Submitted URL: https://link.bicolink.net/hYxwkoHTHw
Effective URL: https://mbantul.my.id/
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 23 via api from FI — Scanned from FI

Summary

This website contacted 31 IPs in 6 countries across 21 domains to perform 111 HTTP transactions. The main IP is 2606:4700:20::681a:6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 919487.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.
This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2a02:4780:3:c... 47583 (AS-HOSTINGER)
31 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.66.97.109 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 2406:da12:fbe... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
1 2600:9000:225... ()
1 34.102.146.192 396982 (GOOGLE-CL...)
7 2a02:2638:d::2 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.120.107.143 396982 (GOOGLE-CL...)
1 162.19.138.117 16276 (OVH)
2 35.190.39.111 15169 (GOOGLE)
1 99.81.60.238 16509 (AMAZON-02)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 178.250.1.6 ()
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:2638:3::9 ()
111 31
Apex Domain
Subdomains
Transfer
31 mbantul.my.id
mbantul.my.id — Cisco Umbrella Rank: 919487
1016 KB
20 googlesyndication.com
7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
99 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
661 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
csm.eu.criteo.net — Cisco Umbrella Rank: 8648
54 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 437
mug.criteo.com — Cisco Umbrella Rank: 2484
ads.eu.criteo.com — Cisco Umbrella Rank: 8549
cat.nl3.eu.criteo.com
rtb.nl3.eu.criteo.com
27 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 3
32 KB
6 adop.cc
compass.adop.cc — Cisco Umbrella Rank: 60511
data.adop.cc — Cisco Umbrella Rank: 67943
10 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208
261 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
111 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 378
17 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1637
336 B
2 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1525
google-bidout-d.openx.net — Cisco Umbrella Rank: 1519
408 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 845
id5-sync.com — Cisco Umbrella Rank: 439
25 KB
1 ltmsphrcl.net
c.ltmsphrcl.net — Cisco Umbrella Rank: 4959
334 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1618
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1648
2 KB
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1038
12 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1651
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 82
1 KB
1 deimoney.com
link.deimoney.com
504 B
1 bicolink.net
link.bicolink.net
434 B
111 21
Domain Requested by
31 mbantul.my.id mbantul.my.id
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
mbantul.my.id
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
mbantul.my.id
tpc.googlesyndication.com
7 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com mbantul.my.id
www.gstatic.com
www.google.com
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 compass.adop.cc mbantul.my.id
3 www.googletagservices.com compass.adop.cc
mbantul.my.id
3 cdn.jsdelivr.net compass.adop.cc
securepubads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 gum.criteo.com 1 redirects static.criteo.net
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 data.adop.cc mbantul.my.id
1 rtb.nl3.eu.criteo.com 7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com mbantul.my.id
1 mug.criteo.com mbantul.my.id
1 google-bidout-d.openx.net oa.openxcdn.net
1 c.ltmsphrcl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 oajs.openx.net oa.openxcdn.net
1 f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 fonts.googleapis.com mbantul.my.id
1 link.deimoney.com 1 redirects
1 link.bicolink.net 1 redirects
111 33

This site contains no links.

Subject Issuer Validity Valid
mbantul.my.id
GTS CA 1P5
2023-07-05 -
2023-10-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
adop.cc
Amazon RSA 2048 M01
2023-02-28 -
2023-10-29
8 months crt.sh
www.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-06-27 -
2023-09-25
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
cdn.prod.uidapi.com
R3
2023-05-18 -
2023-08-16
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-05-28 -
2023-08-26
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-27 -
2023-08-27
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4
2023-07-14 -
2023-10-12
3 months crt.sh
*.ltmsphrcl.net
Amazon RSA 2048 M02
2022-11-07 -
2023-12-06
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-21
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-18 -
2023-08-18
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-07 -
2023-08-30
3 months crt.sh

This page contains 17 frames:

Primary Page: https://mbantul.my.id/
Frame ID: 0EB8BF31DC485E6871AC525436D66035
Requests: 39 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: 4407EDEE5A51DA2C5484DF859718A997
Requests: 20 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: 0B66C47CC9D65941F7FDAB6ABCFF7574
Requests: 9 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/11d067eb-bd90-4cae-aac6-6ab647e825a5?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=11d067eb-bd90-4cae-aac6-6ab647e825a5&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=320&size_height=100&
Frame ID: 6B0AD79C170F3F0BE4D4481EA2A5A59D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Frame ID: 41133D4033D6F39C4C3D1B1A7F14893D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr
Frame ID: EE0AE74A5DA14C69D6832E98F9E0E924
Requests: 3 HTTP requests in this frame

Frame: https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 84EFB17D40AD81BC0C4F15D07F575984
Requests: 1 HTTP requests in this frame

Frame: https://f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8C1C7F60236175D8C30231EEDDFFE832
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: 7A4BAADE1D8625C836E78ABEFADEC4C2
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5EFB4DE568E425EB91FAC2B39438FAC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86BAFBD56409448608292270036A05E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E445DD544A560F24F4679D1E348005E0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC34C45B860FB147D3932B8F76822A51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E892E7CAEAD1C86632D30820EFAB2E3
Requests: 2 HTTP requests in this frame

Frame: https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E924727D626D4419D1B1BC3A893E1733
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Frame ID: CE964E01604E8DCFB8575D47159C1311
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: 9F9DA57D32F47BB7D4F905CE43FF836C
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

  1. https://link.bicolink.net/hYxwkoHTHw HTTP 301
    https://link.deimoney.com/hYxwkoHTHw HTTP 302
    https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHV... Page URL
  2. https://mbantul.my.id/ Page URL
  3. https://mbantul.my.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

111
Requests

99 %
HTTPS

66 %
IPv6

21
Domains

33
Subdomains

31
IPs

6
Countries

2340 kB
Transfer

4745 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.bicolink.net/hYxwkoHTHw HTTP 301
    https://link.deimoney.com/hYxwkoHTHw HTTP 302
    https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ== Page URL
  2. https://mbantul.my.id/ Page URL
  3. https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link.bicolink.net/hYxwkoHTHw HTTP 301
  • https://link.deimoney.com/hYxwkoHTHw HTTP 302
  • https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Request Chain 80
  • https://gum.criteo.com/sid/json?origin=publishertagids&v=1&domain=mbantul.my.id&sn=SafariSyncframe&so=0&topUrl=https%3A%2F%2Fmbantul.my.id&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IFxJ93xTLzJtYU92UXRMN1VhaEdVVVVCaHRrNkhUSkdOM3F2ekFxc2NZRVovWG05cEFNTVVvWW13WkJ5c05NN0F1alhUd0cveDIyNFl3VmU4dGV0enlLeldqSlJtdjJjMUZJNjhqVWR5V1AzRmkzVVdVS2hNM0t3WWlaUS9BQVQxeXhENURiMXZwTGVqSnRrSHR3OFl2OEVjbC9HRC9vSTVlNlpWNmVZV2RpRU1NeWxkMnhnc21raHJRVnI2N3VubThXb1F4RjM4bTh3NHJHUS9GUWZPNlVBWndnTi9jR0twZHZMc3lVUmhRaEdoTFJVVk1ZaVZFbWs2eW4wa3FBOWszWUw1RG5Zajg0Zm5JRnZGcUZHd1l3SWNzdz09fA&cppv=2

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
mbantul.my.id/
Redirect Chain
  • https://link.bicolink.net/hYxwkoHTHw
  • https://link.deimoney.com/hYxwkoHTHw
  • https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
559 B
849 B
Document
General
Full URL
https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7eb19b055c39d922-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 05:43:24 GMT
link
<https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83AzsU18u%2FyHyDTd6Fm3ka0GTb1fFKRo5ushgo5381%2BUkE5V6TxnYKBRSKoqvPqIfQORRmxvUEdG0mxLPdrZqt5q%2F1ZszunYuORsxjmbkbv1M53eIxL0P1HPIqJzP1bTvE2RzCWgsnfUqoE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 05:43:23 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
/
mbantul.my.id/
1 KB
1 KB
Document
General
Full URL
https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
ed5725ed690370b16771c987e93bb3f388e8ffbccc47afda73f0902f1fa22935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7eb19b09994fd922-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 05:43:24 GMT
link
<https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGEW1RrQhF53VDCUh3fEi99t3PpI6VEISoV1A2EzHG0v1eQXDR2PlutXlK2FFXrEDVPSHQ5xnnR1JQBM05In%2F%2FuTUxa2ENKZ5JEekaYBNmC8blesVwtlRWvgkWzVeR7SItPVx9w6HAYzkTs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
Primary Request /
mbantul.my.id/
136 KB
39 KB
Document
General
Full URL
https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
b454caa86a1d37acb42f63ce6286e95d76b444bf4eabd15aabeed7d5eb5290a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7eb19b0bbc1ad922-HEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 23 Jul 2023 05:43:25 GMT
link
<https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4C956UwAHdml%2BSiAls4%2B0tz3jJtmgiohGzdTYz8YIosE2bw8YECsl0Loxo9rOrPVpYkSvhlhRxZd1Rctlab%2FTwterMMWtgDjIRWVSv3qOVBLf8KYZY6s5bMQciezc9krr%2Bz5lfogyD6X70%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/
95 KB
13 KB
Stylesheet
General
Full URL
https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597773
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Thu, 09 Mar 2023 22:52:38 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1VkQxORBegtMQsODU3LqMr9t43IRUZLr9vbytoONhWdW0ijPidRurUzk59v5mPQ8FzkgZAZFT71TlwTGgtFHZsCzT2EJF2QGHWQJ%2FLAFSC70SWhT4kQc55hsCdhPswmL3GvtYWz5UzZ%2Fvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eefebd922-HEL
expires
Sun, 23 Jul 2023 07:40:32 GMT
classic-themes.min.css
mbantul.my.id/wp-includes/css/
291 B
704 B
Stylesheet
General
Full URL
https://mbantul.my.id/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160264
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Mon, 13 Feb 2023 19:20:20 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K14abRlCQ%2FILF9sPu4R1zmM4IanLlv6xcKcqKOKy%2Fjy6mPCst%2FNDl7%2F7aqICHUom5ug0XwkBpk1OxGT99o1cgQJFGmbdYaY6lyIbMcuJFr456JJBixx%2BvUnbVlkzWNMUQbqrj%2FX17bgFTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eefedd922-HEL
expires
Fri, 28 Jul 2023 09:12:21 GMT
style.css
mbantul.my.id/wp-content/themes/gridmax/
88 KB
14 KB
Stylesheet
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/style.css
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
567148
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hMYKvsaKvtthJTAMk59POIrtjs6EQNswdRv5cDUBveUsk9CMekBd5s96WjwfdeyjU1VkgeZyAsO7W1uhoAcnetUEKTWKjHHiNVuIxodRdPaewv%2B%2BxnxZE1LH38Z48mUE%2FZ13CkhZZnjwpg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eefeed922-HEL
expires
Sun, 23 Jul 2023 16:10:57 GMT
all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/
56 KB
12 KB
Stylesheet
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
383566
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHmlR0q%2B8eTJN3EsCYeGqxVVi4CgxmaizEhMAQNyjqjvs0U2g6s7cZpKkvpRRC1uSeJ7WQ97PKGBxlj0rgui3pa%2B8peNDCw3wGGxzt3KtejXDquXijPwOZlAD4iTsk626ERyb%2FwE0zejmEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eefefd922-HEL
expires
Tue, 25 Jul 2023 19:10:39 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6dd5a511c94fa3349b845abd013e9ba355dbb5b5c250d1197663fed0e72e2e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Jul 2023 05:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 23 Jul 2023 05:43:25 GMT
jquery.min.js
mbantul.my.id/wp-includes/js/jquery/
88 KB
32 KB
Script
General
Full URL
https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301666
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Wed, 08 Mar 2023 17:07:34 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fD7ctPQOugSgZw8eXkXk8hB2l5PbyZIlfr2ujf1Ks5ddnMHd7QvTrkiiQDO2RDkAIr0DgGXo9Q823D3TNH6GoRIF7Y8wgr%2F6qfJq%2FkXnLErotDM4zHevz3egdBS4wEm5VJrcfCuo9ZyYW5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eeff0d922-HEL
expires
Wed, 26 Jul 2023 17:55:39 GMT
jquery-migrate.min.js
mbantul.my.id/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
383566
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Mon, 06 Feb 2023 19:29:16 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9eLQzSpW%2BRio3Hflriv5oxrcS%2BCriAxwvst9UEJa48biEtMptsNjvodLrrkeTi21poLkh43vzIkFitKaNpp2qdH4kozVrZH9Ach1950YpSxXmo0rA%2Be%2B%2BdGQtrbwLlA5p5EPgi4USUhbcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b0eeff2d922-HEL
expires
Tue, 25 Jul 2023 19:10:39 GMT
cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/
2 KB
3 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
382399
x-powered-by
Niagahoster
content-length
2489
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:36:28 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bh2hoNlIcbyUnJ9uqZQ2jUf%2BFbyBG6lwYArZIQPxlD6YtJ3j3ac6Dep0YOobRrhFR69m%2BmdJDo8qXfGzBRYwZcK3peodQdzxnP54BP6XyDB0sceuiWVgbNhA4%2BjEDDHv1I5uXK778EsHdVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039b6d922-HEL
expires
Tue, 25 Jul 2023 19:30:05 GMT
adopJ.js
compass.adop.cc/assets/js/adop/
3 KB
2 KB
Script
General
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:41:55 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
90
x-cache
Hit from cloudfront
content-length
1921
last-modified
Tue, 11 May 2021 09:31:17 GMT
server
nginx
etag
W/"609a4ee5-d6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-id
1fDKf6dlm54xjyr637h3zIuTgpUastARlxJ_gV-CdLZ5Wtk_4__hag==
expires
Sun, 23 Jul 2023 05:51:55 GMT
api.js
www.google.com/recaptcha/
850 B
878 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6252499ba5cacca024e61f458c4c259f3ca4daea2cc3cd32f58cb124b16fe93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 05:43:25 GMT
output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/
9 KB
10 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336770
x-powered-by
Niagahoster
content-length
9505
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 18:41:00 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FICKBjlT3n0YP7avt2btBveAA6RlhJV7lkrrHk1Auwp7h0laTh30XRikFelTLaEMiafqViyJRYNsbxD5Kqt1tYI7JWxKadKMZ4fWncP42NxS8yNVN1n5aIuAaIbeNn6rafNLeEw0swdNLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039b7d922-HEL
expires
Wed, 26 Jul 2023 08:10:35 GMT
htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/
73 KB
73 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109466
x-powered-by
Niagahoster
content-length
74563
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:47 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv8ejrg%2B052SIL3GOZukihHoRPeaOoKMnU6IT05t9YetdUtmXIQi5q4XASgqcC%2FEEobCy5pTdz1vAk%2FN5mXaX8CgpM8Af%2FYCGwxAUKUu0TFvoKoTgipHn%2B9Z4f3ZpMmMueS7S%2Bvlk8VbVII%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039bad922-HEL
expires
Fri, 28 Jul 2023 23:18:59 GMT
ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/
14 KB
15 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192630
x-powered-by
Niagahoster
content-length
14474
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 18:41:18 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDjaNccwqHbejLuGOBHVscCGsOQfQKcN%2BWadhojbkSxVQs6yj6ymiAstx2jcTAXjO6T41GpJFEUV8FKB4jw4fNCzz%2FVUuTUJsDCuFbnBX5lcLOBuPxCnrnIWHO15dwmQs7l%2F8ob7SJiF1NE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039bcd922-HEL
expires
Fri, 28 Jul 2023 00:12:55 GMT
output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/
10 KB
10 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
383564
x-powered-by
Niagahoster
content-length
9923
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 18:41:27 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rI50kM44C8Xctaik4L5vkWnpVlgbNda2lsyCjissyVS4ss%2FJaVbVxNfVAifw7jFR3Z%2B%2BQquV7AvnTNSimRd0p4TJxxfBvf0RJYUKkgLl2VB5MjNwM8yBAhmfLE5jXJov8pzKhfaA2qUMoP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039bed922-HEL
expires
Tue, 25 Jul 2023 19:10:41 GMT
close.png
mbantul.my.id/wp-content/plugins/floating-ads-bottom/images/
718 B
1 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/plugins/floating-ads-bottom/images/close.png
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333708
x-powered-by
Niagahoster
content-length
718
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:48:17 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Lvj2Jlk2Yg3LWewMB6fV0kWm5DvWbB1qv0bJlHIrmOmuJ4cKKD%2FiKnS6x%2F3Yj25F76lYxF3cbF%2F1F37ZyRHDExTBpjjTBzPDLrPTT4%2FVKMeJIdErN2%2Fsti7gwKmx79MnUuMCaD3BqpZRK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b1039c0d922-HEL
expires
Wed, 26 Jul 2023 09:01:37 GMT
jquery.fitvids.min.js
mbantul.my.id/wp-content/themes/gridmax/assets/js/
2 KB
1 KB
Script
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
516196
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlVbVvet7uEmmnH7Cz1PRiOJaLoEk7C40DyeQMc3UyQ1rWMFFBZjWq8DoVcDD0wl2SNEZOizJuDoe5EBxJz6gFEjlVhDxd%2FpUaKsuCWIL6n3IJJCeQ8LoQrNYqoY0fJMVTP0Iy%2FWYdcK8jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b10298cd922-HEL
expires
Mon, 24 Jul 2023 06:20:09 GMT
navigation.js
mbantul.my.id/wp-content/themes/gridmax/assets/js/
9 KB
2 KB
Script
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
382400
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z10KQ0r1Yl6nwwV%2FqeA0Px%2BBwuCBqn4NJ%2Bj2e3knHBClICPu9e3CizZ9tANMtZlxDZ9ZC4rFBDupe4oE32dy4Dv7OjkpgzYt5JG0kPngByuKp9KtOBpmw1zWX%2FTAfTt%2FvkLja7oJ41uGW3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b1039aed922-HEL
expires
Tue, 25 Jul 2023 19:30:05 GMT
skip-link-focus-fix.js
mbantul.my.id/wp-content/themes/gridmax/assets/js/
834 B
706 B
Script
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
382400
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmMAP042xZNtLf179cM4hiWQ6Br71RKHZuFGrNWn1d7E4V7BCRFVkiHSHE14FrGoNPy6M6yym28rD4kqdRuCrad%2FHJMQvYXqtf7iX3nqUQoUX1tmc%2FSgpBV46TqqqX1nCYqj1Q748gnXA9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b1039b0d922-HEL
expires
Tue, 25 Jul 2023 19:30:05 GMT
custom.js
mbantul.my.id/wp-content/themes/gridmax/assets/js/
6 KB
2 KB
Script
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160260
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PM26xg1ePdkKBT%2B3lNwoJM1t6wv0f7uNx1pbhHhMOgW76vnEiYKn3Mlkpkfre1GNlOXTazoerds6xmw%2BEt3t1%2F%2FHvKmdvjHlD61wGKp6Ib9faGm73gJyGEVqOBuXkgnk%2BjGqi6X%2BcV%2B3Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b1039b1d922-HEL
expires
Fri, 28 Jul 2023 09:12:24 GMT
html5shiv.js
mbantul.my.id/wp-content/themes/gridmax/assets/js/
10 KB
3 KB
Script
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
554102
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD4xxJxMuXy6fL9SMxrHY2w3CRPdYBsWQ1xFfKfmHD98FNZVC654LoEPCJVKmqjYDx4rTetI%2BM8kqzJREZ%2BYIdWfQWf8cNq%2BU8X22WFcooHGN8LM8T0VKp8pioAPVyNfoWO%2FN9RLeSPpA94%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b1039b3d922-HEL
expires
Sun, 23 Jul 2023 19:48:23 GMT
wp-emoji-release.min.js
mbantul.my.id/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
383564
x-powered-by
Niagahoster
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Wed, 01 Feb 2023 23:23:26 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qsJbM%2B0j07huC9EU3kmz8q4KdZ4J57sFI82vfVGXx%2BrTU4CFYRL9A3GvfGHaHdYeN5I6umyuj4SAOltsGQSS8peYhtcd%2BGnppYzOBBESuQq4F1bQau%2BBizNxws%2Fp9g6p5rWTbImGlEF0fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7eb19b1039c1d922-HEL
expires
Tue, 25 Jul 2023 19:10:41 GMT
MjQGmil5tffhpBrknt6sfbuAsL8.woff2
fonts.gstatic.com/s/maitree/v10/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfbuAsL8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86c53d5f1892ffd95cda8cb8fd0ae018503eff1c071bb800ffd260c9a37bbc7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 21 Jul 2023 22:11:47 GMT
x-content-type-options
nosniff
age
113498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12560
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:58:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jul 2024 22:11:47 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v32/
35 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 20 Jul 2023 16:57:13 GMT
x-content-type-options
nosniff
age
218772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36036
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:46:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 16:57:13 GMT
rnCu-xZa_krGokauCeNq1wWyWfSFXVAKArc.woff2
fonts.gstatic.com/s/dmseriftext/v12/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXVAKArc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a69bceabc68343672a39c6cee07e493ff3e9224bac64bff87f8438174ade0198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jul 2023 00:14:42 GMT
x-content-type-options
nosniff
age
365323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17432
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:33:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jul 2024 00:14:42 GMT
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/
431 KB
174 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Jul 2023 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177378
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 20:28:07 GMT
fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/
74 KB
74 KB
Font
General
Full URL
https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
252740
x-powered-by
Niagahoster
content-length
75728
x-xss-protection
1; mode=block
last-modified
Sat, 06 May 2023 19:33:49 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYAnRiVD%2FcBqg%2FaVfaM0WvvbU1DMsS0UeMh45AHjLaskbJBudZ4vGYzElV0uJzrEJULDPQne8FnjQKU2dzau%2FhdFvPA59Tcrm3dmCCJbed2XKhPdZ44L8Sw6ar6DojAi6RCo5CciYd2ypIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b128c8cd922-HEL
expires
Thu, 27 Jul 2023 07:31:04 GMT
j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-MLQwFIg.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-MLQwFIg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0035ea54756f3d0680a0f9776c34da4fe9510cf3a6e191a95c93c6288ea39764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mbantul.my.id
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Jul 2023 21:47:06 GMT
x-content-type-options
nosniff
age
374179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:47:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 21:47:06 GMT
htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/
84 KB
85 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
383565
x-powered-by
Niagahoster
content-length
86224
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:46 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7m7bWMXgMPP%2Fj%2Bf9I6zRQ9EC1q8YX3chcUak3h5tVkFeC%2FNuWvizbcTdKL1lQNQBecrcMRNYZfPfeFanrmDVNSOnZeIG30C8YoQtihhB%2BaD8ws4J12whSok5PPIMZtJbTtmvMcoQ4NM48w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129c98d922-HEL
expires
Tue, 25 Jul 2023 19:10:40 GMT
htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/
107 KB
108 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134952
x-powered-by
Niagahoster
content-length
109683
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:46 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC4%2BCQ5SSAB5IZFZ8FweEjfXA3b%2FfzyvtgiM9F5giydIdmtlp5IObBJizBIJ%2FBDeisPRJytOnBfBxPw%2FFKVOA3tc1%2BvinBzAXT0QJTVVKlR4GAQioUdHU4fzPpQ8WPY%2FYwLWFh4GzNZUfuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129c9ad922-HEL
expires
Fri, 28 Jul 2023 16:14:12 GMT
htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/
87 KB
87 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192520
x-powered-by
Niagahoster
content-length
88613
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:45 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO%2FoOUo9TPk9aTh6NreOjbiAiLwr9MBophXik%2Frdlj5%2BRjQsrIyA5SBqeL8zybJtwI2%2BHiEwy7c9fxjBURom1841uRgAlptUtfqxtGzQKfh90BzOMpr5GBE%2FMvbRKI0TDGNxUhoSbt0Pa40%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129c9cd922-HEL
expires
Fri, 28 Jul 2023 00:14:44 GMT
htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/
81 KB
82 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144443
x-powered-by
Niagahoster
content-length
83210
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:45 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvTn1fQhNcsUM3k0UiMQsOxsX8%2BbyvoLpiDeFrUTmOgMRib3Q%2FZB4x%2B6ghFzV8TvdzHqLXFVG7q1O%2FcWqzeRTin4zVvzm%2Foq3K8tuE9Lyu7zTzzN4EPFLxU%2BB4gyRvYx%2BfbpETcvEWELXGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129c9ed922-HEL
expires
Fri, 28 Jul 2023 13:36:02 GMT
htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/
62 KB
63 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425046
x-powered-by
Niagahoster
content-length
63746
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:44 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGV84IEHoL2OjgB6Mwem3Rt6LHm%2FWKpJeOloNsAP3Lp4wudhrr%2BLd4USIxl5hmdbQO0O5D5LfSeKGJRmnaa14ywo%2BI1RjqD2ltye%2Fo99ranLsIWCvPvQmDU0aAiNE6umrvruC%2BufMNfVSdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129ca0d922-HEL
expires
Tue, 25 Jul 2023 07:39:19 GMT
htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/
78 KB
78 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144442
x-powered-by
Niagahoster
content-length
79469
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM1nk6lbBBAcN080AUkOqRabNv3uYQOyye%2F7iFD1K1GsTC5eIbKgvr1zBkLNIKyOnTJnpcOwS7G0TJ2GMRLbZTQMINDxpEIZSNrXga%2Fb83pkW4IuSbMVqYwbgPAB3bAxQ3Q5usXQJCSYoDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129ca2d922-HEL
expires
Fri, 28 Jul 2023 13:36:03 GMT
pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/
34 KB
34 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324755
x-powered-by
Niagahoster
content-length
34306
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:55:01 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyiCzAlUYUk7pwbe8MQmkOFZziBB3es4hg6dV1C3Nos9tgSPGK0eruCEyv6NnaPjmXFAW5JndQBdDpV2e%2F1rTKKHcfjKn5qByA7RYQfAZym4jmQEJjPjRJRL%2F8g3u4FKmyqmhqmW0%2FIYkOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129ca3d922-HEL
expires
Wed, 26 Jul 2023 11:30:50 GMT
htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/
81 KB
82 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144442
x-powered-by
Niagahoster
content-length
83351
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bip5fxawKdnz4axn4ecF2pd1KOaMMbsi9jS1qYXFrhQ%2BN5VPUYfWZxTSNf%2FEeRsKgL9lwKNYTjRODTjc02vCXMv8JKIh2Nv2LpPzmvkDQ2tebEQEpxcAJA3lz0uPj71kgH6ztIhIReV7gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129ca4d922-HEL
expires
Fri, 28 Jul 2023 13:36:03 GMT
htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/
80 KB
81 KB
Image
General
Full URL
https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Niagahoster
Resource Hash
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
159309
x-powered-by
Niagahoster
content-length
81955
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Sat, 06 May 2023 17:36:42 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfqBwcFxky02pfTwX0gEIvHBhVZbxTfkwfaiRERP%2BMlBzvF5fmpxEyw7r0FNucGahxHGj1BorfL2yA9Jj1OwXVwxfWhgDHbQeGWuCyJEYYeJnEBKJ35un7Z4XCCD2uwd3CsHtJXfhAe7zCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7eb19b129ca5d922-HEL
expires
Fri, 28 Jul 2023 09:28:16 GMT
8e606d93-713b-41ab-8a38-28505529c9a1
compass.adop.cc/RE/ Frame 4407
9 KB
4 KB
Script
General
Full URL
https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
fe1df2e690ba0e22e66493d02a0c77907cf4e4bcaf218905f1567829567af202

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.4.15
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-length
3013
x-amz-cf-id
PD6S6mS2W9TxS75NiLJYgMVUHkIfD0t3JGLUVLqGxvkC_P6EvXgM5w==
ee2791d8-e821-4cfc-aae3-2e1c82f20b9d
compass.adop.cc/RE/ Frame 0B66
9 KB
4 KB
Script
General
Full URL
https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
92b7d71c9d5f7ca011fae44df7360d2dff08c38272ce05684387691fe356692f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.4.15
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-length
3013
x-amz-cf-id
R7nqpPahJQxitBI9wsmx-abprN9iguP2ZF-KPGLy4doQ0UrCB6c7zA==
11d067eb-bd90-4cae-aac6-6ab647e825a5
compass.adop.cc/RE/ Frame 6B0A
56 B
574 B
Script
General
Full URL
https://compass.adop.cc/RE/11d067eb-bd90-4cae-aac6-6ab647e825a5?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=11d067eb-bd90-4cae-aac6-6ab647e825a5&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=320&size_height=100&
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
0b047a80128a833973c150792dd84e930ffb7349ac1e7296881c30d3de9c9816

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.4.15
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-length
69
x-amz-cf-id
vVTt2bdOHbO2MhLmb_TOF7xI3CcA_GHxa0hkccHje1BWH7gqOqtSpQ==
anchor
www.google.com/recaptcha/api2/ Frame 4113
51 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8694c6a78a569b11eb139357bcdff22dfbc1fdea8323391bae227a3ae7f6ab39
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-0WDSRJWuYGPtSK6FZOtVmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28658
content-security-policy
script-src 'nonce-0WDSRJWuYGPtSK6FZOtVmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adop_sdk_p4.1.0.min.js
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 4407
18 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Jul 2023 05:43:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
40781
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8217
x-served-by
cache-fra-eddf8230031-FRA, cache-hel1410032-HEL
x-jsd-version-type
branch
etag
W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gpt.js
www.googletagservices.com/tag/js/ Frame 4407
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
825706ed843ddd06a618563159e891246b26a37aa6404f9552fc1aacc22dcdbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27897
x-xss-protection
0
server
cafe
etag
514 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 05:43:26 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 4113
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 00:47:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 00:47:28 GMT
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame 4113
431 KB
173 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Jul 2023 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177378
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 20:28:07 GMT
collect.php
data.adop.cc/ Frame 4407
0
141 B
Image
General
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNzIzMDU0MzI2IiwiY3RyeSI6IiIsImFjaWQiOiItMjMwNzIzMDU0MzI2LTE2ZWUwNGMyNWM4MzQyMjAiLCJuZXQiOiJHb29nbGUgQU0gMzYwIiwiemlkIjoiOGU2MDZkOTMtNzEzYi00MWFiLThhMzgtMjg1MDU1MjljOWExIiwidWEiOiJNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE2XzVfMSBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDUuMS4xNSAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTYuNSBNb2JpbGUvMTVFMTQ4IFNhZmFyaS82MDQuMSIsImJyb3ciOiJNb2JpbGUgU2FmYXJpIiwiZGV2IjoibW9iaWxlIiwib3MiOiJpT1MiLCJpcCI6IjE4NS4yMDQuMS4xODEiLCJmbG9jIjoiaHR0cHM6Ly9tYmFudHVsLm15LmlkLyIsImZwIjoiMCIsImNkdCI6IjIzMDcyMzA1NDMyNiIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJNYmFudHVsJTIwJUUyJTgwJTkzJTIwVHJhdmVsJTIwV2FudGVkIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=cfaae875-89ad-4624-b24f-4c6727e1192d&r=E8WEap3
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da12:fbe:4202:9d7e:f04e:f02b:38fa Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame 4113
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ Frame 4113
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4113
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jul 2023 00:33:37 GMT
x-content-type-options
nosniff
age
364189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 26 Jul 2023 00:33:37 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4113
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 17 Jul 2023 16:40:53 GMT
x-content-type-options
nosniff
age
478953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10748
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jul 2024 16:40:53 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4113
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
079c1b73c3949a4d53271f7646fc3697999abbfe0d4b437089a72b3d35977fdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&size=normal&cb=z8d3bhbbc9ov
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 23 Jul 2023 05:43:26 GMT
adop_sdk_p4.1.0.min.js
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 0B66
18 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Jul 2023 05:43:26 GMT
x-content-type-options
nosniff
content-encoding
br
age
40781
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8217
x-served-by
cache-fra-eddf8230031-FRA, cache-hel1410032-HEL
x-jsd-version-type
branch
etag
W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
gpt.js
www.googletagservices.com/tag/js/ Frame 0B66
81 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45ae12e16d65e572999abae5c756cd054f207b30fd3027d332578fc93952f3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27897
x-xss-protection
0
server
cafe
etag
811 / 19561 / m202307180101 / config-hash: 3532551707473895787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Jul 2023 05:43:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 4407
385 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 02:22:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12065
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 22 Jul 2024 02:22:22 GMT
collect.php
data.adop.cc/ Frame 0B66
0
140 B
Image
General
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNzIzMDU0MzI2IiwiY3RyeSI6IiIsImFjaWQiOiItMjMwNzIzMDU0MzI2LTE2ZWUwNGMyNWM4MzQyMjAiLCJuZXQiOiJHb29nbGUgQU0gMzYwIiwiemlkIjoiZWUyNzkxZDgtZTgyMS00Y2ZjLWFhZTMtMmUxYzgyZjIwYjlkIiwidWEiOiJNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE2XzVfMSBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDUuMS4xNSAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTYuNSBNb2JpbGUvMTVFMTQ4IFNhZmFyaS82MDQuMSIsImJyb3ciOiJNb2JpbGUgU2FmYXJpIiwiZGV2IjoibW9iaWxlIiwib3MiOiJpT1MiLCJpcCI6IjE4NS4yMDQuMS4xODEiLCJmbG9jIjoiaHR0cHM6Ly9tYmFudHVsLm15LmlkLyIsImZwIjoiMCIsImNkdCI6IjIzMDcyMzA1NDMyNiIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJNYmFudHVsJTIwJUUyJTgwJTkzJTIwVHJhdmVsJTIwV2FudGVkIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=4ebca61b-8cf8-4b91-b33f-b5424c04a4e4&r=Eg8cstu
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da12:fbe:4202:9d7e:f04e:f02b:38fa Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bframe
www.google.com/recaptcha/api2/ Frame EE0A
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a33dd3f6ada7e87ec750c3495949fe09641ad9316432248549eea0076afd543
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-ONDZ8kl76hQhIJJq_qLywg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1168
content-security-policy
script-src 'nonce-ONDZ8kl76hQhIJJq_qLywg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 0B66
385 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 02:22:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12065
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 22 Jul 2024 02:22:22 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame EE0A
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 00:47:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 00:47:28 GMT
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ Frame EE0A
431 KB
173 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__fi.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=iRvKkcsnpNcOYYwhqaQxPITz&k=6Lfen0YnAAAAALQZB-u_jKZYD24-DWMvnK1bCbJr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 18 Jul 2023 20:28:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177378
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 01:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 20:28:07 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 4407
732 B
817 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 23 Jul 2023 05:43:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
23005
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-hel1410034-HEL
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ Frame 4407
102 KB
25 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
RSGEQ3TMYY4N1ZTV
age
2339
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7eb19b1c5d8fd947-HEL
x-amz-id-2
ClzlsYvLJYc9Eo875q/vdJecjgJ4MRT0Q0XFx4PfHBkkIV+wj3cuIxExZO/fsImFzYOEKXFivGo=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ Frame 4407
1 KB
2 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
16afa79f5ba5090e592df713d98f2f65
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ Frame 4407
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
11347
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
DBmtvB2_JTT5OUiUeQEJLyMoN_pterfVDSMuuU5ycX1tNYZv_hCaaQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ Frame 4407
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e600:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
Date
Sun, 23 Jul 2023 00:56:56 GMT
Via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
17192
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
i1SHPFMTxOPbqN4KQImgN5tiVdD6BmU176N0LUi0o0n28o_wVZanaQ==
esp.js
oa.openxcdn.net/ Frame 4407
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 19 Jul 2023 18:29:03 GMT
content-encoding
gzip
age
299664
x-guploader-uploadid
ADPycdsIvgDROoPyws1TqwswD7JjyfxEn1XTlTc3Tk9s3IFFdJu_4ul194BQBow7gY3VbqS8MqOoYwmVVLKKAKNujPiAb0HNz1_L
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 18 Jul 2024 18:29:03 GMT
publishertag.ids.js
static.criteo.net/js/ld/ Frame 4407
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Jul 2023 05:43:27 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4407
41 KB
15 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2209667267909364&correlator=1985784322793876&eid=31072019%2C31076312%2C31075593&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=1&adks=3298229207&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1690091007338&adxs=632&adys=116&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=v0kb2g76excq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=336x0&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=1829271891.1690091007&ga_sid=1690091007&ga_hid=1917748449&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3tqYipgxSABSAghkEhkKCnB1YmNpZC5vcmcY3tqYipgxSABSAghkEhcKCHJ0YmhvdXNlGN7amIqYMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRje2piKmDFIAFICCGQSGQoKdWlkYXBpLmNvbRje2piKmDFIAFICCGQSFAoFb3BlbngY3tqYipgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRje2piKmDFIAFICCGQ.&dlt=1690091006019&idt=1291
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f786ac1f6f18e8e05f4f256d2df519a82449e0b7cafb240c17294693ab93dca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15007
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mbantul.my.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84EF
6 KB
3 KB
Document
General
Full URL
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:27 GMT
expires
Mon, 22 Jul 2024 05:43:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0B66
736 B
763 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1741164496078256&correlator=35966292709942&eid=31076312%2C31075029%2C31075149&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_300x250-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2500540231&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1690091007371&adxs=650&adys=2126&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=avy09xqv962j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=30348776.1690091007&ga_sid=1690091007&ga_hid=1540157848&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3tqYipgxSABSAghkEhkKCnB1YmNpZC5vcmcY3tqYipgxSABSAghkEhcKCHJ0YmhvdXNlGN7amIqYMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRje2piKmDFIAFICCGQSGQoKdWlkYXBpLmNvbRje2piKmDFIAFICCGQSFAoFb3BlbngY3tqYipgxSABSAghkEhsKDGlkNS1zeW5jLmNvbRje2piKmDFIAFICCGQ.&dlt=1690091006029&idt=1332
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b41c38c565e529c0cb0e406e7d5897ffd2f75bd3a18a0e8b1411be40b87ff37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
370
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mbantul.my.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C1C
6 KB
3 KB
Document
General
Full URL
https://f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:27 GMT
expires
Mon, 22 Jul 2024 05:43:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/ Frame 4407
2 B
240 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
via
1.1 google
x-powered-by
Express
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mbantul.my.id
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
increment
id5-sync.com/api/esp/ Frame 4407
0
322 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mbantul.my.id/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mbantul.my.id
date
Sun, 23 Jul 2023 05:43:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ Frame 4407
241 B
336 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a2cda135cd85ddc5b6d0c6cce9a8fa5353e6b2c2f7a8d95ae743be529a3a51c

Request headers

Referer
https://mbantul.my.id/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
8238a60a6644ebb8ad28f50139582fe3
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
encrypt
esp.rtbhouse.com/ Frame
0
0
Preflight
General
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mbantul.my.id
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://mbantul.my.id
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 23 Jul 2023 05:43:27 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
1236be8b2d58ccbb7be9b45f4b6b1dc1
map
c.ltmsphrcl.net/6/ Frame 4407
60 B
334 B
XHR
General
Full URL
https://c.ltmsphrcl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.60.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-60-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
860f907e2cd21aee1fde95ea3b2c248f92a0a41f1bc3d9ff2abd067baa4ef293

Request headers

Referer
https://mbantul.my.id/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 05:43:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://mbantul.my.id
cache-control
no-cache
x-server
10.45.0.191
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 7A4B
16 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a8d2a9d2687915c91eecb6452b0d7628a39d59618ef1fa427cfb383c6f17105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:27 GMT
server
Kestrel
server-processing-duration-in-ticks
291395
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4407
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c08d578697860105b46d66d921db7cfe3af6e90f92840723f73d72fdabbde32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11767
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0B66
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
016ca8c25c494b4ba941651c30d05238316928c71bc7cd58535dad34dd7c4bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11700
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 5EFB
0
168 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 23 Jul 2023 05:43:27 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sid
mug.criteo.com/ Frame 7A4B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&v=1&domain=mbantul.my.id&sn=SafariSyncframe&so=0&topUrl=https%3A%2F%2Fmbantul.my.id&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IFxJ93xTLzJtYU92UXRMN1VhaEdVVVVCaHRrNkhUSkdOM3F2ekFxc2NZRVovWG05cEFNTVVvWW13WkJ5c05NN0F1alhUd0cveDIyNFl3VmU4dGV0enlLeldqSlJtdjJjMUZJNjhqVWR5V1AzRmkzVVdVS2hNM0t3WWlaUS...
470 B
687 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=IFxJ93xTLzJtYU92UXRMN1VhaEdVVVVCaHRrNkhUSkdOM3F2ekFxc2NZRVovWG05cEFNTVVvWW13WkJ5c05NN0F1alhUd0cveDIyNFl3VmU4dGV0enlLeldqSlJtdjJjMUZJNjhqVWR5V1AzRmkzVVdVS2hNM0t3WWlaUS9BQVQxeXhENURiMXZwTGVqSnRrSHR3OFl2OEVjbC9HRC9vSTVlNlpWNmVZV2RpRU1NeWxkMnhnc21raHJRVnI2N3VubThXb1F4RjM4bTh3NHJHUS9GUWZPNlVBWndnTi9jR0twZHZMc3lVUmhRaEdoTFJVVk1ZaVZFbWs2eW4wa3FBOWszWUw1RG5Zajg0Zm5JRnZGcUZHd1l3SWNzdz09fA&cppv=2
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d8cfc8d8ed5ff0e9a43975765eda5a4898c55358ec70061d287554c4587ef05c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 05:43:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1948284
expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Jul 2023 05:43:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=IFxJ93xTLzJtYU92UXRMN1VhaEdVVVVCaHRrNkhUSkdOM3F2ekFxc2NZRVovWG05cEFNTVVvWW13WkJ5c05NN0F1alhUd0cveDIyNFl3VmU4dGV0enlLeldqSlJtdjJjMUZJNjhqVWR5V1AzRmkzVVdVS2hNM0t3WWlaUS9BQVQxeXhENURiMXZwTGVqSnRrSHR3OFl2OEVjbC9HRC9vSTVlNlpWNmVZV2RpRU1NeWxkMnhnc21raHJRVnI2N3VubThXb1F4RjM4bTh3NHJHUS9GUWZPNlVBWndnTi9jR0twZHZMc3lVUmhRaEdoTFJVVk1ZaVZFbWs2eW4wa3FBOWszWUw1RG5Zajg0Zm5JRnZGcUZHd1l3SWNzdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266828
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4407
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Jul 2023 05:43:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0B66
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Jul 2023 05:43:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86BA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
1820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:13:08 GMT
expires
Mon, 22 Jul 2024 05:13:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E445
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15f64c6ec38757c7d3e5b1c12d62696d0260c9898308b67c611859e67ea9c418
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-b9-ZcNC6wD294Sy3FP4aKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'nonce-b9-ZcNC6wD294Sy3FP4aKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:28 GMT
expires
Sun, 23 Jul 2023 05:43:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC34
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
1820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:13:08 GMT
expires
Mon, 22 Jul 2024 05:13:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E89
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c87a9ea5f49ffcf12a8315c17fe2377c5f2ce48e1984c640b80e92295b6045b1
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-mu0aRz9vUKZzofTMKhJQYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'nonce-mu0aRz9vUKZzofTMKhJQYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:28 GMT
expires
Sun, 23 Jul 2023 05:43:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E924
6 KB
3 KB
Document
General
Full URL
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mbantul.my.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:27 GMT
expires
Mon, 22 Jul 2024 05:43:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E445
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=2209667267909364&rc=null
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js
pagead2.googlesyndication.com/bg/ Frame 86BA
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 22 Jul 2023 13:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
58845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14655
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jul 2024 13:22:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E89
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1741164496078256&rc=null
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js
pagead2.googlesyndication.com/bg/ Frame DC34
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 22 Jul 2023 13:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
58845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14655
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jul 2024 13:22:43 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame CE96
50 KB
19 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
02ec0e308ebbb35661daba80cf3315096a8297a0b5d173c30cf7991e17017672
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 05:43:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Dq0lZ98hG-33IdZM4rPOgFaCzgbp2jTNaAdD2tv0XnaWHWJxZVtcGuC7xRwoqL4WvLSUhvlk_Z3QfGrZ38FoWRtafZpfpDqksn1WLk14025Rdx9zZSmdbZAf_p0_CtnEXlEUz8D2OtyrKEW2wkoCSp-ha2LDOOq3WBtsZjM8YUAJS3oufmI-bH2Q4Dw0HZatoNaE-jAMO1DTwksYbaBPuShn84ybMPloQ0ysL-2zUAO0iQk_D0pwRSHqGVsiWop5r8gBog"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2701809
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9F9D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 22 Jul 2023 09:33:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Aug 2023 09:33:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9F9D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 22 Jul 2023 22:19:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
26656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Aug 2023 22:19:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9F9D
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 22 Jul 2023 06:47:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
82564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Jul 2024 06:47:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F9D
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hq2BhVkvTNwApbsCadfEeFlgiHnikWWV3YjhVdjYwSE5MV0thSlZKeU4vd2F5RHVmZjhzTndITVN0ckVLS2xmekJEckR3QTdyeFBQckg0aDF4MmllbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jul 2023 05:43:30 GMT
truncated
/ Frame 9F9D
553 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b1684359ffd0af4907666655606b200178b12bbd39be8226f71fddae3a2d7e3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame CE96
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 05:43:28 GMT
adchoices_fi.svg
static.criteo.net/flash/icon/ Frame CE96
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_fi.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1fe836cdad880273e74116933ac7fbab68175a3913a078877dc1080225827da1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-75a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 05:43:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CE96
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 17 Jul 2024 05:43:28 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CE96
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 17 Jul 2024 05:43:28 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CE96
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4QZswcCtvtYBIbrSsTFCWkg5BiM5wxNBVyM1sVt3D8Ohr8Mo2szeKx5WjpqhM37kKM3NM2iBfWa0xgn0oTUcZpNVevi6V0UN2pfDSLRoCO_1jrFObRmCBzOBkjiD0VNRQgX0dPNDWJezR6i_8G7Rcp4Cmbgi_uetkoccZHVB6TXoX4HudTghlpX_IJXHcMKVFTVW9u-d_88G82pOyAfBCiwIUf7Vdoyys02L-1VuEQ1_K1ErywGH9N73wcIWm06-QQNLCQLzq_8_1L2eqqP9Y9oiNE3qUEXK73iu_mAhsDQZdF7mBrsPXxVTUdXAK0k_VyPRIKCwOryYB_PcfUoMFOXLWvTG4R6_yD7gDh9FP7fPe55wyJ-YFeWbMP62thvDhGj_DNG0nPe9uwEdc6oQcSeo9e3UX5vDytwz_DqOv0E6ZmNTy_m0BPCrQWJdA-pK9JE3PA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 05:43:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2779688
expires
Mon, 26 Jul 1997 05:00:00 GMT
ae71cbe1c18b43969470f6196dea65aa_image_ad_300x250.jpeg
static.criteo.net/design/dt/95111/4804551/ Frame CE96
35 KB
36 KB
Image
General
Full URL
https://static.criteo.net/design/dt/95111/4804551/ae71cbe1c18b43969470f6196dea65aa_image_ad_300x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fd54048016cc19da91f1f9bc59b5793cb2cc00e7c2c26eda47c45c4d87ee2ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 26 Jun 2023 09:57:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64996110-8d6d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
36205
expires
Wed, 17 Jul 2024 05:43:28 GMT
all
csm.eu.criteo.net/ Frame CE96
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Dq0lZ98hG-33IdZM4rPOgFaCzgbp2jTNaAdD2tv0XnaWHWJxZVtcGuC7xRwoqL4WvLSUhvlk_Z3QfGrZ38FoWRtafZpfpDqksn1WLk14025Rdx9zZSmdbZAf_p0_CtnEXlEUz8D2OtyrKEW2wkoCSp-ha2LDOOq3WBtsZjM8YUAJS3oufmI-bH2Q4Dw0HZatoNaE-jAMO1DTwksYbaBPuShn84ybMPloQ0ysL-2zUAO0iQk_D0pwRSHqGVsiWop5r8gBog&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 05:43:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame CE96
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Jul 2024 05:43:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 86BA
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LXdr_A
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame DC34
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?068m4g
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4407
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=2209667267909364&bg=!ubqluu7NAAZsPphkTD47ADkAdvg8WvyJS-gxKrl-Jv1OYEY5mPipxAJoYaYqOd4fHE25JFnFqYzgeIG-v6XbhEEaCmKURF5ZhuECAAAAnFIAAAAmaAEHmQKx1Bma7WSgMPzprulwg7vVyVQ8eK5mrhHxNfCr96xxHGWUcZ6Kd-xwe_oZA-gQQEGK1-l_uE0ykKruwPj1F9vHh-ZvqbC7bVZxCLbR8d5OX2LRZsHiSt83vPckFZYUNtVMCzk9QaZWlcCYCN59LmDqhbthX4hsnl_kgNEn3AVn0xMAyc6LiD7lvh3hrswFvwOYZqijwCT04qj0ZdV9rxAv4kN0OyEHS3qpvd1QsgjU9xSoAUJgpC6zjgoNeFscQOoAFW1UFkHcQ5BFUsWMaXJbrRUfKGCimBDOowMas19vM5slC8lwooB4qljBINcYohfpfGLJXolpJ8S1zNgbX37i9O-nTtoony_uRkmhXkSTIBs-vbei1vJmOpHFYOAAhmF8PtZmrrBQG6xbSn52WEFkmb7foCLnO0QNFZkiJqJHYeoIxqD8hhjdvlURJSFPFPYm4OC6FMVcUJKzXmSrvorV8RkodUt6u6EgBnl8QccgujUw3Ifx16PjW6XSOH4e8t1BurGbW3k3dUnBwRuFrU4-zxP8F-3-WjQ65k4j6pbdhWrQLQkRNIhru6xGrbl79OmMJDb7tBOZ4gM4GLT5Ha4bG3l2XfvR9K0-htWLtVvrCFGVWuMxDCHUj8YKkIaF3Px9RjGcF8gK_9mWcKFEYv93gkhQsJf3gf_L71nHyDZbCHRqnTT6Ko08g6R8tqtWlKjknrXfXjp15fk6NsWQsR3PDgdO2rCFmop7yC_QjpaX2WF7GgJqvSlnKJ4ai-ZJ_MLeQi3Q3pDYyBcM7dOaYO8Zt9fsGq6Jv5VSjt39V9jFNhBy5yIbPj_MTbt-HYplOJZ6wVYU99_qQjn_mCxlPBrlw9Tg4jQSXMI5lWcImbY0m6KdGKPVlf7bMoXbPRmP9XHLWsiJCxuZWFHYGjyhqBrq9IA
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 0B66
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1741164496078256&bg=!HxylHEjNAAZsPphkTD47ADkAdvg8WqdE-SAKLwIC88ca5Nkn7WAvwNsNvFk6UNVHLUhzE2YThIzv3OazX4AweOE3jzw11aoRVUgCAAAAj1IAAAAcaAEHmQLKVc8S38v24-IbklbboTJlp6bBOSZlSeA4ARd2MYRQJpJRgpiTbWtNEYdtYkefWKluGFoRBiFFzsJOC42RwdZDtxYYqfwBwJIYJLIyGBLKGVaDGAVD1BKpbQxsN4nCdQuEYjq-6bHr1oCmbhAFi1s2pEwI54TPG2bG1RqQoDjl5RdoBMTm_BhUTkZKUEyQybhp9xaXZC-UAwZNhQOgN0Bai2vsVdBUADxYjO1azpIj3YtYTsJe5L691ApkHlatcL8syswmfbXSgc0HH_V95itnwKz-ddAlrmGAYsYkGpyPFYEZiWq1xsvaY8_SYdcUbTc0twviGQdcfABQaEzZvm3CPk6515QXQOHQgDir5FvWiYW0mQtdhcRtZHW9XgBgOwJ618IfFd-YqeMgH07YNhSHG0T8WHj_U76z2zVokTQ94KH1py-vhtZMkvPblIrHfRF8Ce-pZoX0uAclYySJR7ygJ1kphjwg8CGySDY67_FwgSvOE09XH21PITWH5ZUcoKw5XqGxwIH0aPj6hWHHd2F8vKmQr6x1cuZ3a9hWPFicICurRpDOB-p49Hjp0XLztpKsqJe0grVoOkbqFpnhqmlZU5YMNqUmFjskgiY0Vr5OFPiBxYi2bLIy5oUlcv1nHas34QWz2SxQNZkBJUIbqrThjnRYp4IjwhXd4zEK4eCUtf0YbpUHCe_MCnu7J5YESmCrCnpxK5lQSaD1ROlaQYcvQtxdS_zVucTIhB-AoFijP7XbIzA7dDVKS9pJnCTDv0BmCCjylTrajMLw8nC2Av21poPFW3OX5S__zpc1Wljo388GNcSq22qBhmTkfbDobDhl8GAE6HQPj4iCeFJdvOcZmEDIJODiOBZyH-i_Q6f9IbSyQRUj9WrsXLrHu0KIqlgQ7j257ARi_dunv5iP9xAVnTJP0NHn6_EzhcOFrV-84NjczG7JAQt_McMQ
Requested by
Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://mbantul.my.id/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

all
csm.eu.criteo.net/ Frame CE96
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Dq0lZ98hG-33IdZM4rPOgFaCzgbp2jTNaAdD2tv0XnaWHWJxZVtcGuC7xRwoqL4WvLSUhvlk_Z3QfGrZ38FoWRtafZpfpDqksn1WLk14025Rdx9zZSmdbZAf_p0_CtnEXlEUz8D2OtyrKEW2wkoCSp-ha2LDOOq3WBtsZjM8YUAJS3oufmI-bH2Q4Dw0HZatoNaE-jAMO1DTwksYbaBPuShn84ybMPloQ0ysL-2zUAO0iQk_D0pwRSHqGVsiWop5r8gBog&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&u=%7CCwr9HkPPR0f4Ak%2FFtN0eUsT2xABKg1ciyb2K2A0I0n0%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DG9kgxvD-4_u7lncOw97bX69NXhXBpLdHqqUHmZ-kQXWKZBOrmDVHUuMQaRgVREFIMD_rCyNtkjJLk6hQYlGhn4mz2WM_vF4cRr8K34DfomAqg4VEtp93aDfgW2BA6MCWRhT1YXMNVLwkUkKl3WIcixH38vwXM_QDDahOau84MyIQckFm79wIiPSCSffZOm7IqcC_ShqwESjOMV4lEduTBgMK5Asp-3a0Y15D0vtJcfIelGfn-E-pCtBXi4-5UU4UOq8Dz3R2uxth8SBYfFcTpPmItLMVh9CXeFO8RRbCPvBE7HW8pyo7OPAE_eKTdPUuUmk_CX2l0j_SZGv0niJXxppLCJLOHfUfJlx7GoQ6Xk8bP26vhDBG5dLWE67-DEYcH1tzkVz5vQJ2b2xIKp9BEUZv48jIFD3_UhFjQz_W9abtREcSjyIUrG4tswhonzqo5LgXyyu9sj0BReo75j5N1ATfjUNZ8sVYzGDEFF0qmjkW1ZNW9bwRdugGyttjvS75m7hm_UTLeqY-CakD2SmfvM6GCyenP985O_MLJymubYGSz6Mq7786YdK9C8G7PxLMH-60QxpZr6tvMWMv1KKhEFEuQwk1ez6iifll38TgRuPpBTyphdERDjuef2_KR6r80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIdU-_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpwJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFWHM_m5K5bCbohquHIR1tU6V9nqfGLUMCkKPf-qNVwqS67NBv59231B04AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ahkY8xouqhMksShCj-NMb4BbI4w%26client%3Dca-pub-5111137191506013%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Jul 2023 05:43:29 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F9D
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZOrC_728ZK_oGPmS9u8PhYCu8AzJntKxXNWdkfdwwI23ARABIABg9_ncAoIBF2NhLXB1Yi01MTExMTM3MTkxNTA2MDEzyAEJqQKxDkeLwqmyPuACAKgDAcgDAqoEpAJP0MODoDzW387U8K0XJxiEO-VydUS897-PeXmqpbBCQiSWnABmGOPRexypsaUcmawvNOLaui8kTtrHjFTHKttBHOLS2tePZVWkEpeKGp-SYA-Sz5t2hIIpQeBm44eE3Mi9bSeIib-P3nS-53eEdSXzebU0wY-Y5GIj-fqLOmPfM33b20PVfzL-7f2XEQaez5GoXD0BYKVDrVwhLAYTAshkE7buQS3QdETBdH8gYb9aLMmzEQAH_g_tZLMQ9_f3aDLqYnioZhcCzUvXeLydI6OFv4KovcojPBrj6xoTwWbS0WwWmAvXRZ4mHTSzKeuWxzVzu0nVQQ8P-MKRYMcYFSPO3_zNaiyIHYa6v1RIE7ac4nApEpsUiPZHQkx_6BS-8zbrO4zJ4AQBgAbg5KCM15e8x0ygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTExMTEzNzE5MTUwNjAxMxjR1CI&sigh=MT7Ns0WQg3M&uach_m=[UACH]&cid=CAQSSwBpAlJW5tiNx4nZs6ELTatJR3e8HqL9hDyKK4rslIzkV5md8srUl5MVTXerXrmgRHJQDqJiePcT05X_T44q4a3lK7IIRdjADU6lWBgB&cbvp=2&vis=1
Requested by
Host: 7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
URL: https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9F9D
0
126 B
Image
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIO2F-5QrAL6AZ2DYgICAAAAmEehejJh90oQ_r28ZBGVtE7bBhD-sCEAABIAAAoKQVFVQkFRRUJBUQ&wp=ZLy9_wAGNC8H_Yl5AAuABQmj3EeWbkim2Zfz4A&cbvp=2
Requested by
Host: 7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
URL: https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 23 Jul 2023 05:43:30 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
194245
server
Kestrel
content-length
0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| twemoji object| wp function| makeid325 function| adopRun003 function| checkLoad0988 function| listener572 object| _gqid boolean| _gqidtestmode string| RECAPTCHA_SAFELINK function| wpsafehuman object| gridmax_ajax_object object| gridmax_custom_script_vars object| html5 function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| A function| B function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| __params_zone boolean| over_size object| recaptcha object| closure_lm_355855 object| criteo_syncframe_state function| arrive function| unbindArrive function| leave function| unbindLeave

8 Cookies

Domain/Path Name / Value
compass.adop.cc/ Name: ADOP_P_U
Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/ Name: ADOP_CID
Value: -230723054326-526c1fba694c483e
.mbantul.my.id/ Name: lotame_domain_check
Value: mbantul.my.id
.criteo.com/ Name: uid
Value: ef921aae-5e54-4229-b6cb-b22cbbfc2532
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mbantul.my.id/ Name: cto_bundle
Value: eVBz4V83Y3N3T2NYVXo5TjU2eHExMzdueDRDc2tPSjZ1ajBpTzVuMEhmT1E2JTJGM3lEZ3ZpQUxxSVBHWUphNERHSVdMVU0yQmZxSng5NFV2RjIzeXRQcHJXV0FobXNjazI0czhGeHdpOUJvRmY0SGU5bXlRdmdjbFYxc09GMyUyRnNDYmxoVE5JTUQyV0FmN3dZYkxJdkxST1BHYXRJbndBRmg1WXVFclpUc0U4MGQyeGdvWjclMkJNeGRBY1FFczZRdDE4NkNNVzQ
.mbantul.my.id/ Name: __gads
Value: ID=326a1546a78aefcb:T=1690091007:RT=1690091007:S=ALNI_MaKP_DvN6N8k95QPQ7yITAMK518Eg
.mbantul.my.id/ Name: __gpi
Value: UID=00000c429bdec2a6:T=1690091007:RT=1690091007:S=ALNI_MbD0pEbRn4K-xpUXaF00-Dq0lW3Cw

1 Console Messages

Source Level URL
Text
other warning
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7bf8fe4a5030cd0158d6762f96acdcfd.safeframe.googlesyndication.com
ads.eu.criteo.com
c.ltmsphrcl.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
compass.adop.cc
csm.eu.criteo.net
data.adop.cc
esp.rtbhouse.com
f5cc1073b6745c8bcf65966bf74fad0f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
link.bicolink.net
link.deimoney.com
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
162.19.138.117
178.250.1.6
178.250.7.13
18.66.97.109
2406:da12:fbe:4202:9d7e:f04e:f02b:38fa
2600:9000:2250:e600:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::681a:31b
2606:4700:20::681a:6d
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2004
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::2
2a02:2638:d::d
2a02:4780:3:c141::17
2a04:4e42:400::485
34.102.146.192
34.120.107.143
34.96.70.87
35.190.39.111
35.244.159.8
65.9.66.68
99.81.60.238
0035ea54756f3d0680a0f9776c34da4fe9510cf3a6e191a95c93c6288ea39764
016ca8c25c494b4ba941651c30d05238316928c71bc7cd58535dad34dd7c4bed
02ec0e308ebbb35661daba80cf3315096a8297a0b5d173c30cf7991e17017672
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
079c1b73c3949a4d53271f7646fc3697999abbfe0d4b437089a72b3d35977fdd
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b047a80128a833973c150792dd84e930ffb7349ac1e7296881c30d3de9c9816
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
15f64c6ec38757c7d3e5b1c12d62696d0260c9898308b67c611859e67ea9c418
1b1684359ffd0af4907666655606b200178b12bbd39be8226f71fddae3a2d7e3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1fe836cdad880273e74116933ac7fbab68175a3913a078877dc1080225827da1
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2f786ac1f6f18e8e05f4f256d2df519a82449e0b7cafb240c17294693ab93dca
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a8d2a9d2687915c91eecb6452b0d7628a39d59618ef1fa427cfb383c6f17105
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ae12e16d65e572999abae5c756cd054f207b30fd3027d332578fc93952f3ee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4a33dd3f6ada7e87ec750c3495949fe09641ad9316432248549eea0076afd543
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5a2cda135cd85ddc5b6d0c6cce9a8fa5353e6b2c2f7a8d95ae743be529a3a51c
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dd5a511c94fa3349b845abd013e9ba355dbb5b5c250d1197663fed0e72e2e1f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7881f055a1e424714f4fc2089b071df59f1b3cca32f3957e35bdd79685058f2b
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
825706ed843ddd06a618563159e891246b26a37aa6404f9552fc1aacc22dcdbf
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
860f907e2cd21aee1fde95ea3b2c248f92a0a41f1bc3d9ff2abd067baa4ef293
8694c6a78a569b11eb139357bcdff22dfbc1fdea8323391bae227a3ae7f6ab39
86c53d5f1892ffd95cda8cb8fd0ae018503eff1c071bb800ffd260c9a37bbc7b
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
92b7d71c9d5f7ca011fae44df7360d2dff08c38272ce05684387691fe356692f
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
963ef2b3b0a8b5db60d69df5814239c385bc4e8e8781c6c24bc7390457e1e6dc
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69bceabc68343672a39c6cee07e493ff3e9224bac64bff87f8438174ade0198
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b41c38c565e529c0cb0e406e7d5897ffd2f75bd3a18a0e8b1411be40b87ff37a
b454caa86a1d37acb42f63ce6286e95d76b444bf4eabd15aabeed7d5eb5290a1
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c08d578697860105b46d66d921db7cfe3af6e90f92840723f73d72fdabbde32f
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c87a9ea5f49ffcf12a8315c17fe2377c5f2ce48e1984c640b80e92295b6045b1
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
d8cfc8d8ed5ff0e9a43975765eda5a4898c55358ec70061d287554c4587ef05c
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5725ed690370b16771c987e93bb3f388e8ffbccc47afda73f0902f1fa22935
f6252499ba5cacca024e61f458c4c259f3ca4daea2cc3cd32f58cb124b16fe93
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
fd54048016cc19da91f1f9bc59b5793cb2cc00e7c2c26eda47c45c4d87ee2ba1
fe1df2e690ba0e22e66493d02a0c77907cf4e4bcaf218905f1567829567af202