b0:4023:1413::84
2620:1ec:21::14
34.111.113.62
34.200.65.202
34.237.148.223
35.211.178.172
35.212.212.222
35.244.154.8
52.22.94.120
52.3.138.212
52.4.98.207
52.46.128.147
63.251.86.51
67.202.105.21
67.220.224.144
68.67.160.132
8.2.110.134
8.28.7.82
8.28.7.84
8.39.36.141
8.43.72.98
82.145.213.8
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525
0e4a12eabe185343c5a8630fb97c0d7cc17f508316d589d7353aa21f7de0718b
0e8d962750085c7e5d6482dfa37acf359cbe40d949e11acbefde7dabd550dfa8
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2c00a2b31c1b0c8b16a419a32ef5e1fe1ca51d0871cbc03ede20a12252233a7e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d232e960083273781aa206a79b87801a165be4c1f380b456c9052f8546e18f6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c914b1c04627d9c5cb3188c4b490de789aef2de035891eb79703a3d43372e93
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407571bf914f7fc37d433bb2331723d08982d94ad9568cba2d1b8bde13005a10
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
608e2f634446c9bae4d650622fb932892308993ca99a1258a2ad7fbc4a08dc50
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c8325554d93b902568120731557e70759862d170d7cf5cbd53c18c998692052
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9abf5c66ab4755aa0eeec28134e31c89a92ed9d2a824a69cc2b07562cdcae680
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a65791036da97c4e3df74db3665314241006b5475b7c3d40a10d169b62bd8acf
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac75ee18ee38cfe8609e9a70b6d1ebed0c7ac2a2bdbf22917d78fffe12caf0d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b143a7042cf4ee9d4b7582bc8abd54bfe0487476b560f3cdfc36e9b68012d0af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c622b165394c6c74bafb43bbac05002172f49b8a38b80f49438567de9bde3fb3
c9a8ba45663a5604297c4a9afe3d151ec473282467350a4488246c8fbd1541ec
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbc3decf9f40ea22c69229c6a4ccf4af1de85be11a2919708ac60e54edc2c435
cbce5fb4bcacf756f47f86d1669f7e2917919f69ca368a359fa690636855f0e0
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
cf8f65cabf7294a0ccc2a2a3dc2d879d193588df30f41933fede3166f6d6cee3
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0
dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8b989344fb07b529e5ac4044614e37c2110fcc53ad7ee118a5406c0682a721a
fc8ad001d8342ba5d00a7ca1720708209c54f48f1bd46c70bc26da1458fd86a0

bank.terselubung.id Open in urlscan Pro 2606:4700:3037::6815:1f8b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

145 Requests

73 %HTTPS

33 %IPv6

40 Domains

63 Subdomains

35 IPs

6 Countries

1369 kBTransfer

3774 kBSize

71 Cookies

0 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bank.terselubung.id Open in urlscan Pro
2606:4700:3037::6815:1f8b Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

73 %
HTTPS

33 %
IPv6

40
Domains

63
Subdomains

35
IPs

6
Countries

1369 kB
Transfer

3774 kB
Size

71
Cookies

145 HTTP transactions
4 data transactions