urlscan.io logo urlscan.io
SecurityTrails logo

berita.malasmikir.com Open in urlscan Pro
2607:f8b0:4004:c19::79  Public Scan

Go To Rescan Add Verdict Report
URL: https://berita.malasmikir.com/
Submission: On January 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 6 countries across 74 domains to perform 240 HTTP transactions. The main IP is 2607:f8b0:4004:c19::79, located in Washington, United States and belongs to GOOGLE, US. The main domain is berita.malasmikir.com.
TLS certificate: Issued by GTS CA 1D4 on December 14th 2023. Valid for: 3 months.
This is the only time berita.malasmikir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
23 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 54.39.128.162 16276 (OVH)
5 2607:f8b0:400... 15169 (GOOGLE)
3 16 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 13.224.214.70 16509 (AMAZON-02)
3 3.14.20.113 16509 (AMAZON-02)
1 172.64.153.173 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 31 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
1 18.238.4.21 16509 (AMAZON-02)
4 23.73.207.17 20940 (AKAMAI-ASN1)
2 67.202.105.33 32748 (STEADFAST)
3 13.224.214.92 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 141.94.170.77 16276 (OVH)
2 6 23.220.132.230 16625 (AKAMAI-AS)
6 142.251.16.157 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 3 13.224.214.125 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:46::38 8075 (MICROSOFT...)
1 151.101.1.108 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 67.202.105.23 32748 (STEADFAST)
3 4 3.233.22.19 14618 (AMAZON-AES)
8 8 52.223.40.198 16509 (AMAZON-02)
2 4 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 44.217.35.132 14618 (AMAZON-AES)
7 9 68.67.160.137 29990 (ASN-APPNEX)
5 5 34.111.113.62 396982 (GOOGLE-CL...)
1 1 34.199.184.22 14618 (AMAZON-AES)
1 34.231.201.253 14618 (AMAZON-AES)
2 3 35.244.154.8 15169 (GOOGLE)
1 1 67.202.105.21 32748 (STEADFAST)
2 5 2600:1408:540... 20940 (AKAMAI-ASN1)
4 68.67.160.24 29990 (ASN-APPNEX)
1 2 63.251.86.51 10913 (INTERNAP-BLK)
5 20 142.251.163.154 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 192.184.69.239 16509 (AMAZON-02)
2 2 2606:ae80:147... 25751 (VALUECLICK)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 151.101.130.49 54113 (FASTLY)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 51.222.39.186 16276 (OVH)
2 2 54.227.205.3 14618 (AMAZON-AES)
1 1 20.253.86.149 8075 (MICROSOFT...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 3 2a02:6b8::90 13238 (YANDEX)
2 2 5.161.62.221 213230 (HETZNER-C...)
1 1 35.208.249.213 15169 (GOOGLE)
3 18.116.4.103 16509 (AMAZON-02)
1 1 107.178.254.65 15169 (GOOGLE)
1 3 34.117.77.79 396982 (GOOGLE-CL...)
2 172.253.62.148 15169 (GOOGLE)
1 23.34.194.26 16625 (AKAMAI-AS)
1 14 35.169.211.189 14618 (AMAZON-AES)
6 7 3.213.247.157 14618 (AMAZON-AES)
1 1 51.222.241.100 16276 (OVH)
1 1 3.222.34.50 14618 (AMAZON-AES)
1 1 52.7.115.38 14618 (AMAZON-AES)
1 2 52.46.143.56 16509 (AMAZON-02)
1 2 216.22.16.72 30633 (LEASEWEB-...)
1 1 104.17.219.204 13335 (CLOUDFLAR...)
2 2 34.192.24.192 14618 (AMAZON-AES)
1 13.89.172.0 8075 (MICROSOFT...)
4 4 54.89.198.103 14618 (AMAZON-AES)
1 1 2600:9000:20e... 16509 (AMAZON-02)
3 3 207.198.113.93 13768 (COGECO-PEER1)
2 3 34.98.64.218 396982 (GOOGLE-CL...)
1 1 64.58.232.176 13649 (ASN-FLEXE...)
1 64.58.232.177 13649 (ASN-FLEXE...)
1 1 54.146.126.47 14618 (AMAZON-AES)
2 2 3.225.218.10 14618 (AMAZON-AES)
1 69.173.151.100 26667 (RUBICONPR...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 18.205.16.50 ()
240 67
1    2607:f8b0:4004:c19::79 (Washington, United States)

ASN15169 (GOOGLE, US)
berita.malasmikir.com
1    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
4    2607:f8b0:4004:c17::65 (Washington, United States)

ASN15169 (GOOGLE, US)
apis.google.com
6    2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3038::6815:ea55 (United States)

ASN13335 (CLOUDFLARENET, US)
min.gitcdn.link
1    2606:4700:3038::6815:eae6 (United States)

ASN13335 (CLOUDFLARENET, US)
rawcdn.githack.com
2    2607:f8b0:4004:c09::bf (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.blogger.com
1    54.39.128.162 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562109.ip-54-39-128.net
s4.histats.com
5    2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
16    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c17::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    13.224.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-70.phl50.r.cloudfront.net
get.s-onetag.com
3    3.14.20.113 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-20-113.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
4    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
31    2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2607:f8b0:4004:c06::95 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    2607:f8b0:4004:c06::65 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    18.238.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-21.phl51.r.cloudfront.net
onetag-geo.s-onetag.com
4    23.73.207.17 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-73-207-17.deploy.static.akamaitechnologies.com
t.sharethis.com
2    67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
3    13.224.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-92.phl50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
6    23.220.132.230 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-132-230.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
6    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
www.googleadservices.com
4    2607:f8b0:4004:c08::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    13.224.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-125.phl50.r.cloudfront.net
data-beacons.s-onetag.com
aa.agkn.com
7    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2620:1ec:46::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
2    2607:f8b0:4004:c07::8a (Washington, United States)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
dp2.33across.com
4    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    44.217.35.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-35-132.compute-1.amazonaws.com
map.go.affec.tv
9    68.67.160.137 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    34.199.184.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-184-22.compute-1.amazonaws.com
usermatch.krxd.net
1    34.231.201.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-201-253.compute-1.amazonaws.com
beacon.krxd.net
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp1.33across.com
5    2600:1408:5400:8::170c:91a9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    68.67.160.24 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
2    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
20    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)
i1.ytimg.com
1    2607:f8b0:4000:1a::a (United States)

ASN15169 (GOOGLE, US)
rr5---sn-q4fl6n6y.googlevideo.com
1    192.184.69.239 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2606:ae80:1471:1a::1370 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2600:1f18:4e9:5a02:bfa:a46e:1266:8631 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
2    54.227.205.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-205-3.compute-1.amazonaws.com
pm.w55c.net
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
2    5.161.62.221 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.221.62.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
3    18.116.4.103 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-4-103.us-east-2.compute.amazonaws.com
sync.sharethis.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
2    172.253.62.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f148.1e100.net
ad.doubleclick.net
1    23.34.194.26 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-194-26.deploy.static.akamaitechnologies.com
tags.bkrtx.com
14    35.169.211.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-211-189.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
7    3.213.247.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-247-157.compute-1.amazonaws.com
partner.mediawallahscript.com
1    51.222.241.100 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-011.roqad.pl
ws.rqtrk.eu
1    3.222.34.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-34-50.compute-1.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    52.7.115.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-115-38.compute-1.amazonaws.com
sync.ipredictive.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    216.22.16.72 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
1    104.17.219.204 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
2    34.192.24.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-24-192.compute-1.amazonaws.com
dpm.demdex.net
1    13.89.172.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
4    54.89.198.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-198-103.compute-1.amazonaws.com
aorta.clickagy.com
1    2600:9000:20ed:1000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
3    207.198.113.93 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    64.58.232.176 (United States)

ASN13649 (ASN-FLEXENTIAL, US)
global.ib-ibi.com
1    64.58.232.177 (United States)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: be31-199.crrt01.las04.flexential.net
ib.mookie1.com
1    54.146.126.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-126-47.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    18.205.16.50 (None, )

ASN- ()
track2.securedvisit.com
Apex Domain
Subdomains		 Transfer
54 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
1 MB
38 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
245 KB
19 google.com
apis.google.com — Cisco Umbrella Rank: 106
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
218 KB
17 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
30 KB
17 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
csi.gstatic.com
275 KB
14 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1783
secure.adnxs.com — Cisco Umbrella Rank: 490
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1419
ib.adnxs.com — Cisco Umbrella Rank: 253
39 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
259 KB
10 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 12612
t.sharethis.com — Cisco Umbrella Rank: 5730
sync.sharethis.com — Cisco Umbrella Rank: 2756
17 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
3 KB
7 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 3161
5 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
6 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
stags.bluekai.com — Cisco Umbrella Rank: 940
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
389 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 53
11 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
5 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12324 Failed
341 KB
4 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1875
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
4 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
860 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
1 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
d.agkn.com — Cisco Umbrella Rank: 776
2 KB
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1870
616 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 6258
955 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
798 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7362
2 KB
3 33across.com
dp2.33across.com — Cisco Umbrella Rank: 12127
dp1.33across.com — Cisco Umbrella Rank: 7249
1 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 13409
ic.tynt.com — Cisco Umbrella Rank: 11236
de.tynt.com — Cisco Umbrella Rank: 1526
9 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5021
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306
13 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 16248
t.dtscout.com — Cisco Umbrella Rank: 13665
5 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1369
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
2 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2235
649 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
694 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
891 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
988 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1811
beacon.krxd.net — Cisco Umbrella Rank: 784
499 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3060
726 B
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12161
61 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14576
s4.histats.com — Cisco Umbrella Rank: 14129
5 KB
1 securedvisit.com
track2.securedvisit.com
178 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1381
418 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 477
676 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 3035
982 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 2008
513 B
1 cintnetworks.com
c.cintnetworks.com — Cisco Umbrella Rank: 9630
542 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2794
550 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
480 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870
306 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3537
409 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 6188
16 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
633 B
1 mediago.io
gtrace.mediago.io — Cisco Umbrella Rank: 3342
467 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
684 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4511
463 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
388 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 googlevideo.com
rr5---sn-q4fl6n6y.googlevideo.com — Cisco Umbrella Rank: 22259
2 MB
1 ytimg.com
i1.ytimg.com — Cisco Umbrella Rank: 2733
13 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4271
38 KB
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 14516
599 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
258 B
1 githack.com
rawcdn.githack.com — Cisco Umbrella Rank: 61233
8 KB
1 gitcdn.link
min.gitcdn.link
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 malasmikir.com
berita.malasmikir.com
49 KB
240 74
Domain Requested by
31 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
berita.malasmikir.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
23 pagead2.googlesyndication.com berita.malasmikir.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
20 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
berita.malasmikir.com
bcp.crwdcntrl.net
16 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
berita.malasmikir.com
12 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
12 s0.2mdn.net googleads.g.doubleclick.net
berita.malasmikir.com
s0.2mdn.net
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 match.adsrvr.org 8 redirects
7 partner.mediawallahscript.com 6 redirects bcp.crwdcntrl.net
7 secure.adnxs.com 6 redirects berita.malasmikir.com
7 www.gstatic.com googleads.g.doubleclick.net
6 www.googleadservices.com googleads.g.doubleclick.net
berita.malasmikir.com
6 www.googletagservices.com googleads.g.doubleclick.net
berita.malasmikir.com
6 fonts.gstatic.com berita.malasmikir.com
fonts.googleapis.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 pixel.tapad.com 5 redirects
5 tags.bluekai.com 1 redirects berita.malasmikir.com
de.tynt.com
tags.bkrtx.com
bcp.crwdcntrl.net
5 blogger.googleusercontent.com berita.malasmikir.com
4 aorta.clickagy.com 4 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 nym1-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
berita.malasmikir.com
4 px.ads.linkedin.com 2 redirects berita.malasmikir.com
4 ps.eyeota.net 3 redirects berita.malasmikir.com
4 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 t.sharethis.com pd.sharethis.com
t.sharethis.com
4 fonts.googleapis.com googleads.g.doubleclick.net
4 apis.google.com berita.malasmikir.com
apis.google.com
www.blogger.com
3 us-u.openx.net 2 redirects bcp.crwdcntrl.net
3 pixel-sync.sitescout.com 3 redirects
3 ml314.com 1 redirects berita.malasmikir.com
bcp.crwdcntrl.net
3 sync.sharethis.com berita.malasmikir.com
3 an.yandex.ru 2 redirects
3 idsync.rlcdn.com 2 redirects berita.malasmikir.com
3 map.go.affec.tv 2 redirects berita.malasmikir.com
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 pd.sharethis.com e.dtscout.com
berita.malasmikir.com
t.sharethis.com
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 dpm.demdex.net 2 redirects
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 s.amazon-adsystem.com 1 redirects bcp.crwdcntrl.net
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 ad.doubleclick.net berita.malasmikir.com
2 sync-dmp.mobtrakk.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
2 a.tribalfusion.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 csi.gstatic.com www.gstatic.com
2 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
2 ap.lijit.com 1 redirects berita.malasmikir.com
2 dp2.33across.com 2 redirects
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 pixel.onaudience.com 2 redirects
2 t.dtscout.com e.dtscout.com
2 www.blogger.com berita.malasmikir.com
apis.google.com
1 track2.securedvisit.com data-beacons.s-onetag.com
1 d.turn.com 1 redirects
1 token.rubiconproject.com bcp.crwdcntrl.net
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 d.agkn.com 1 redirects
1 c.cintnetworks.com bcp.crwdcntrl.net
1 dmp.truoptik.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 stags.bluekai.com 1 redirects
1 tags.bkrtx.com pd.sharethis.com
1 pippio.com 1 redirects
1 gtrace.mediago.io 1 redirects
1 ums.acuityplatform.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 onetag-sys.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 rr5---sn-q4fl6n6y.googlevideo.com googleads.g.doubleclick.net
1 i1.ytimg.com googleads.g.doubleclick.net
1 dp1.33across.com 1 redirects
1 beacon.krxd.net berita.malasmikir.com
1 usermatch.krxd.net 1 redirects
1 cdn.adnxs.com berita.malasmikir.com
1 adsdk.microsoft.com berita.malasmikir.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 de.tynt.com cdn.tynt.com
1 t.dtscdn.com e.dtscout.com
1 ic.tynt.com berita.malasmikir.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.tynt.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 www.google-analytics.com www.googletagmanager.com
1 s4.histats.com s10.histats.com
1 rawcdn.githack.com berita.malasmikir.com
1 min.gitcdn.link berita.malasmikir.com
1 cdn.jsdelivr.net berita.malasmikir.com
1 s10.histats.com berita.malasmikir.com
1 www.googletagmanager.com berita.malasmikir.com
1 berita.malasmikir.com
240 102

This site contains no links.

Subject Issuer Validity Valid
berita.malasmikir.com
GTS CA 1D4		 2023-12-14 -
2024-03-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
gitcdn.link
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
githack.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-22 -
2024-06-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
cert1-prod.aut.a24365.net
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
dtscdn.com
GTS CA 1P5		 2023-11-15 -
2024-02-13		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-08 -
2024-07-06		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-12		 2 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-26 -
2024-06-26		 6 months crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh

This page contains 32 frames:

Primary Page: https://berita.malasmikir.com/
Frame ID: C660CD77BE13EFCF7A4D4B115A15E218
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 78A664495E7F22980237F58722791F17
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1128527085103836991&blogName=Portal+Berita&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://berita.malasmikir.com/search&blogLocale=in&v=2&homepageUrl=https://berita.malasmikir.com/&vt=-1821872448825327827&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Frame ID: 3D1E7F71E4F8845FA9FE210ACF28EA4E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&adk=1812271804&adf=3025194257&lmt=1705030533&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456379&bpp=3&bdt=324&idt=283&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4478998970680&frm=20&pv=2&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: E97D0CFBB33E1881964800ED03B8B102
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Frame ID: 9FF7BF4914B05AB005E9F95E03877B9F
Requests: 13 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01705139456C410DAFC442A703E42
Frame ID: 341FD4D37D9D67BD319ABBFFB3F95EC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61575589A60F564522BAB360BC9DF8A5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Frame ID: C846D7E6B380C02E85D2E76DA761FB14
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Frame ID: 1EBD50712906FE7514D8492B515FAFAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8CFCB017B0D6C6033ACCE3041728E3E3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A0EEB9923CE0455E34BDD5AE6463F1D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AD8FD1C184AD61C7856863871F9AA8BE
Requests: 13 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CC67F045E164A2431070517F7FE4EFBC
Requests: 15 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 49B53B673453868DEF096B77EFF01E35
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212419328609237&ret=html&random=1705139458
Frame ID: B8F91C6D5492CD295477EBB3A7A6C266
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: A45B0E44515306FF634741916D8DE144
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Frame ID: 09000D825A6EA277217E84F36593382D
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: A066415069FEE1CE00A0755C18B40B77
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FB50AE3314CD0E8D14F45B91FEB50EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 008C735FF43C6AA212577F2F6FB49CE6
Requests: 9 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 8D3079C428AAA7A1C5EC44EC7260F36F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3DF12EED8FE429BA2E007A88835FFDD4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: F376055A84518D046A85DA8376440FA8
Requests: 1 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 12ECBB87A51C97BD90C6D4428524B3CC
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Frame ID: AFEFCF15F13A41F4564618C56D1B72C8
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: 5B626A7BB3BFB9B311E53376121C1713
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Frame ID: C7EA21DB276AC2BCE51B746581433420
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPs7HDz3Jh-MV9LWCKSVPl4&google_cver=1
Frame ID: 15402BA1A11E9A899FC6A961591F7B36
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DDCCA8F6F177C657C0AED2F26AB1B84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D548CBE818EBDEFE5FC5599123562A5
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: DED6C09752B00CF788DD060FC81BA6B5
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 23208F04A255F9F9E94699E679284AA0
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Portal Berita

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

240
Requests

78 %
HTTPS

37 %
IPv6

74
Domains

102
Subdomains

67
IPs

6
Countries

5506 kB
Transfer

9363 kB
Size

128
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01705139456C410DAFC442A703E42 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=9a16f9ec0e01efa6
Request Chain 53
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHUDGAF2iZb68LrPNrr4P6Y6O6ALrm7CfddL9jbWmEmQQASDx-6B2YMmGgIDco8QQoAGY_aG-A8gBBqgDAaoEgQJP0NUafYwvjqa_qwrzWz-0q0FSTDmeqp0ADvQHiliNSGWFVQB3DydTjMQ-JKda9wb41kPVcrjzSOKUoEPOv3jpjaiY-SS7eUGa5LJnbCs95IkRieTIrwt1X-CgIeCS3odwwQQ8b2GRggkDjYeLynB9fnKhHgbEElN1MyjeDgReO3DYmD-JkUz568huzGNnwAfdOG456d7eUrF6FUhCCXaJhTzXQj_oJgDJ9QHFOvPLlfygBQGTqzoRKQVr-ON28IjMH9VhNs8spAZljNjuI0x-GMSONpHXWhyr6sfNm2FR1ntKFu9sWRiG7TLrhX0wupJEfQ1Chpj-mLsEKA6ASOf4gcAE7vCRwPEC4AQDiAXpgOTkJJIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH0ILeQagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKELuOMhio0eeBAtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYpoLzvIvagwOaCTpodHRwczovL3BhZ2VzLmJpdGRlZmVuZGVyLmNvbS9jb25zdW1lci9lbi9uZXcvbmV3LWNhbXBhaWdugAoByAsB2gwQCgoQoJGcx-v2udsSEgIBA7AT5MaUFsgTicurAtgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NjYwMjI2ODcwNTMzMTMwGADoFwE&sigh=dp06U54AXns&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_EB-yLsfXuO7M7rj6dMbHjY2nYtBgKeghLFxcXwjGne5H4F4Fv0nfQfFOptJoxRTUGwr_NGMvdg2itROFSpmrhWZqU-mOg5c1ohgB&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xdc194653996cffc20000000000000000%22,%222%22:%220x1f2254dc9488c2af0000000000000000%22,%223%22:%220xa62c4030de89a5060000000000000000%22,%224%22:%220x50d915f6bda8963a0000000000000000%22,%225%22:%220x1dcefdd394aba66d0000000000000000%22},%22debug_key%22:%224533661072210793211%22,%22debug_reporting%22:true,%22destination%22:%22https://bitdefender.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22935886488%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227588986959436937201%22}&andc=true
Request Chain 63
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 83
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6oPu_ugEQ0A8Y0A8yCA-_CPwnYKgR HTTP 301
  • https://tpc.googlesyndication.com/simgad/3930072584388511338
Request Chain 85
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1705139458059.6 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212419328609237&ret=html&random=1705139458
Request Chain 86
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Financial+Services&us_privacy=&random=1705139458059.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Financial+Services&us_privacy=&random=1705139458059.1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&bid=1e2n4ou
Request Chain 87
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2&expected_cookie=d82b8976-c013-4b9a-8563-7b68c9af7943
Request Chain 88
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&ts=1705139458059.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65a25d02789f510001ceccd6%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65a25d02789f510001ceccd6%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/8341404090720412220?ch=65a25d02789f510001ceccd6&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/a8fea502-2214-4aa1-a26a-f7c85d245ec0?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 89
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8fea502-2214-4aa1-a26a-f7c85d245ec0&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 90
  • https://dp2.33across.com/ps/?pid=1205&rand=1705139458059.5 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212440329895034
Request Chain 91
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.7&pu=https%3A%2F%2Fberita.malasmikir.com%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212418775954579&seg_code=33x&random=1705139458 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212418775954579%26seg_code%3D33x%26random%3D1705139458
Request Chain 116
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=85b52ede-b626-4e6f-9565-6bdfb3ee7cab&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b57be2e2-76be-42c7-b3f9-4ab75b444a2d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D5a8d7e8057b84595975d07f2a1e75283%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2110169371319360015 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5a8d7e8057b84595975d07f2a1e75283&SNR=1&GV=2&med=10
Request Chain 129
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&gdpr=0
Request Chain 131
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaJdAm24S.X-rISts-JYRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&google_hm=2
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEiSAFLTDPf-VVXZL2LV3Lw&google_cver=1
Request Chain 133
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MTQwNDA5MDcyMDQxMjIyMA%3D%3D
Request Chain 136
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cx_HdAF2iZYrELrbGrr4Pw5yL4AHgt8yQdZqm94KEEWQQASDx-6B2YMmGgIDco8QQoAH96Ke0AcgBCagDAcgDywSqBOIBT9AngwVxcyPq91p75MGObaexKrCpBvemHwU0aFOrxLdiKspU_NAD4VmRX_YB07HAik7VkQk4e9LwyB_OUug1S1rGb95F9t55mkUqBhwTOCOW-cQcuTABZlGKG8eQ9AeGagBj41zm142gn169eGj_4rKqKR-gxPlnEUNyaOs07CywsSlWFBVqksloeLq6owK5-HlpDbG0xdJwVuiu-qxabv-bDmZ95WE3rj--8PKKZUeeJIcnsgc27roarFtEmZb0b_79VESv97Un0oQU97SR31DuIDzYoBSuBUHhp2vxhOdiEsAElKGom_wDiAW3_LGBQJIFBAgEGAGSBQQIBRgEoAYugAfrltjLAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCdjCbSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WI6G87yL2oMDmgktaHR0cHM6Ly90cmFkZXNob3dib290aC5jb20vY29sbGVjdGlvbnMvY2FuYWRhgAoByAsBogwIKgYKBKy6sQLaDBEKCxCQkIHDts_959wBEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi00NjYwMjI2ODcwNTMzMTMwGAA&sigh=ojjWppp3WlM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_4xrOoMQG2y-SQBQmGFZxagpkZN7zlU3dxJjGW8ZR3LBS02cB5U-Y060E2eCLGW4D_wUMuEkL7FKIXjIjv8g4RmnXk6151hpdpp0YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc48fe8bf124a431e0000000000000000%22,%222%22:%220x2e839f9ab4f0523c0000000000000000%22,%223%22:%220x3f5328aa8175f13e0000000000000000%22,%224%22:%220xf3992ca7b7f0c5250000000000000000%22,%225%22:%220x4acd7dbfd863c9fa0000000000000000%22},%22debug_key%22:%2212070420668768604209%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeshowbooth.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22378139773%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226447229529024990225%22}&andc=true
Request Chain 140
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_cver=1&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7oS9cybDfsZK0LYXVixTQNjINr3Ab9CA3q__p4IkufBkMhxaig HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7517f1ee7e18070e&is_secure=true&networkId=14000&version=1&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_cver=1&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7oS9cybDfsZK0LYXVixTQNjINr3Ab9CA3q__p4IkufBkMhxaig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABx9blWHF2MwMlDyBqAAAAAAA&expiration=1705225859&google_cver=1&is_secure=true&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7oS9cybDfsZK0LYXVixTQNjINr3Ab9CA3q__p4IkufBkMhxaig
Request Chain 141
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 142
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEhy0JOVG9fFLekJ6QDrjf4&google_cver=1&google_push=AXcoOmQdQlxIgSpCbUJLTMiUjXg-YCjErTzIvOjt63Op-14OffjRib-IX7KpDC4LIm-NFCYcKeAU3rDDg1OVsVpFFDC0sCqXzvfMs-s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEhy0JOVG9fFLekJ6QDrjf4&google_push=AXcoOmQdQlxIgSpCbUJLTMiUjXg-YCjErTzIvOjt63Op-14OffjRib-IX7KpDC4LIm-NFCYcKeAU3rDDg1OVsVpFFDC0sCqXzvfMs-s
Request Chain 143
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKebmFep0IQVXUB8rSoL5fE&google_cver=1&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW3sreSRMzz9eAxWE04ds-E5geDI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW3sreSRMzz9eAxWE04ds-E5geDI
Request Chain 144
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFpT72SdztXq9nvyaGDhNr0&google_cver=1&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254gW5Maw-c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254gW5Maw-c&google_hm=eS1TQTBGaEJaRTJwRkU4dkZTLkltcnZheTB1M0pIMExzNX5B
Request Chain 145
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECOmKizN1DgLbZiPvjjVfeY&google_cver=1&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGPcroTL0TOAF69-ow_n_Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGPcroTL0TOAF69-ow_n_Y
Request Chain 150
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2vhbPNM2t9G-bWu0VtpBRWYVFoXBoG6XozzNJh3MQIx08wFzhxge3rlOo HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2vhbPNM2t9G-bWu0VtpBRWYVFoXBoG6XozzNJh3MQIx08wFzhxge3rlOo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTN2VDFVekwxUm9BRms1&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2vhbPNM2t9G-bWu0VtpBRWYVFoXBoG6XozzNJh3MQIx08wFzhxge3rlOo
Request Chain 151
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 152
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=1&google_push=AXcoOmTLTpqwyeMKf4pbhXUfvS5Y4Y_tfbQz4_i6Cr1F1q66JrUpbk6SUBGRVxO43a9l1TPpUZoZ7J2K0TC6ILQh0-U8jXEYjpuuWpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDRkZTI4NTktZmYyZS00OWM5LWE0NzAtYzMxNzUwY2QwMGYx&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=1&google_push=AXcoOmTLTpqwyeMKf4pbhXUfvS5Y4Y_tfbQz4_i6Cr1F1q66JrUpbk6SUBGRVxO43a9l1TPpUZoZ7J2K0TC6ILQh0-U8jXEYjpuuWpI
Request Chain 153
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDsxWKKkFtuTcP73NIRp7ns&google_cver=1&google_push=AXcoOmTlOt_6rPNRM-AJ1uNKtGpS_sgtk7Hqzms0vypTYc_CVbNR_OS6JXqEQp1xaxPWzS8RyuaQLVwcl2naZhAoQ7eS04dtvDkgxTE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876337618462&us_privacy=1---
Request Chain 154
  • https://an.yandex.ru/mapuid/google/CAESEEMaYCu__10xwbLc_t9V8KA?ext-param=AXcoOmTSrM5X4gmHNSAWzsdiGm_4TtF2ZvocSpiYdKnERq4FaGnzQZzTSlmayGJ1f8MdlQU6UxdNTCrW8JtMxdzMo2oGY7iT-rLpvBaY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEEMaYCu__10xwbLc_t9V8KA?redir-setuniq=1&ext-param=AXcoOmTSrM5X4gmHNSAWzsdiGm_4TtF2ZvocSpiYdKnERq4FaGnzQZzTSlmayGJ1f8MdlQU6UxdNTCrW8JtMxdzMo2oGY7iT-rLpvBaY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEMaYCu__10xwbLc_t9V8KA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 155
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKlk7jSn1IJsRK2atXOLc7g&google_cver=1&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2OfoHzw3ut HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKlk7jSn1IJsRK2atXOLc7g&google_cver=1&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2OfoHzw3ut&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTdhMjVlZDM1OTc1OWRjMg&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2OfoHzw3ut
Request Chain 156
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEDwyyJBiOXw-dKFw-T0KiiA&google_cver=1&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpRnMmiqltvyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpRnMmiqltvyQ&google_hm=acc8ce736c3d772021s6km00lrbw0ayb
Request Chain 159
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&gdpr=0&gdpr_consent=
Request Chain 160
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&rand=02573127
Request Chain 161
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2QqrZOGK9uOcdnwhI9EU57ZAxgwfQ2-5HKQi4Ehgm2QM&gdpr=0&gdpr_consent=
Request Chain 162
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641319728665329722 HTTP 307
  • https://ml314.com/csync.ashx?fp=621260a89c3ab292cba52846bd5bf783722764847bf48f1253e5bf9e5243d08cf4cb09cee1a4f8eb&person_id=3641319728665329722&eid=50082
Request Chain 163
  • https://tags.bluekai.com/site/59574?id=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=BFtDnzZe99Y6%2BSJk&BK_SWAP_DEST=5957
Request Chain 181
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiTjWAl2iZcrZAo-Hrr4P-MKj8AvA9Me7ZanOy7mUEeDkoMLlARABIPH7oHZgyYaAgNyjxBCgAaHz2rkCyAEJqAMByAPLBKoE8AFP0Et9--5luPTRVcxSE43eerDhheiFrG9QIbaOBzrQb_Zfi96C2etIZ2UvConmLUcWjvqR7hMvowqFAUQsBalyYF_KuJf_tqvi2vWkwDcM8NjeMWcvpUIV9ZhuhGAp9Cay_R0F5QOLGEgDwSDxkt1fhuozm9oVTfIhO7ENghjsOhmBRRA-VEDroCafDbJMYK2SxMITYegJ3Zdg2aClYnNHQHhFlF1X0_jZ2onSj6Q87sj-xHrG3pMSvZUAudDKDgFl3x5awO2lGovwUZO17LqE2IQ8fBGmYH_WkgF0qFLfQ7DNSA2DQOCSYaQD2Q1BSGPABIrkza2SA4gFiePv_yOSBQQIBBgBkgUECAUYBKAGLoAHx4ylxgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD41xTSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIabwb2L2oMDmgkYaHR0cHM6Ly9ldmVudHJoeXRobS5jb20vgAoByAsB2gwRCgsQ0PSWg9epjezLARICAQO4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTQ2NjAyMjY4NzA1MzMxMzAYAA&sigh=gGzsUCJnVkc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_85iXezzgZR3PlCNANdt10ij8pbCfy0mmKh6LU67ewf7hHZ5QLg1SlRFA0eD933RviWDU4ssHGAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85a5e0aa74ceecbb0000000000000000%22,%222%22:%220x20799e213fab22a20000000000000000%22,%223%22:%220x8b7443718bc31a70000000000000000%22,%224%22:%220x31b3b09a289208a70000000000000000%22,%225%22:%220x93395971fecafcbd0000000000000000%22},%22debug_key%22:%2215182543620737230157%22,%22debug_reporting%22:true,%22destination%22:%22https://eventrhythm.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22657897889%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216383646926870838865%22}&andc=true
Request Chain 194
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=97720483 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkhiRG41b1E5OVk3UDNKaw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPs7HDz3Jh-MV9LWCKSVPl4&google_cver=1
Request Chain 216
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=dce65619190c37668092ddef79f32bb0&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=dce65619190c37668092ddef79f32bb0&custom=&tag_format=img&tag_action=sync&final=true&reqid=4186cb30-b1f9-11ee-a824-794b10ca57ef&timestamp=2024-01-13T09%3A50%3A59.939Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=8341404090720412220&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=418f2fa0-b1f9-11ee-b1a0-519b679bbbc9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=dce65619190c37668092ddef79f32bb0&tag_format=img&tag_action=sync&cb=196314593 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=418f2fa0-b1f9-11ee-b1a0-519b679bbbc9&cb=1705139460362&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705139460362 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=a30ec83e-ed05-40c5-a9ed-5a1d5cf198fb&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705139460362 HTTP 302
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4206f7b0-b1f9-11ee-987d-6d8df76c0cfe
Request Chain 217
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6f30f18f-31f1-4fd8-9f11-01b7bb96a3b3&gdpr=0
Request Chain 218
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0&dcc=t
Request Chain 219
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 220
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a8fea502-2214-4aa1-a26a-f7c85d245ec0/gdpr=0/gdpr_consent=
Request Chain 221
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dce65619190c37668092ddef79f32bb0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8341404090720412220&pt=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
Request Chain 222
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=c73bc7fd5dab62d13bdd256d862c13c4
Request Chain 223
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dce65619190c37668092ddef79f32bb0&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=dce65619190c37668092ddef79f32bb0&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84396632406889772972519171225428483348/gdpr=0
Request Chain 225
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=dce65619190c37668092ddef79f32bb0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZaJdA1gZTR9OyLaRGMGAJrAY&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1705139459998&ip=38.132.118.75&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213180604760056767518 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213180604760056767518 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=61498c48-4e69-460b-80d7-c4cc79995114&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaJdA1gZTR9OyLaRGMGAJrAY
Request Chain 226
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0
Request Chain 228
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-de34c3d2-a910-51e7-748b-9e12f0d5ce46$ip$38.132.118.75&gdpr=0&gdpr_consent=
Request Chain 229
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-RK4r2o1E2pzL_Kn2sLPsEE9DmHRcpxwQYwc-~A&gdpr=0
Request Chain 230
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553/gdpr=0
Request Chain 232
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaJdAgAOCfhUewAM/gdpr=0
Request Chain 237
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dce65619190c37668092ddef79f32bb0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7489826416846760829/gdpr=0
Request Chain 238
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=601771803 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8341404090720412220/gdpr=0/rand=601771803
Request Chain 240
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=85b52ede-b626-4e6f-9565-6bdfb3ee7cab&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b57be2e2-76be-42c7-b3f9-4ab75b444a2d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D5a8d7e8057b84595975d07f2a1e75283%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2110169371319360015 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5a8d7e8057b84595975d07f2a1e75283&tids=15000&med=10

240 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
berita.malasmikir.com/ 		196 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
052ae9d2c50c22ebc2f8d16d02d9d14a3f7f173604a36da787bda8cc6e6d372b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
49594
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:55 GMT
etag
W/"292f5b32f7c92d9e761ef5def87ceffbbb20448a62df4249e3636095187f65c9"
expires
Sat, 13 Jan 2024 09:50:55 GMT
last-modified
Fri, 12 Jan 2024 03:35:33 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V1BT1J2P46
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0033ef33767a1d8ec23518004f85d316420a73f53f221253e59cc68f76bd518b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93551
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jan 2024 09:50:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4660226870533130
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb762d74da03781f08108dddc96f306fa42216a72d46856ecf14ae72484aa723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Origin
https://berita.malasmikir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51395
x-xss-protection
0
server
cafe
etag
16224543315084109031
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4660226870533130&host=ca-host-pub-1556223355139109
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd284e5aef3077f07c4764a9bc2295c20525d042ed8557d488a78340986a0f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Origin
https://berita.malasmikir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51398
x-xss-protection
0
server
cafe
etag
2792844374379801720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:56 GMT
_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Y... 		0
0
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
68505
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
844cbce11b045d10-MIA
content-length
4547
platform.js
apis.google.com/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jan 2024 09:50:56 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21929
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"619578e938ea6244"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Origin
https://berita.malasmikir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:49:38 GMT
x-content-type-options
nosniff
age
378078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15736
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:49:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Origin
https://berita.malasmikir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 00:07:59 GMT
x-content-type-options
nosniff
age
553377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15816
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 00:07:59 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bae615765bbe1b97bc279603bfb25632190b8b3060073de8435b7b0ae9e6dff1

Request headers

Referer
Origin
https://berita.malasmikir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
application/font-woff
thetimer.js
cdn.jsdelivr.net/gh/Indzign/theme@master/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/Indzign/theme@master/thetimer.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb3346cbbe576f59c7ecda6deb6fb008bdeba1d437c4e9d0222609e5d5e9e218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jan 2024 09:50:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
8439
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
804
x-served-by
cache-fra-eddf8230044-FRA, cache-mia-kmia1760053-MIA
x-jsd-version-type
branch
etag
W/"714-/uQmcQrU/R+nmv/k+mNYQKESOFo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clipboard.min.js
min.gitcdn.link/repo/zenorocha/clipboard.js/master/dist/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://min.gitcdn.link/repo/zenorocha/clipboard.js/master/dist/clipboard.min.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
nanda.js
rawcdn.githack.com/nandakrisbianto/JAVASCRIPT/25beed5e849d52b81594e20032b0d6058a172d28/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rawcdn.githack.com/nandakrisbianto/JAVASCRIPT/25beed5e849d52b81594e20032b0d6058a172d28/nanda.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d71b160ce2fae5481ace1e456a0b76c46a17dbded771bec50d847e93e3947e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id
9f692fdcd3cb64655f6393a9a73fbd0608526594
date
Sat, 13 Jan 2024 09:50:56 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
MISS
x-cache-hits
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-hel1410023-HEL
server
cloudflare
x-github-request-id
E7AE:CD0A:8C5A75:92C82F:65670DC6
x-timer
S1701252551.761596,VS0,VE365
etag
W/"27fd9a4fccff00be190fbfdc88153d50587367c04a4cc83a27707c1363f72a75"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOkPsPf3vubOwQ7RCILtd18ZKnEcpl%2BTyAJlypqqxsdCESl0uARmrVlxVUrz4pB2xFfC%2BqrWQYotwmK9ApRqmrqyfHGqU%2FuNmjvGB69Rd08KGvbGANINX47MpYFugb0Cq12t6kV4vXd5%2FAx7rU%2Bgqro%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public, immutable
x-robots-tag
none
cf-ray
844cbce14b4b0321-MIA
expires
Thu, 28 Nov 2024 10:09:11 GMT
577263412-widgets.js
www.blogger.com/static/v1/widgets/ 		161 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/577263412-widgets.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::bf Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59320
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 20:06:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 12 Jan 2025 04:33:03 GMT
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4831236&@f16&@g1&@h1&@i1&@j1705139456208&@k0&@l1&@mPortal%20Berita&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:188753832&@b3:1705139456&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fberita.malasmikir.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.162 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns562109.ip-54-39-128.net
Software
/
Resource Hash
4ce84d5df487d816eeb7e1c4516f2b8b0b4ca84ddba291ea95ce5b640d76b94b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:48 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5d52efd3b18eb5074435bca41e2b98b5e8a57e8c159272729f13261d1c4777d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:25:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61100
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 19:25:32 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 02:05:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
27945
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 02:05:11 GMT
_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Y... 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Ydqr7OIPUIxQyc-vsTAeHCdwVHsJxR5oye0-3a6nbfIQ/w400-h400-c-rw/_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a96cf4b8c579f1e003d22c3cf1f8f174c899090ff4c256aaa0a18584c21e96f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v53a2"
vary
Origin
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_9fbc4d2e-6299-4e4f-b385-02c061cb6305.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59146
x-xss-protection
0
expires
Sun, 14 Jan 2024 09:50:57 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4660226870533130
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae378aa99aa5fb8761b7a52a1fbf3498df5c97996d53dd28a41211eef09cc1cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139347
x-xss-protection
0
server
cafe
etag
372054940766927357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:56 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 78A6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4660226870533130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
19073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:33:03 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 04:33:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-V1BT1J2P46&gtm=45je41a0v9173301316&_p=1705139456080&gcd=11l1l1l1l1&dma=0&cid=786477649.1705139456&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705139456&sct=1&seg=0&dl=https%3A%2F%2Fberita.malasmikir.com%2F&dt=Portal%20Berita&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=972
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V1BT1J2P46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://berita.malasmikir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 3D1E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=1128527085103836991&blogName=Portal+Berita&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://berita.malasmikir.com/search&blogLocale=in&v=2&homepageUrl=https://berita.malasmikir.com/&vt=-1821872448825327827&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::bf Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b47577bd1d698663718df653b5d1e83b2348876a6b00712229b0bd3be56f713
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2548
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4831236&@f16&@g1&@h1&@i1&@j1705139456208&@k0&@l1&@mPortal%20Berita&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:188753832&@b3:1705139456&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fberita.malasmikir.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15f72a08eabf154db79758333fafec5b1fcf5882ca81feb6ab183af41720926

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:56 GMT
x-t
0.225
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFvm5OtPfLk%2FcBk2%2F2dg0tssYHRfNw4bBJXXiW1EEdZrt%2FK1kPqqZAY5tSqbY%2BlOXmliCWW9PsOGnbWKa4MIjlD78UZBm7yzPCgRipRXzT79rrVYBUgSCqWeYMbKq%2B2%2F8CbxMGrKl40rZBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
844cbce499648d9a-MIA
expires
Sat, 13 Jan 2024 09:50:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E97D 		456 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&adk=1812271804&adf=3025194257&lmt=1705030533&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456379&bpp=3&bdt=324&idt=283&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4478998970680&frm=20&pv=2&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ed8bd646fe44a266432d0b89d31fcd2b215dd4b494466daba5826c6c9908f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
102283
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:57 GMT
expires
Sat, 13 Jan 2024 09:50:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9FF7 		113 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1564ef4d61d8b9c4d1cc03d4d38b371b763b99db39078ab0778aaa0f9571a3fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36116
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:57 GMT
expires
Sat, 13 Jan 2024 09:50:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 3D1E 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1128527085103836991&blogName=Portal+Berita&publishMode=PUBLISH_MODE_HOSTED&navbarType=DARK&layoutType=LAYOUTS&searchRoot=https://berita.malasmikir.com/search&blogLocale=in&v=2&homepageUrl=https://berita.malasmikir.com/&vt=-1821872448825327827&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.y0xCMa4KeeI.O%2Fd%3D1%2Frs%3DAHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jan 2024 09:50:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21939
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"a663cbedcf0f6556"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:56 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/ Frame 3D1E 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45646
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 18:39:08 GMT
/
t.dtscout.com/idg/ Frame 341F 		1 KB
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01705139456C410DAFC442A703E42
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b399f46166be533079dfc7bdc804b8406389d200f1fc496f63dec7558df0e4

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
844cbce98bfc8d9a-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:57 GMT
expires
Sat, 13 Jan 2024 09:50:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05CBc6dwsuSa9enUYcYq7T6mea4KqH%2B3dbl%2Bi%2BGk1eEeZ2gx055sT8U6MnmOrS6s6ndToB5NW1nsWMHqp8CMk1pWObaym1wNxDyKZ4iI%2FtE84IkY3l%2FhTJ9cwTvZBtLbyolMjgtbfcnMa6g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-70.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 13:23:20 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
73658
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
QOLQlDwHmKGTpPmrAumLyyhz5WeoJKUaVCFSBxjzxOnmiZ-yLS--1Q==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.20.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-20-113.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9f19d6b004fd9fc777089c02225b52b58739c814e367e3718824dfda08b9c9a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:57 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
76301
etag
W/"651ed18d-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
844cbce9aa4667b6-MIA
expires
Tue, 16 Jan 2024 09:50:57 GMT
/
t.dtscout.com/pv/ 		51 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=berita.malasmikir.com&_ss=4mj4xn0l25&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2zj3&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8156c8a39690b7bdc17fdee24b589e51faf985e18c760446c1965472200df7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
x-t
0.139
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFxL1Q089CoyCmSqmF4WLZEDwj5jFfGugaNLCtG5I9JivoagSfZA31kdl4bHL%2FroPd3SdgRiTH94wYPV0hqCl8AvRoOIxfXAGxsnC89v5MOtz%2FuCzpemQ%2BoVLk0we%2FLsXO3XZSCxiaIUtkY%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
844cbce649ff8d9a-MIA
expires
Sat, 13 Jan 2024 09:50:56 GMT
css
fonts.googleapis.com/ Frame 9FF7 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=id
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 09:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 09:50:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 09:50:57 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9FF7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14392
x-xss-protection
0
server
cafe
etag
5705098247650313184
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9FF7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:57 GMT
9480617544254355508
s0.2mdn.net/simgad/ Frame 9FF7 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9480617544254355508
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cebc16f49ea52df403175b4c8506adbd4ed0467c4fb285437a072feb183e776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 04:44:27 GMT
date
Sat, 13 Jan 2024 04:44:27 GMT
x-content-type-options
nosniff
age
18390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171406
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 12:01:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 9FF7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9FF7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9FF7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bad39e60525508719511aef0562589005a82994e049b7ccd8ff0d290ed12de30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56388
x-xss-protection
0
server
cafe
etag
1087312990456335855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:57 GMT
ca-pub-4660226870533130
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4660226870533130?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9631731687a8b0ec9ad2c4684b03fea65d05c29f0c22316ea70626069b1291af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0svtxMT8KlGG_9qJWceW9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0svtxMT8KlGG_9qJWceW9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&hl=id&pvc=4475351312536087
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		50 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-21.phl51.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront), 1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, PHL51-P1
x-amzn-requestid
2010d6e5-3a53-48c3-bff2-24838d0a0d7a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
ReN4VHszCYcET5w=
content-length
50
x-amz-cf-id
n5J5hmtgJQ3cFWPDJAld1Jefub7AKdzpC2abqGZpvzFw4nLtHL6jJg==
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.03384361468014596&stid=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Sat, 13 Jan 2024 10:50:58 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fberita.malasmikir.com%2F&event_source=dtscout&rnd=0.03384361468014596&exptid=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&fcmp=false
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.20.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-20-113.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:57 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1705139457675&dn=AFWU&iso=0&pu=https%3A%2F%2Fberita.malasmikir.com%2F&t=Portal%20Berita&chmob=0
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:57 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:05:51 GMT
content-encoding
gzip
via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
6308
x-amz-server-side-encryption
AES256
etag
W/"eb52f900499b46d1088df97dad487c73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
l4I8deWulZWRrhdR2VUFGHfqnCadlNB-8uHj5NyecOG-FEnjvZyZdQ==
/
t.dtscdn.com/widget/ 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01705139456C410DAFC442A703E42&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fberita.malasmikir.com%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fberita.malasmikir.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-t
0.93
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeUFcJXLt8d6v51i8TmIhEcBo4BzH5tlMqFSuS9IB4m0JBOb2yTHTGdW6SWMdssa4PoL1z8EurJCZ%2FqThavgEPxJ9408lpwhekY24PTo%2B%2F1dIb49SIYcABm6AqGqwVCBD4Yz4Onrqdx5zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
844cbcec9b7a4c2a-MIA
expires
Sat, 13 Jan 2024 07:30:56 GMT
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01705139456C410DAFC442A703E42
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=9a16f9ec0e01efa6
62 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=9a16f9ec0e01efa6
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 13 Jan 2024 09:50:58 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=9a16f9ec0e01efa6
content-length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6157 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:28:09 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:46:24 GMT
x-content-type-options
nosniff
age
273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jan 2025 09:46:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&lang=id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 08:14:55 GMT
x-content-type-options
nosniff
age
524162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 08:14:55 GMT
truncated
/ Frame 9FF7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7613690568b20639da8f8d3980b2dff42f53acc181ca3a0fe4bba1ae1776dc52

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 9FF7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CHUDGAF2iZb68LrPNrr4P6Y6O6ALrm7CfddL9jbWmEmQQASDx-6B2YMmGgIDco8QQoAGY_aG-A8gBBqgDAaoEgQJP0NUafYwvjqa_qwrzWz-0q0FSTDmeqp0ADvQHiliNSGWFVQB3DydTjMQ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xdc194653996cffc20000000000000000%22,%222%22:%220x1f2254dc9488c2af0000000000000000%22,%223%22:%220xa62c40...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xdc194653996cffc20000000000000000%22,%222%22:%220x1f2254dc9488c2af0000000000000000%22,%223%22:%220xa62c4030de89a5060000000000000000%22,%224%22:%220x50d915f6bda8963a0000000000000000%22,%225%22:%220x1dcefdd394aba66d0000000000000000%22},%22debug_key%22:%224533661072210793211%22,%22debug_reporting%22:true,%22destination%22:%22https://bitdefender.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22935886488%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227588986959436937201%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xdc194653996cffc20000000000000000","2":"0x1f2254dc9488c2af0000000000000000","3":"0xa62c4030de89a5060000000000000000","4":"0x50d915f6bda8963a0000000000000000","5":"0x1dcefdd394aba66d0000000000000000"},"debug_key":"4533661072210793211","debug_reporting":true,"destination":"https://bitdefender.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["935886488"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"7588986959436937201"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 13 Jan 2024 09:50:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 09:50:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xdc194653996cffc20000000000000000","2":"0x1f2254dc9488c2af0000000000000000","3":"0xa62c4030de89a5060000000000000000","4":"0x50d915f6bda8963a0000000000000000","5":"0x1dcefdd394aba66d0000000000000000"},"debug_key":"4533661072210793211","debug_reporting":true,"destination":"https://bitdefender.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["935886488"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"7588986959436937201"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9FF7 		42 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxPiuGsdzaVOrv_PGq3Mhl_BghbnkcwHfom1Pe6vS0knUObEXRyFRJGxY98JFc_dHlR5O269I_yh7boXjYbCIx7oXe3TMjEoeuRm6BaP_ARpwfVBy2leKv6N3XotunX0YLbC0Vge0YGCTipLNAhFuCMUL9DVgJjXxNIe2taAWgpCVqh-k&dbm_d=AKAmf-DrhvNF6ZMNYvTyoYxRfiTVokExRfCaB7e-ws3ua3Yv8yL56M4LLf77sclOXKMCaRQAu_kdgyEBupIV6WVMqnX-p5gjSqU081o9WSknhfELG-XFNJ7htEYqVah--N4jduu6eNK2AuTsc-u5JvYUg2w6kuAi0VgTWbzWKSAZXT4FdyYjgroXjWvd5x0_IkMjU9j1Jy-Xe60vHi6C7qo-7u4tPLLXW2iUyAlbuI5FMPVtJqz4tRvvylPA1sPZ8n0aiI5cofVw9gjUDLb_IkOBpsvRRTmXm9myLeoGJUDWE-SenQ0A_rcnZZcAWu37cXRPrlBtTkNadEchW7uL0InKBwTNz3AjtajKKw_ZAZ4aU5KVyWz7mjFVSCE6qe-Z7hfKX9_jJBahXEWZk8aAB5e5cOVITkOuZiJdupwUsSGcNV9C0NaDNIuD439NZnguxaHBlSqK80unsC8AY1AW5Mq3wmphS6_APZX84oVRQOMkbK8XwdFBccEnY-aF_sGxixSNcb8hXoaJSXlW2XX4GfUpvOF5GFic6tSku3cKJNpONqp0VsEnCGmkaX5BZigpdOiFJgLzyJ6wXGS5Le-_LoMz6AqX7ptC8S8V_8x5sZU1x1uaqZldZ2vDx4TFwT5l75zyoqv-C3l7uAWydXjcyk6MUzhzazro7jrbhrLipaEYyudDr8_QXAjwSkFK4tuFq20M2V6DJ339vbi0Vt5Q9YHIbRqReCpYG7QcEo7SAmKBa_AE9k70dq3HgNLqXneVoK9Dtzsct3rXBiD-ct9YySWvsqKop57twlh1JNwIPFQ3T5mLvLRO35HYRKVdv-V6sKyqUSB4-uyxMKuJyrCc6ylflDJVTc4PZFgrq9mwiiybdt1DiyajWC0Q19QTOgei_bLwOsPmKVM4N2wN44ptY53seajS0JiDnMbSVGYeYfw7612UFmcThXfWuWDvaFsx5cMIo1AsJIQ7coIWIydOwka6PLip4goCtqjgCCOEm6Q2MDhReVgnfb1IKD1tzInllR2T9Xc_1bzD2M7okYm_rdIjM1krfHZkTYJNpKRw3JKu3SJ0KtPPuhhXflbWC9y2EeGWThGaG8UdjXFbUkxxBacLOW-FsDFMobdQNimntuW5kcV63XD48e4Nz67y-A68jlukUZsBwM2Z_P3RSf1QndsjjvfI2rwnsV1kqjvpIsBX_isj_NhoZMBzIAMgLL0N0eLmV-7ZCDff611qzQv0Mx1GB0QWu-1QWE5wvq6QNNfG5Z7trIF7uF7cuCriVoBK5YSq7CqA80ecGXsTMVehBS0S_EgxM99qrw5zourQqTPpDd6X-hn71fOBO3iUbvK367AJgLoPNPU6QL_cvOBVh8izy4OyOkWTE66eKoIZXVgPo0CEqEO_LTlfWAC52yFfG1xuoTdwV48uSBFzPJkYgJ8q1v0tARJ7vzCN1561_hzxOY21Vcm7H9nVr5BWul3aNTSq1IPIzogyvJ9ErnXxnQAl8ek8et5IZftcMBEXrr5JBj2glqxhPXLB60ZHuU1u4wcGKV5fwHTrBZ4oNeUEoywrokJ4UtOBNqzaEIWE8eqGVI7-m7Xo56UTXGpUK5J_esXBnJ5YxTNtZ69i0WWemAdcD3HmWx5mWHkDON1-KY2OyB_opkniOak0NcYUhGZevPMvF_nRdpfAwF_iPI97DApcZ9vewdSokBvASqXtDkRsbyVv4dtynFRqQg1-_-hwjTehEp9YEyPk_2-cFtjDwi0E6zn67DARCynsJiJRLomGi5aDKMM86tzETGParI-HVyimWYmvemO-uPptoPKsUsJnrtDkvfvgR3w6FYw8see6DD_p35n9qYSPCV16pD0H6SXZu73EfWt-9zJQ2PAIYAsm_NLv7XAgY_i49f4ObseS90Ho3R0b9Af7mtrgCZIX_FlIP3I4Otyo2JeC08Zmkjz-dsqAQX7d6hEsM0f65zVnWXbXRXfHwCa7TzarcoolxU2IgPfOOCHzsWm0g4k6fKXAaTv617PrnYO8Hcy7aQLq91Zq3UJAwtPUso5HOYUk_f9x64Mu2BnmzY7e_HmjxHLeAI0RV6h11gn35WjWpnK_YhNlIiY4kJheEdSlPC6J7QFhVeGJse49Qo3j2mKJzS9FPivKO3venz-RrpoOGMkMdTA5SCyokv0RnUhbTtvRzKIWiCQyt1-_J5NuLrJCb308_1EhTkUz0yugv4k_oMiNxwZk6Umuyan9HMWOgZiZ9L_WhhgUDg270fqbFwgpPMUQykYQfkRUQOEKdQggMaIG-VV6HYq_4SzJFI2-vsBbUg03J0kEIuOKzg90dU-70367PxgBzUUNSe-qvEuE5uamwfHCW2rK8UrAEAXphsW5uEYNtDYNNfkIlpVjGj7sH1JOtEfXpmeE2ztmwIyXu-MR70JXEZvjMzb70PXkA-0_DnKhIXGpSe6sS-S7pLkiXjeP33MhgHVppJAcbM-KGyyLI0eeSpG9ItsYrrDmzSdQ4OJGh6Ve0T-cX6j5GEKuxmKEFgv2yf2gN1QscNmeuqgB0f0UTAnqE1C-dr2phui5OnXxPSDWYkQEg7nIOhzrwzLIwC31gvbKnEg7VToYhmAxTLFs4gVJgzBPhWmAhnCwwXaROQS2b1b741QqPTq2oAOGjFqJta7fTQMg3ydmRi0MDq7g0iiG2SrSN1odtRfi6sd-70Iq4TefwZa2pWyq0iQHUYNiZGCwP1FoywVB-LTX0vScKAuDpyqOeoXlTk_YAfPpjrePVm8O-z7Id4pBExThKHbWy1XALkziMvk90KF6gJYO8C_Ylr6zMGM9tF6er1mBH4hIP_KRNd-lLOnMZbHmbGxMMInFzmhtWXSOwwDF5g9JtXhhSCiPFsXRyntDUf7C2h275ZKjq66-j58hey8-PX_8bm7aHhkQWsLLlKv7Vr6fdiW1FTAaUPJunPmZTO4oXAOyXoxoZfptTWGuRaDfk-D1XzL_Xd9SIfkrD20X8xFkagZXXEQjqpuvbN8Bf0sumjrMlFFLvMzBCnTxylC5A-FWzIurNb5K4VokFwa50G_oGSXclFZEgZ1woev2WGLmyaBiPAHoh75jqR4lqgLzci1khv1wokjVkkmdL2XlQw2yLizuGPUe2ZmqI3wP6jZQXhTKBLmxCYMd8ba4xihVeJL6DcPRpeFZS6EC2hTCoqL-gTjb0WN8rXCVqtZ4E1A-OSFCa2-ApWy7Nj4Y_ADDOP7VxlmyXMcDIGCPo-5hTi8lvCXVdHgscX8IP5x_rdj8A_STN7jKvSSugog0fpjg9qQJfPe0-7Ya4nG1g2lQ7KXr3KLLYACbzp3l4igvmURYUgVuHvGvQ-EDdprdYUqGZSIiUjEyKCDvkQqPjOdjdemUTsm1RyF6qdCegfzVJP5DfgfdXF0kr9dQ-WTWV4r_sW4wTEt1-1KMqaQk3hLgYgwt_qauULBaDqC6Du1xljbJ2cq03LkBsA3zh1wC2sC5uIwluz3694KwruX24SJ5xpsp0XJ_4S--NmKO7vuF7Hmo8rFmz6umD9j4pxGyteaFifeAVMY8K0N1EuWYu9Xc8489J37nj1KMzqKyDe2Dpy9Cost7b1AA2PdJ6zECcm9l5bc7n7aV-qtyNHtp2U2Kh5UKNMSNYcxZ79sV8Zv4fHlXCGlVv_jW5HnwtQkJPaqE0EbNY0hWkA&cid=CAQSTgAvHhf_EB-yLsfXuO7M7rj6dMbHjY2nYtBgKeghLFxcXwjGne5H4F4Fv0nfQfFOptJoxRTUGwr_NGMvdg2itROFSpmrhWZqU-mOg5c1ohgB&dc_exteid=31454271173133226939434772720458181&dc_pubid=4&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C846 		123 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
656976881c4cb6fa4c047dfe83cf210da6e7e12f39f35e85c4bc89224342d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
43123
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1EBD 		114 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba1a0f032d8c1fcc691aeaabb103d6c04277aabf6e39036db711077e8a4a4343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46775
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 8CFC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:53:00 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 04:53:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame A0EE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:53:00 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 04:53:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame AD8F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
17878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 04:53:00 GMT
etag
9219409622527106327
expires
Sat, 27 Jan 2024 04:53:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXA7NFPX08pO174KqoHij2CZ-XvPoMBV75P3EVwJH9xa3v-ZdJAwU1zqxnhiyq2wEZEVUX0Zv5Hou_LfGhC1Y5eQV9vhA5jYMLx8wXtkXE7KpFDHjHui3wz_KPjvjvtuuEW2Q79
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXA7NFPX08pO174KqoHij2CZ-XvPoMBV75P3EVwJH9xa3v-ZdJAwU1zqxnhiyq2wEZEVUX0Zv5Hou_LfGhC1Y5eQV9vhA5jYMLx8wXtkXE7KpFDHjHui3wz_KPjvjvtuuEW2Q79?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTM5NDU4LDEzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2Jlcml0YS5tYWxhc21pa2lyLmNvbS8iLG51bGwsW1s4LCIxNW1McHpyd0xyQSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
beab9414e6c779e62bf27491edb682089315b7801c9a09f5b6b6de82c4affe0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ydvljhh7syZOZfzJBcy8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-8ydvljhh7syZOZfzJBcy8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xdc194653996cffc20000000000000000%22,%222%22:%220x1f2254dc9488c2af0000000000000000%22,%223%22:%220xa62c4030de89a5060000000000000000%22,%224%22:%220x50d915f6bda8963a0000000000000000%22,%225%22:%220x1dcefdd394aba66d0000000000000000%22},%22debug_key%22:%224533661072210793211%22,%22debug_reporting%22:true,%22destination%22:%22https://bitdefender.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22935886488%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227588986959436937201%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fberita.malasmikir.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
f086836661e656c0518bfa80052d445b6e7e252a25fd5fc3f5b6ad9f3651c270

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Sat, 13 Jan 2024 09:50:57 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1372
expires
Sat, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6157
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4660226870533130&output=html&h=381&slotname=3058573871&adk=571309994&adf=1943388494&pi=t.ma~as.3058573871&w=363&lmt=1705030533&rafmt=11&format=363x381&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139456382&bpp=2&bdt=327&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&cms=1&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:58 GMT
expires
Sat, 13 Jan 2024 09:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-125.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 eb0e559672da6f524cf68a461f930cc4.cloudfront.net (CloudFront)
date
Sat, 13 Jan 2024 09:23:27 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
1653
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
LXRMqq109SaFeQ60RRL28ZZGHwxThOkbi2FRq888Z_8TiyTcTy6-Zg==
css2
fonts.googleapis.com/ Frame 8CFC 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 09:33:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 09:50:58 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8CFC 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:06:01 GMT
x-content-type-options
nosniff
age
9897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 12 Jan 2025 07:06:01 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8CFC 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 08:37:47 GMT
x-content-type-options
nosniff
age
4391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 12 Jan 2025 08:37:47 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 8CFC 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
38690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:06:08 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 8CFC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
38907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:31 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame CC67 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 22:48:38 GMT
vary
Accept-Encoding
x-azure-ref
20240113T095058Z-8bmtxzyrbt6wvdpg0s3wav3mh000000000c00000000052yy
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4b40fbd4-e01e-00a9-6f69-45dfcb000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame CC67 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
5082238
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-mia-kmia1760042-MIA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1705139458.320155,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
17, 424180
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CC67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame CC67 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CC67 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame AD8F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
66112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 15:29:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame AD8F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame AD8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame AD8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AD8F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:58 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame AD8F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:31:32 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame AD8F 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR-Gn59Vb82qffO4ra5GM4Gx7uLrsnftj8r4urx2UXEWH6f2p9Im4XjlG5eRQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34fbacff888f89084d42f0780e0b96621f02e8af21b8e0749b6ad2a58b672880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:08:33 GMT
x-content-type-options
nosniff
age
261745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36659
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 04:44:19 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 09 Jan 2025 09:08:33 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame AD8F 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRnyXVmN2tERq-KKnc7JlFVXwtraYH_Z9q2fWAaw8Z4VTZoUczE9KGEGZLqMV0&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c41ce0277ce68964f21925e4632eba71b0a9fa97b88f152a591a9bf436c558e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 21:52:22 GMT
x-content-type-options
nosniff
age
43116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30429
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 11:04:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 11 Jan 2025 21:52:22 GMT
3930072584388511338
tpc.googlesyndication.com/simgad/ Frame AD8F
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6oPu_ugEQ0A8Y0A8yCA-_CPwnYKgR
  • https://tpc.googlesyndication.com/simgad/3930072584388511338
525 KB
525 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3930072584388511338
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe23086227ba198a03943f4474ea4ad3e2e50eb3ac722d7dee58bfac15e6d0ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 06:04:21 GMT
date
Wed, 10 Jan 2024 06:04:21 GMT
x-content-type-options
nosniff
age
272797
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
537452
x-xss-protection
0
last-modified
Mon, 15 May 2023 22:07:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Sat, 13 Jan 2024 06:12:34 GMT
x-content-type-options
nosniff
server
cafe
age
13104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3930072584388511338
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Feb 2024 06:12:34 GMT
t_.htm
t.sharethis.com/a/ Frame 49B5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.03384361468014596&stid=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Sat, 13 Jan 2024 09:50:58 GMT
Expires
Sat, 20 Jan 2024 09:50:58 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
27519
tags.bluekai.com/site/ Frame B8F9
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1705139458059.6
  • https://tags.bluekai.com/site/27519?id=212419328609237&ret=html&random=1705139458
71 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=212419328609237&ret=html&random=1705139458
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fberita.malasmikir.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
c4d2
content-length
71
content-type
text/html
date
Sat, 13 Jan 2024 09:50:58 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sat, 13 Jan 2024 09:50:58 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212419328609237&ret=html&random=1705139458
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
400000000040080C
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Financial+Services&us_privacy=&random=1705139458059.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Financial+Services&us_privacy=&random=1705139458059.1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&bid=1e2n4ou
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&bid=1e2n4ou
date
Sat, 13 Jan 2024 09:50:58 GMT
server
Kestrel
content-length
191
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2&expected_cookie=d82b8976-c013-4b9a-8563-7b68c9af7943
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2&expected_cookie=d82b8976-c013-4b9a-8563-7b68c9af7943
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: CBCA76D4C749444788912CC781AE5008 Ref B: MIAEDGE2720 Ref C: 2024-01-13T09:50:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO0Le2sJEjUYpUlORDmA==

Redirect headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2B8C7697686A467BA830C3F74DA6740C Ref B: MIAEDGE2720 Ref C: 2024-01-13T09:50:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15927&puuid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&_rand=1705139458059.2&expected_cookie=d82b8976-c013-4b9a-8563-7b68c9af7943
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO0Le1F0c/X8rKqpUTKA==
a8fea502-2214-4aa1-a26a-f7c85d245ec0
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&ts=1705139458059.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65a25d02789f510001ceccd6%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65a25d02789f510001ceccd6%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/8341404090720412220?ch=65a25d02789f510001ceccd6&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/a8fea502-2214-4aa1-a26a-f7c85d245ec0?ttd_puid=&gdpr=0&gdpr_consent=
0
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/ttd/a8fea502-2214-4aa1-a26a-f7c85d245ec0?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
44.217.35.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-35-132.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/a8fea502-2214-4aa1-a26a-f7c85d245ec0?ttd_puid=&gdpr=0&gdpr_consent=
date
Sat, 13 Jan 2024 09:50:58 GMT
server
Kestrel
content-length
229
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8fea502-2214-4aa1-a26a-f7c85d245ec0&ttd_puid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
34.231.201.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-201-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by
beacon-n033-ash-prod.krxd.net
date
Sat, 13 Jan 2024 09:50:59 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1705139459
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Sat, 13 Jan 2024 09:50:58 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a008-ash-prod.krxd.net
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1705139458059.5
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212440329895034
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212440329895034
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:57 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212440329895034
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGWiXQF7c8gKBBcUAg%3D%3D&us_privacy=&random=1705139458059.7&pu=https%3A%2F%2Fberita.malasmikir.com%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212418775954579&seg_code=33x&random=1705139458
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212418775954579%26seg_code%3D33x%26random%3D1705139458
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212418775954579%26seg_code%3D33x%26random%3D1705139458
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
68.67.160.137 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
7d59190c-30dd-4621-a11a-0c2e9a322e1c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
f78314d6-4698-4b71-9967-a8878f2b94a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212418775954579%26seg_code%3D33x%26random%3D1705139458
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.75; 38.132.118.75; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxWqTHG53UNW5iE5GSwTXuvKt3s_0XBidh2dTiOy6I_0in5TsfORzq9fSssb4Mp2XfYviU_E-rlrs1PhX9fkQ3ydNWH89Cu-T7bscUVOk_QZzCAnq7Iv74OVikxGrVx2wbw8Ez6W
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWqTHG53UNW5iE5GSwTXuvKt3s_0XBidh2dTiOy6I_0in5TsfORzq9fSssb4Mp2XfYviU_E-rlrs1PhX9fkQ3ydNWH89Cu-T7bscUVOk_QZzCAnq7Iv74OVikxGrVx2wbw8Ez6W?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTM5NDU4LDE4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYmVyaXRhLm1hbGFzbWlraXIuY29tLyIsbnVsbCxbWzgsIjE1bUxwenJ3THJBIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5acdf1295fe6afc7cf13db05c24c2cc1b280c9da476d21ce951f08df003ab59d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bE0H7kYoHWFYy2QlwSwGWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bE0H7kYoHWFYy2QlwSwGWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame A45B 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 06:19:51 GMT
e8b1d04b6e6f4e04515fcd99d0a161d6.js
www.gstatic.com/mysidia/ Frame A45B 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35079361d6c10065e29e5249e4263807091188fb35d41e25b68df9ca82a09009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 07:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64925
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 07:06:45 GMT
css
fonts.googleapis.com/ Frame A45B 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 09:33:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 09:50:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A45B 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
66112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 15:29:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A45B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A45B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A45B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A45B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:58 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame A45B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:31:32 GMT
truncated
/ Frame AD8F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd4ffb656c748825bde91c504d2577be4450811a8e2fca4a17e901619b2960cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame C846 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 09:27:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 09:50:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C846 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
66112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 15:29:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0900 		645 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A066 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jan 2024 04:36:07 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame A066 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
38917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:21 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A066 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
38917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A066 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
92854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 08:03:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A066 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8FB5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
61089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 16:52:49 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 16:52:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A066 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
l
www.google.com/ads/measurement/ Frame A066 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQy-UYX1FnaW_1w0Te1TVO18wPESIhBF1FnuJswxFD6VPVQ7fv3oaD-aMnyXsE3495seP4wUd3WwD2UrvCt643KYxga4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A066 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A066 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DbIEYJ9vXUPLSwDzUoKn3gjmxeOBXIxcYR-nAoL9UA7UZRHM3J0jlq8dGcGl1BZKPExKBOj2znGXepJPu2a2Q6HC7xBFkbEp1QCdYk5GFB9wsLnaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
www.bing.com/aes/ Frame CC67
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=85b52ede-b626-4e6f-9565-6bdfb3ee7cab&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b57be2e2-76be-42c7...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5a8d7e8057b84595975d07f2a1e75283&SNR=1&GV=2&med=10
0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5a8d7e8057b84595975d07f2a1e75283&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:1408:5400:8::170c:91a9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CAC32030D9D4766B713EFA195F2EFF5 Ref B: ASHEDGE1412 Ref C: 2024-01-13T09:50:58Z
x-cdn-traceid
0.a9112017.1705139458.150402d1
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 13 Jan 2024 09:50:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B61B08AEF50B46FFBCA69C6C3DCC8F0C Ref B: BLUEDGE1414 Ref C: 2024-01-13T09:50:58Z
x-cdn-traceid
0.a9112017.1705139458.15040238
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=5a8d7e8057b84595975d07f2a1e75283&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame CC67 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7765387502034_1USE1YMJTJLH5E0HF7&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:8::170c:91a9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0f3a9b3040486ca20ebf49f1ed10ed1ca0bda3e305611a20ab32047b753b3fcb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.a9112017.1705139458.15040237
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
9485
alt-svc
h3=":443"; ma=93600
rd_log
nym1-ib.adnxs.com/ Frame CC67 		0
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fberita.malasmikir.com&e=wqT_3QLyA-jyAQAAAwDWAAUBCIC6ia0GEI-0mYvP-7SkHRgAKjYJIaV-i3fzkD8R0FEngc-EkD8ZAAAAoHA98j8h0A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4iLwFgAEBigEDVVNEkgUG9AUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAh1odHRwczovL2Jlcml0YS5tYWxhc21pa2lyLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWAk7mQ6tCZpSXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX18CH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAABE8gAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHiLwF0gcNCQEiAQEBJgzaBwYIBQmg4AcA6gcCCADwB9yMyASKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=24e6bd58f216a32568db446b648654506f4c3823&bdref=https%3A%2F%2Fberita.malasmikir.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fberita.malasmikir.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-4660226870533130%26fa%3D4%26ifi%3D6%26uci%3Da!6%26btvi%3D3,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
c6a85f80-0839-4f55-b64a-60ca3ecff1b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5353712918768570603/ Frame C846 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5353712918768570603/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2544d907d888bef8afcfba20fec0d408beb701a52294db24f08b0eb6d9e3e3d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 09:36:08 GMT
date
Sat, 13 Jan 2024 09:36:08 GMT
x-content-type-options
nosniff
age
890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53739
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 06:44:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/17864715681561395944/ Frame C846 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17864715681561395944/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5076dc05d47658b596e8ab999c303956e204e0e6461830281f19111565e16d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2150
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 06:44:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 Jan 2025 09:50:58 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame C846 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C846 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 008C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
61089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 16:52:49 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 16:52:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C846 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 23:02:19 GMT
l
www.google.com/ads/measurement/ Frame C846 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk1_xkfHSDd8a7VyAotRdKZUTvzAMBcNHrFgv1P9YaGaDOaPefJqNJAI0dC-8keySmERVlN-0eB993xLSEF1a06mjqqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C846 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jan 2024 09:50:58 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame C846 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 12 Apr 2024 04:31:32 GMT
t_.js
t.sharethis.com/1.1268.23380/a/US/ Frame 8D30 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Sat, 20 Jan 2024 09:50:58 GMT
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
fadd659d902be546becefeb90ff5ac7c495271e8fff628433dd70115b76533bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://berita.malasmikir.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://berita.malasmikir.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 0900
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&gdpr=0
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGPjNcZdBWVLtKp91kjGN8Vm46eH4%2FC4u1ldxxBcf1rB65SUWk2OoACQ4w8SOIxFIyc79%2BXolmjSWXclWr8FM%2BSLuXb3obG8KH2Sg3gh3HieNISXshOWBivSJKY0ILiuuK8Dlth1rz1Isw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844cbcf10d1adaa9-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0900
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaJdAm24S.X-rISts-JYRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUw2Gtq7eAOq6r%2BLuO1DkrmrrGulcRfpIS%2FuwXCoci48E5N4iK4a8XlWkKEhNB66SakU0LZyomuo1BzDZgnhYMURaNvbqT2T%2FwyLSxHizGtbWHHlS1uaxSPUrRgqDTcRopnUg0sJXYvQcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844cbcf18d5edaa9-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECzuf-YYth7_q14kaMWkGr4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0900
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEiSAFLTDPf-VVXZL2LV3Lw&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEiSAFLTDPf-VVXZL2LV3Lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Protocol
H2
Server
68.67.160.137 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
c732ce2f-cd39-41bf-9941-addac334589a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.75; 38.132.118.75; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEiSAFLTDPf-VVXZL2LV3Lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0900
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MTQwNDA5MDcyMDQxMjIyMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MTQwNDA5MDcyMDQxMjIyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBDVvrSSAhiSttaCAjAB&v=APEucNXrPK1i1bsanDshpUlAd8R_HPb4OEbPMcTlHT16mpFTIhjFRh_1bMbbyNa1zDzFro7QSPY37Qc5Ogc-9TlZpDE9CkTH0Hf3VZVmsxtvSx_rt-PmeB4
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
0a154b73-cf54-469d-a52a-135aededde7e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MTQwNDA5MDcyMDQxMjIyMA%3D%3D
x-proxy-origin
38.132.118.75; 38.132.118.75; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csi
csi.gstatic.com/ Frame A45B 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrbw0anr&c=8313234092077&slotId=4156617046038.5&qqid=CIfE87yL2oMDFTajywEdQ84CHA&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hq1.jpg
i1.ytimg.com/vi/ITZO-z708bM/ Frame A45B 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/ITZO-z708bM/hq1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d118b58cd27580b8feab695ee9967d348d0a5b71d43261e133c4668f603fedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:26:49 GMT
x-content-type-options
nosniff
age
1449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12675
x-xss-protection
0
server
sffe
etag
"1684193039"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jan 2024 11:26:49 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame AD8F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cx_HdAF2iZYrELrbGrr4Pw5yL4AHgt8yQdZqm94KEEWQQASDx-6B2YMmGgIDco8QQoAH96Ke0AcgBCagDAcgDywSqBOIBT9AngwVxcyPq91p75MGObaexKrCpBvemHwU0aFOrxLdiKspU_NA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc48fe8bf124a431e0000000000000000%22,%222%22:%220x2e839f9ab4f0523c0000000000000000%22,%223%22:%220x3f5328...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc48fe8bf124a431e0000000000000000%22,%222%22:%220x2e839f9ab4f0523c0000000000000000%22,%223%22:%220x3f5328aa8175f13e0000000000000000%22,%224%22:%220xf3992ca7b7f0c5250000000000000000%22,%225%22:%220x4acd7dbfd863c9fa0000000000000000%22},%22debug_key%22:%2212070420668768604209%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeshowbooth.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22378139773%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226447229529024990225%22}&andc=true
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc48fe8bf124a431e0000000000000000","2":"0x2e839f9ab4f0523c0000000000000000","3":"0x3f5328aa8175f13e0000000000000000","4":"0xf3992ca7b7f0c5250000000000000000","5":"0x4acd7dbfd863c9fa0000000000000000"},"debug_key":"12070420668768604209","debug_reporting":true,"destination":"https://tradeshowbooth.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["378139773"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"6447229529024990225"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 13 Jan 2024 09:50:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc48fe8bf124a431e0000000000000000","2":"0x2e839f9ab4f0523c0000000000000000","3":"0x3f5328aa8175f13e0000000000000000","4":"0xf3992ca7b7f0c5250000000000000000","5":"0x4acd7dbfd863c9fa0000000000000000"},"debug_key":"12070420668768604209","debug_reporting":true,"destination":"https://tradeshowbooth.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["378139773"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"6447229529024990225"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame A066 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aadaad2cbc1904269f5bd65ad8f5a78ea6b7da4dc7ef5b12f120f1870d0c2f42

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
videoplayback
rr5---sn-q4fl6n6y.googlevideo.com/ Frame A45B 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-q4fl6n6y.googlevideo.com/videoplayback?expire=1705168257&ei=AV2iZaDrBJjixtYPv5-7qA0&ip=2001:550:1d05:1::3&id=21364efb3ef4f1b3&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=lI&mm=31&mn=sn-q4fl6n6y&ms=au&mv=u&mvi=5&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=51.083&lmt=1704154028985519&mt=1705138254&cpn=YdSuF2-1O-hgQWG-&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIgH69okxVU2e-0a9ulpgjdcKlXK1f83XJKwcSmITwY8VYCIQDha-FtxGbNGGFz2FrBha5OQ7MkK8FU1-mKmOz5bohx3A==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgO9y7o5sPNG4EKua8omaNn2GTcQGlgo-SHlGard2BvU8CIQCn-FZEfBhkR-VbIbVGhX-vIU2gPk_A8YRXc9CYFUsIFg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:1a::a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f29e2d3a85889489ab2798ae5cb66feaec2e78384da28fbcbc11cacf5b8d8fdd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Jan 2024 00:07:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2246270/2246271
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2246271
Expires
Sat, 13 Jan 2024 09:50:58 GMT
dpixel
cms.quantserve.com/ Frame 8FB5 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGkwPRXLm4guw2v3Kl6msGk&google_cver=1&google_push=AXcoOmR3Aa1and0JA4WcHtEj8BYlRxKbM33eFpgDULUDSjl5hgN8ZKdImnEjuUDemkb6m0Qj7hHtl1pNcdYWFt6SmG0jrFLrFiAlKg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.69.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FB5
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_cver=1&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7o...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7517f1ee7e18070e&is_secure=true&networkId=14000&version=1&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_cver=1&google_push=AXcoOmQtc9pm...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABx9blWHF2MwMlDyBqAAAAAAA&expiration=1705225859&google_cver=1&is_secure=true&google_gid=CAESEAmv2ITouTBiX-c6T5tlJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABx9blWHF2MwMlDyBqAAAAAAA&expiration=1705225859&google_cver=1&is_secure=true&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7oS9cybDfsZK0LYXVixTQNjINr3Ab9CA3q__p4IkufBkMhxaig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABx9blWHF2MwMlDyBqAAAAAAA&expiration=1705225859&google_cver=1&is_secure=true&google_gid=CAESEAmv2ITouTBiX-c6T5tlJAc&google_push=AXcoOmQtc9pmjpIWByGqRx5Cjjgj6_7Y87MJI-K23SMF3nHPAN_PX7oS9cybDfsZK0LYXVixTQNjINr3Ab9CA3q__p4IkufBkMhxaig
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 8FB5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJt...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_m...
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844cbcf21f247496-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
199
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6CB8fBovD3338pvC1FodV-Np0USOEwatc_7eXZ_Vh3ERN4oZ3OrvL7wLgCt3EOU3YUxHVrR_DbWzO5aUcLAGJoD2KL_mJtBs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844cbcf17e2d7496-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FB5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEhy0JOVG9fFLekJ6QDrjf4&google_push=AXcoOmQdQlxIgSpCbUJLTMiUjXg-YCjErTzIvOjt63Op-14OffjRib-IX7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEhy0JOVG9fFLekJ6QDrjf4&google_push=AXcoOmQdQlxIgSpCbUJLTMiUjXg-YCjErTzIvOjt63Op-14OffjRib-IX7KpDC4LIm-NFCYcKeAU3rDDg1OVsVpFFDC0sCqXzvfMs-s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760095-MIA
pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705139459.785984,VS0,VE26
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEhy0JOVG9fFLekJ6QDrjf4&google_push=AXcoOmQdQlxIgSpCbUJLTMiUjXg-YCjErTzIvOjt63Op-14OffjRib-IX7KpDC4LIm-NFCYcKeAU3rDDg1OVsVpFFDC0sCqXzvfMs-s
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8FB5
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEKebmFep0IQVXUB8rSoL5fE&google_cver=1&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW3sreSRMzz9eAxWE04ds-E5geDI
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW3sreSRMzz9eAxWE04ds-E5geDI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 03098A31F1814E79804CBD15CD94D124 Ref B: MIAEDGE2720 Ref C: 2024-01-13T09:50:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRQfbisFoBmpZNN30NX1-PtesdgXRkexH8-8_rzHt0ESfGUhGIRSCgaiN5DGAw9CoFIJpuDW3sreSRMzz9eAxWE04ds-E5geDI
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO0Le7FvNaFWrstCBI3A==
pixel
cm.g.doubleclick.net/ Frame 8FB5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFpT72SdztXq9nvyaGDhNr0&google_cver=1&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254gW5Maw-c&google_hm=eS1TQTBGaEJaRTJwRkU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254gW5Maw-c&google_hm=eS1TQTBGaEJaRTJwRkU4dkZTLkltcnZheTB1M0pIMExzNX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Jan 2024 09:50:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQuSThf8Te4Sk6LYwJYRjXrlLTbszbYbm0ZXbWAobIlWdUTLLuiHArPEjN-AwcpYKyCNyX57wpgjm64lc0QEGS8254gW5Maw-c&google_hm=eS1TQTBGaEJaRTJwRkU4dkZTLkltcnZheTB1M0pIMExzNX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8FB5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECOmKizN1DgLbZiPvjjVfeY&google_cver=1&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGP...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGPcroTL0TOAF69-ow_n_Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGPcroTL0TOAF69-ow_n_Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTqgFu_pWCrOOE8AxFPXLvEXroijVzHf-H0s7aabiJfb2C2jt1lKF6W4DuV8kD9anrzZxQqOjZuqPGPcroTL0TOAF69-ow_n_Y
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 8FB5 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCxFiI7C95Uwtss_FEIdI2ac3WC7aoIwdE32DjBg9lDwzh37-Z2gbQLZM4qviIhAW_deuu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=90&adk=3257170724&adf=3938051992&pi=t.aa~a.3481638309~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x90&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=1&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381%2C1200x280&nras=3&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3DF1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
64668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:53:10 GMT
expires
Sat, 11 Jan 2025 15:53:10 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame F376 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
133193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:51:05 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc48fe8bf124a431e0000000000000000%22,%222%22:%220x2e839f9ab4f0523c0000000000000000%22,%223%22:%220x3f5328aa8175f13e0000000000000000%22,%224%22:%220xf3992ca7b7f0c5250000000000000000%22,%225%22:%220x4acd7dbfd863c9fa0000000000000000%22},%22debug_key%22:%2212070420668768604209%22,%22debug_reporting%22:true,%22destination%22:%22https://tradeshowbooth.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22378139773%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226447229529024990225%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 008C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTN2VDFVekwxUm9BRms1&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTN2VDFVekwxUm9BRms1&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2vhbPNM2t9G-bWu0VtpBRWYVFoXBoG6XozzNJh3MQIx08wFzhxge3rlOo
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 09:50:58 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-05b3ea47525d3d3fb@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTN2VDFVekwxUm9BRms1&google_gid=CAESEHO6Qrf-M7Tpoz_bV2J3Rmo&google_cver=1&google_push=AXcoOmRRK0Fvbo3oMxBpWAD70yJbMVQzyhc6qtx3k4TCGz2vhbPNM2t9G-bWu0VtpBRWYVFoXBoG6XozzNJh3MQIx08wFzhxge3rlOo
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 008C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYW...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9S...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844cbcf21f217496-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
363
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDHr94IC9RyRQszOnpqQI4I&google_cver=1&google_push=AXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvKRNpPxAxZ5UlBKMfWnuznXK7FKSpD8X5PSIVza7YoEaXYD7pwfQ9KUut5_UUm4eKHwV4o4oKZgCEsB5rYtE8gQKRC9SYWNM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844cbcf17e317496-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 008C
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDRkZTI4NTktZmYyZS00OWM5LWE0NzAtYzMxNzUwY2QwMGYx&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=1&google_push=AXcoOmTL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDRkZTI4NTktZmYyZS00OWM5LWE0NzAtYzMxNzUwY2QwMGYx&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=1&google_push=AXcoOmTLTpqwyeMKf4pbhXUfvS5Y4Y_tfbQz4_i6Cr1F1q66JrUpbk6SUBGRVxO43a9l1TPpUZoZ7J2K0TC6ILQh0-U8jXEYjpuuWpI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MDRkZTI4NTktZmYyZS00OWM5LWE0NzAtYzMxNzUwY2QwMGYx&google_gid=CAESEDsa8tpvHmdLPTMpR0S-J8Q&google_cver=1&google_push=AXcoOmTLTpqwyeMKf4pbhXUfvS5Y4Y_tfbQz4_i6Cr1F1q66JrUpbk6SUBGRVxO43a9l1TPpUZoZ7J2K0TC6ILQh0-U8jXEYjpuuWpI
date
Sat, 13 Jan 2024 09:50:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 008C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEDsxWKKkFtuTcP73NIRp7ns&google_cver=1&google_push=AXcoOmTlOt_6rPNRM-AJ1uNKtGpS_sgtk7Hqzms0vypTYc_CVbNR_OS6JXqEQp1xaxPWzS8RyuaQLVwcl2naZhAoQ7eS04dtv...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876337618462&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876337618462&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876337618462&us_privacy=1---
Content-Length
0
spacer.gif
an.yandex.ru/resource/ Frame 008C
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEEMaYCu__10xwbLc_t9V8KA?ext-param=AXcoOmTSrM5X4gmHNSAWzsdiGm_4TtF2ZvocSpiYdKnERq4FaGnzQZzTSlmayGJ1f8MdlQU6UxdNTCrW8JtMxdzMo2oGY7iT-rLpvBaY&partner-tag=yandex_...
  • https://an.yandex.ru/mapuid/google/CAESEEMaYCu__10xwbLc_t9V8KA?redir-setuniq=1&ext-param=AXcoOmTSrM5X4gmHNSAWzsdiGm_4TtF2ZvocSpiYdKnERq4FaGnzQZzTSlmayGJ1f8MdlQU6UxdNTCrW8JtMxdzMo2oGY7iT-rLpvBaY&par...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEMaYCu__10xwbLc_t9V8KA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 28 Dec 2024 09:50:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 008C
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKlk7jSn1IJsRK2atXOLc7g&google_cver=1&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEKlk7jSn1IJsRK2atXOLc7g&google_cver=1&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTdhMjVlZDM1OTc1OWRjMg&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTdhMjVlZDM1OTc1OWRjMg&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2OfoHzw3ut
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NTdhMjVlZDM1OTc1OWRjMg&google_push=AXcoOmQTyrRHTT1LE-2V6aFttE_Q8XylF_2qt2BrhdlgIh89qqwyU-k41n-RUNA4ihjj4J8tr2o7YJqNroktni_m2ijYqY2OfoHzw3ut
date
Sat, 13 Jan 2024 09:50:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
pixel
cm.g.doubleclick.net/ Frame 008C
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEDwyyJBiOXw-dKFw-T0KiiA&google_cver=1&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpR...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpRnMmiqltvyQ&google_hm=acc8ce736c3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpRnMmiqltvyQ&google_hm=acc8ce736c3d772021s6km00lrbw0ayb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 13 Jan 2024 09:50:58 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQrp0J435_bFwhJY9FYTHYJRH-rp7qNoAVoEHqqATdAhPpk7opVHWPDS_mvK8rGxmC_nX8fG8iXLLuTKT7g5gFpRnMmiqltvyQ&google_hm=acc8ce736c3d772021s6km00lrbw0ayb
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
attr
cm.g.doubleclick.net/pixel/ Frame 008C 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2jTPN5vj9UJuiQ4CWGNdDkeWzRdE2HEX01z_nsrbmHFXOZJEFJ-VZQxc8c1W2mSwRDk5JZKop
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
test_oracle
pd.sharethis.com/pd/ Frame 12EC 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.20.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-20-113.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0bd5a31123ebb6af97d5928b9da832ce4c89fcab553af8097e9b3d5c631383e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 8D30
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&gdpr=0&gdpr_consent=
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Server
18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-4-103.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAACWWiXQEAAAAIN/uHAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&gdpr=0&gdpr_consent=
date
Sat, 13 Jan 2024 09:50:58 GMT
server
Kestrel
content-length
215
db_sync
px.ads.linkedin.com/ Frame 8D30
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&rand=02573127
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&rand=02573127
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 53D7BAC2BC6C4D56BFB1CA9E7E97D5AE Ref B: MIAEDGE2720 Ref C: 2024-01-13T09:50:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYO0Le/fvTchX0qu2FPTQ==

Redirect headers

date
Sat, 13 Jan 2024 09:50:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4596498b9a3af9e4806db87f43af9a2c520f0877f1cd6f7c284c87f21c18c261791426b5417dce21&rand=02573127
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
eyeota
sync.sharethis.com/ Frame 8D30
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2QqrZOGK9uOcdnwhI9EU57ZAxgwfQ2-5HKQi4Ehgm2QM&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2QqrZOGK9uOcdnwhI9EU57ZAxgwfQ2-5HKQi4Ehgm2QM&gdpr=0&gdpr_consent=
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Server
18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-4-103.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAACWWiXQEAAAAIN/uHAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2QqrZOGK9uOcdnwhI9EU57ZAxgwfQ2-5HKQi4Ehgm2QM&gdpr=0&gdpr_consent=
Date
Sat, 13 Jan 2024 09:50:58 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 8D30
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641319728665329722
  • https://ml314.com/csync.ashx?fp=621260a89c3ab292cba52846bd5bf783722764847bf48f1253e5bf9e5243d08cf4cb09cee1a4f8eb&person_id=3641319728665329722&eid=50082
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=621260a89c3ab292cba52846bd5bf783722764847bf48f1253e5bf9e5243d08cf4cb09cee1a4f8eb&person_id=3641319728665329722&eid=50082
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 14 Jan 2024 09:50:59 GMT
date
Sat, 13 Jan 2024 09:50:59 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Sat, 13 Jan 2024 09:50:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=621260a89c3ab292cba52846bd5bf783722764847bf48f1253e5bf9e5243d08cf4cb09cee1a4f8eb&person_id=3641319728665329722&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 8D30
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=BFtDnzZe99Y6%2BSJk&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=BFtDnzZe99Y6%2BSJk&BK_SWAP_DEST=5957
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
HTTP/1.1
Server
18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-4-103.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:50:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZGAACWWiXQEAAAAIN/uHAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=BFtDnzZe99Y6%2BSJk&BK_SWAP_DEST=5957
date
Sat, 13 Jan 2024 09:50:58 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
index.html
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2c8d2eef4661887496f8a78471dc83917b2f4d25e550543bb5a3876d7e896e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
16973
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8522
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 05:08:05 GMT
expires
Sun, 12 Jan 2025 05:08:05 GMT
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame A066 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstM_WpfvM19KR_s9Jrl9u8nUSUM2OgsmEEHVp3c9Cd-lejXK498jrK0X4IO8rufLmEE9ySJBARzvsROK0BMH6QsDgpDRgixMWQ_9yUpujy9qKcv4pRdEqiBHsBsm4EL6LTS8Ce77Fg2jYVuBPJcX5wbuN5q57Q1jvVFN56pEv_GsQhVVsIvFQS51v9UTiSMqKNUy-o8Qm31l8WHMFu4ZWAWxS09CFfjvCNnGjVjSTNvgesh0ViA8ADWBeKNZpMcbVgQErHl8cKu7c7wgjkIftWGvFhMKlnet-YI9icn6Xf0O93zVjzZ-iwCk1A3-u_pZ6fUWFNJLGMf_T2nMWLlSsLY4SChQaCMs0UPc9_Xb3_hasCFKMMUrmILog2Tb0cW_pzGAIGvV4HmH-03aH5LKE-I1l8AR2ty_rWazuWrazu-CGkwMhSqxdT2Rc3uu7ON_rsmg6xQeZcQNKlujjTli0SoFPHZyLMfUAYSlaTvqDNbUKuI50l1LQrKt6eYmE99aprHG2S0j4CI0gP9lw1aN11buzyoqBsT1oWuZKeGXcO-UAfV5faP-C8Rqh8Gw4iTgh87rC5T57mFdK4vNvOewErNqMzDBC7nmlXjp9x90fVFqr8QWf0Ii6QwXvuadrwGGmwBEjnDFMBt8Oyt0ZoWFVZDVdHiVjCv81sq4-iW6ieGif5z0uyKKTIFKuabkxeq5t_npE91LM0fYaeOUQvd-k-8Tx1fJWsr3Eocxw3s5-hfhoUfyOiYGidqBW3S-Ml1IhGOimPQVpRipc7YmaYGsGLiB1FnpVZJhfKn-IXfn5eq3bk_BmyfIW6dHw_fGO0fJkbPom6UstKW3woS6LbzQPOHU8qTCf3D3PryeAOtIiRagsvf5x5DLj_l90l14g3mwf5PIfYAzMrqrTwuNnreZoP633KeUxWFeeaL6JZ-3_oSROf06sV2TcXEfmmb1SHalVIHYZsc3-PGLaEa1_bNEjiCEc_Gf4oU2VwAeFyKHbudoaJaiXJdb7K7poIDE5PIGorscL2MAnrZRgYPTcwYvQgvJO_L-hG9htve0u44BwOOVLEXNsInfpRa6sFvbTJnZ_Gln7GdhRAFwpCGQGefljB_mqPmfFzJ6TVdTb1gj87CriPwun5hFsyAx73-zH3PfhrdskFHSu3ilRdiTwtAwY_PQNb1Q9KBqYDsbnnK3UvQn9HfXMRL8oIAylv3ye3XF3jnjtMtFLXjVMgqr1YmZmKxaD92pTMHfcUXaRyi923dcqTF0Rukd7jywiroggeYJwoh19w39NHUh_Hm5vLYXowzcbDaqEln4tM2bwMpuZ4D3_my9IsOOUlG0KgbA6sqT6nI1c_aOWzm9qA0v5ttqTfWdpnoqe-0KbnwRosgoUh5zNJnttnMC1yE7rp481sZ0v-5n88jhCCZ4hW2ySbWYKZ9&sai=AMfl-YQsrQsgmh1nZC95rHf7yTSLzZIpmDr94eEINY2fNH9RVrfORKTxw0BybrPUT4NADUUyeDlx49thS7Xo7xSrU59Ihr4lnXevvuWgk45tS8EDYnoCenRXkowo-BTeet21h2sCAEy0KvJguuypSGd-iJfbWGOxKYdGL_dSNTlwBbLNq4WQs2PX01dQZD8nDRfAowjpZzYOlq3xZW3nhJkEw6x_peL_qGu_7Ht9_T1oD2m8VtljBlcCDFIE7vA0F69odVzjYpFtrrPk_3nqnzUKMVljwhwCCiXTj900VVlQ63UXlxDPJJ-AkG72R8TNJVEjZZmwpF_em5VjjF9dNRHIspuKUB1cc5vlApv_4M-DH_5SX4QO5QZpuwWySZp7tIw2zxfzsODxFnu28FONASErrm1meHAeo-2JMlexLxHYUCutcoMrKSY&sig=Cg0ArKJSzEtYvaPB_IG-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=402&cbvp=1&cstd=399&cisv=r20240109.16315&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 09:50:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame C846 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba543c432144fc27414e31f455cb9e5441dcd7acb89df63d9b2d6d8f25f3f777

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame CC67 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fberita.malasmikir.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCIC6ia0GEI-0mYvP-7SkHRgAKjYJIaV-i3fzkD8R0FEngc-EkD8ZAAAAoHA98j8h0A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4iLwFgAEBigEDVVNEkgUG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHWh0dHBzOi8vYmVyaXRhLm1hbGFzbWlraXIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEz8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjU3YmUyZTItNzZiZS00MmM3LWIzZjktNGFiNzViNDQ0YTJkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDghiNTeGcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTEwMTY5MzcxMzE5MzYwMDE1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYCTuZDq0JmlJcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfXwIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4i8BdIHDQkuJgAM2gcGCAkvqAcA6gcCCADwB9yMyASKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=5d7eb99f3d355fba4e87828a6ecadab77b34c5b9&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=4013444381076259857&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:58 GMT
an-x-request-uuid
9df90e60-043a-4e05-ab3c-e7dac39f4e92
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C846 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:49:27 GMT
x-content-type-options
nosniff
age
378091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:49:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C846 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 08:14:55 GMT
x-content-type-options
nosniff
age
524163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jan 2025 08:14:55 GMT
easepack_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AFEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0048f10d1c0b4b5fb308afaccdd5999478646b661c4de7a26acea24a63ace0e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1357
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 09:50:59 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AFEF 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jan 2024 09:50:59 GMT
JPG_Image1.jpg
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/JPG_Image1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2ce8d1386d0fd6f8f21e77bd34d61cbf6c677d17f0574c1dc3be9992ae88405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 05:08:05 GMT
date
Sat, 13 Jan 2024 05:08:05 GMT
x-content-type-options
nosniff
age
16974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5976
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_ImageMask.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		281 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_ImageMask.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93256308d289a88dd41a0c3a9cf249365c2169392b2be3deaeb78b4fccdf1a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 04:31:34 GMT
date
Sat, 13 Jan 2024 04:31:34 GMT
x-content-type-options
nosniff
age
19165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_Logo.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_Logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f5e79971b6346c5b544bdab97888d29b2f9b100a0f2dc1b417abe2f7107a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 05:08:05 GMT
date
Sat, 13 Jan 2024 05:08:05 GMT
x-content-type-options
nosniff
age
16974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2259
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_Line1.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		517 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_Line1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
645ddd94c4e95c3339f2200f4eb72b25cc97d53e1dca235bdefbee3f9acc70be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 08:54:21 GMT
date
Sat, 13 Jan 2024 08:54:21 GMT
x-content-type-options
nosniff
age
3398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
517
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_Text1.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_Text1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f47ad7ad306abd1c99733432736f35a4672f57d520a9d9a2d49281f215c3185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 04:31:34 GMT
date
Sat, 13 Jan 2024 04:31:34 GMT
x-content-type-options
nosniff
age
19165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5916
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_CTA.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_CTA.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3679b021b653e6a41ae69527727029545fd1ae35cafebc017037da436c4c4baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 05:08:05 GMT
date
Sat, 13 Jan 2024 05:08:05 GMT
x-content-type-options
nosniff
age
16974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1428
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PNG_CTAOver.png
s0.2mdn.net/sadbundle/14236680943095340358/ Frame AFEF 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14236680943095340358/PNG_CTAOver.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::95 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f8666739db0e909e56163e7c1457560f0212f53a1f40dbcf83cf7d228c35d32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14236680943095340358/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 12 Jan 2025 05:08:05 GMT
date
Sat, 13 Jan 2024 05:08:05 GMT
x-content-type-options
nosniff
age
16974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1427
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 19:01:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame CC67 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfde64d89576c8fbb4888b641897afe4eb839313d5d2cac6ef023dd7b67e37f7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 3DF1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 03:25:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
23117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 03:25:42 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame C846
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiTjWAl2iZcrZAo-Hrr4P-MKj8AvA9Me7ZanOy7mUEeDkoMLlARABIPH7oHZgyYaAgNyjxBCgAaHz2rkCyAEJqAMByAPLBKoE8AFP0Et9--5luPTRVcxSE43eerDhheiFrG9QIbaOBzrQb_Z...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85a5e0aa74ceecbb0000000000000000%22,%222%22:%220x20799e213fab22a20000000000000000%22,%223%22:%220x8b7443...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85a5e0aa74ceecbb0000000000000000%22,%222%22:%220x20799e213fab22a20000000000000000%22,%223%22:%220x8b7443718bc31a70000000000000000%22,%224%22:%220x31b3b09a289208a70000000000000000%22,%225%22:%220x93395971fecafcbd0000000000000000%22},%22debug_key%22:%2215182543620737230157%22,%22debug_reporting%22:true,%22destination%22:%22https://eventrhythm.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22657897889%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216383646926870838865%22}&andc=true
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x85a5e0aa74ceecbb0000000000000000","2":"0x20799e213fab22a20000000000000000","3":"0x8b7443718bc31a70000000000000000","4":"0x31b3b09a289208a70000000000000000","5":"0x93395971fecafcbd0000000000000000"},"debug_key":"15182543620737230157","debug_reporting":true,"destination":"https://eventrhythm.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["657897889"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"16383646926870838865"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 13 Jan 2024 09:50:59 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x85a5e0aa74ceecbb0000000000000000","2":"0x20799e213fab22a20000000000000000","3":"0x8b7443718bc31a70000000000000000","4":"0x31b3b09a289208a70000000000000000","5":"0x93395971fecafcbd0000000000000000"},"debug_key":"15182543620737230157","debug_reporting":true,"destination":"https://eventrhythm.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["657897889"],"22":["true"],"4":["01-13"],"6":["true"]},"priority":"500","source_event_id":"16383646926870838865"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bk-coretag.js
tags.bkrtx.com/js/ Frame 12EC 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.194.26 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-194-26.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sat, 13 Jan 2024 09:50:59 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Sat, 20 Jan 2024 09:50:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CC67 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-6JiAF2iZYnELrbGrr4Pw5yL4AHS4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTQ2NjAyMjY4NzA1MzMxMzDIAQmoAwHIAwKqBNIBT9DsoH2Wxwt8CJ6bqfkwj70VKM3PQJBoGb1Mtaw3HvWIMVV9ub5FELyg_kTrSgYYmolMSzpCLsk32cmJrkcghIIuhpLKOCRSIz2si6Y-IEdan5Y0HlWMfY4jfD1HxlBBc6gKwi4A8DutZfM7634zs6J6-puKR3p7aF1vga9jeQDeN54rxSQ1JKLopfJSSWz2DaXIwd7mX9haX7ynP_lolcdnykfyf_dmfV2BJQyQPYPFGUPBivN4erQH_I0qqoj42ii_SCtLnklSr5Etlyx5ujcjgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WI6G87yL2oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ2NjAyMjY4NzA1MzMxMzAYAA&sigh=R-ARX3TvqEc&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_4xrOoMQG2y-SQBQmGFZxagpkZN7zlU3dxJjGW8ZR3LBS02cB5U-Y060E2eCLGW4D_wUMuEkL7FKIXjIjv8g4RmnXk6151hpdpp0YAQ&cbvp=2&vis=1
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
nym1-ib.adnxs.com/ Frame CC67 		0
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fberita.malasmikir.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCIC6ia0GEI-0mYvP-7SkHRgAKjYJIaV-i3fzkD8R0FEngc-EkD8ZAAAAoHA98j8h0A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4iLwFgAEBigEDVVNEkgUG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHWh0dHBzOi8vYmVyaXRhLm1hbGFzbWlraXIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEz8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjU3YmUyZTItNzZiZS00MmM3LWIzZjktNGFiNzViNDQ0YTJkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDghiNTeGcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTEwMTY5MzcxMzE5MzYwMDE1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYCTuZDq0JmlJcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfXwIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4i8BdIHDQkuJgAM2gcGCAkvqAcA6gcCCADwB9yMyASKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=5d7eb99f3d355fba4e87828a6ecadab77b34c5b9&pp=ZaJdAAALogkBy6M2AALOQzR2xxpZaLCxlL9LnA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFBi3AF2iZYnELrbGrr4Pw5yL4AHS4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTQ2NjAyMjY4NzA1MzMxMzDIAQmoAwHIAwKqBNUBT9DsoH2Wxwt8CJ6bqfkwj70VKM3PQJBoGb1Mtaw3HvWIMVV9ub5FELyg_kTrSgYYmolMSzpCLsk32cmJrkcghIIuhpLKOCRSIz2si6Y-IEdan5Y0HlWMfY4jfD1HxlBBc6gKwi4A8DutZfM7634zs6J6-puKR3p7aF1vga9jeQDeN54rxSQ1JKLopfJSSWz2DaXIwd7mX9haX7ynP_lolcdnykfyf_dmfV2BJU6SHBEHvbmsHgkMzypeeDsuiYJ80wankYnNx83uL7sBj-z4WFq38X-HgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WI6G87yL2oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3IkLNMvUm2vrRgof2Y5pUcSw-3VA%26client%3Dca-pub-4660226870533130%26adurl%3D&cbvp=2
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
an-x-request-uuid
3f3c8557-8cbd-4332-8a08-785d71a6fcd6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame 5B62 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4660226870533130&output=html&h=280&adk=1383263028&adf=93630233&pi=t.aa~a.3481638309~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705030533&rafmt=1&to=qs&pwprc=3720885787&format=1200x280&url=https%3A%2F%2Fberita.malasmikir.com%2F&ea=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705139457656&bpp=2&bdt=1600&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D74676ef85220580f%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA&gpic=UID%3D00000db6d9fe79cf%3AT%3D1705139456%3ART%3D1705139456%3AS%3DALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw&prev_fmts=0x0%2C363x381&nras=2&correlator=4478998970680&frm=20&pv=1&ga_vid=786477649.1705139456&ga_sid=1705139457&ga_hid=327123380&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080263%2C31080333%2C42532523%2C95320894%2C95321626&oid=2&psts=AOrYGsmAxafgW6QEwcsd3CQ3w5f9m6oVnl2t0C4BqyrGBeDkHIo3zDydNhI2vyp-PYD4R1D6yxviCILr4G8DJ543xW4GFA&pvsid=4475351312536087&tmod=722928788&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
133194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:51:05 GMT
VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
pagead2.googlesyndication.com/bg/ Frame C7EA 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VucML-pZXNsV9Bio95In_Vy1g44u5uVv1Eq8Y-LPojk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:51:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
133194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:51:05 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x85a5e0aa74ceecbb0000000000000000%22,%222%22:%220x20799e213fab22a20000000000000000%22,%223%22:%220x8b7443718bc31a70000000000000000%22,%224%22:%220x31b3b09a289208a70000000000000000%22,%225%22:%220x93395971fecafcbd0000000000000000%22},%22debug_key%22:%2215182543620737230157%22,%22debug_reporting%22:true,%22destination%22:%22https://eventrhythm.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22657897889%22],%2222%22:[%22true%22],%224%22:[%2201-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216383646926870838865%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 13 Jan 2024 09:50:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame A066 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstM_WpfvM19KR_s9Jrl9u8nUSUM2OgsmEEHVp3c9Cd-lejXK498jrK0X4IO8rufLmEE9ySJBARzvsROK0BMH6QsDgpDRgixMWQ_9yUpujy9qKcv4pRdEqiBHsBsm4EL6LTS8Ce77Fg2jYVuBPJcX5wbuN5q57Q1jvVFN56pEv_GsQhVVsIvFQS51v9UTiSMqKNUy-o8Qm31l8WHMFu4ZWAWxS09CFfjvCNnGjVjSTNvgesh0ViA8ADWBeKNZpMcbVgQErHl8cKu7c7wgjkIftWGvFhMKlnet-YI9icn6Xf0O93zVjzZ-iwCk1A3-u_pZ6fUWFNJLGMf_T2nMWLlSsLY4SChQaCMs0UPc9_Xb3_hasCFKMMUrmILog2Tb0cW_pzGAIGvV4HmH-03aH5LKE-I1l8AR2ty_rWazuWrazu-CGkwMhSqxdT2Rc3uu7ON_rsmg6xQeZcQNKlujjTli0SoFPHZyLMfUAYSlaTvqDNbUKuI50l1LQrKt6eYmE99aprHG2S0j4CI0gP9lw1aN11buzyoqBsT1oWuZKeGXcO-UAfV5faP-C8Rqh8Gw4iTgh87rC5T57mFdK4vNvOewErNqMzDBC7nmlXjp9x90fVFqr8QWf0Ii6QwXvuadrwGGmwBEjnDFMBt8Oyt0ZoWFVZDVdHiVjCv81sq4-iW6ieGif5z0uyKKTIFKuabkxeq5t_npE91LM0fYaeOUQvd-k-8Tx1fJWsr3Eocxw3s5-hfhoUfyOiYGidqBW3S-Ml1IhGOimPQVpRipc7YmaYGsGLiB1FnpVZJhfKn-IXfn5eq3bk_BmyfIW6dHw_fGO0fJkbPom6UstKW3woS6LbzQPOHU8qTCf3D3PryeAOtIiRagsvf5x5DLj_l90l14g3mwf5PIfYAzMrqrTwuNnreZoP633KeUxWFeeaL6JZ-3_oSROf06sV2TcXEfmmb1SHalVIHYZsc3-PGLaEa1_bNEjiCEc_Gf4oU2VwAeFyKHbudoaJaiXJdb7K7poIDE5PIGorscL2MAnrZRgYPTcwYvQgvJO_L-hG9htve0u44BwOOVLEXNsInfpRa6sFvbTJnZ_Gln7GdhRAFwpCGQGefljB_mqPmfFzJ6TVdTb1gj87CriPwun5hFsyAx73-zH3PfhrdskFHSu3ilRdiTwtAwY_PQNb1Q9KBqYDsbnnK3UvQn9HfXMRL8oIAylv3ye3XF3jnjtMtFLXjVMgqr1YmZmKxaD92pTMHfcUXaRyi923dcqTF0Rukd7jywiroggeYJwoh19w39NHUh_Hm5vLYXowzcbDaqEln4tM2bwMpuZ4D3_my9IsOOUlG0KgbA6sqT6nI1c_aOWzm9qA0v5ttqTfWdpnoqe-0KbnwRosgoUh5zNJnttnMC1yE7rp481sZ0v-5n88jhCCZ4hW2ySbWYKZ9&sai=AMfl-YQsrQsgmh1nZC95rHf7yTSLzZIpmDr94eEINY2fNH9RVrfORKTxw0BybrPUT4NADUUyeDlx49thS7Xo7xSrU59Ihr4lnXevvuWgk45tS8EDYnoCenRXkowo-BTeet21h2sCAEy0KvJguuypSGd-iJfbWGOxKYdGL_dSNTlwBbLNq4WQs2PX01dQZD8nDRfAowjpZzYOlq3xZW3nhJkEw6x_peL_qGu_7Ht9_T1oD2m8VtljBlcCDFIE7vA0F69odVzjYpFtrrPk_3nqnzUKMVljwhwCCiXTj900VVlQ63UXlxDPJJ-AkG72R8TNJVEjZZmwpF_em5VjjF9dNRHIspuKUB1cc5vlApv_4M-DH_5SX4QO5QZpuwWySZp7tIw2zxfzsODxFnu28FONASErrm1meHAeo-2JMlexLxHYUCutcoMrKSY&sig=Cg0ArKJSzEtYvaPB_IG-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=786&vt=11&dtpt=384&dett=3&cstd=399&cisv=r20240109.16315&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: berita.malasmikir.com
URL: https://berita.malasmikir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35f7c9b1477ecc48f5d55101556e5f28ede46350f58be133dc7e662dfa327524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jan 2024 09:51:00 GMT
content-encoding
gzip
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
v3AhbkGawfc2dIAuHVgzEGl0UeRYDnUMog1RGjUmeyx7v4bvyDMGaw==
adiframe2.
fundingchoicesmessages.google.com/f/AGSKWxWIs_SUc-Ls5Xe_2wnAafduVhdkSueH-7DCgiORKijdF3Sm-9Su3PlbPDp7Fd0W1eDwSp9EVE8DlNpfNBVJYWlVUG4h3P8qhqcOlNvwgBWPIhnPyPmasRdNLBbYy8vBlvk-ooCtFk0Ywfc6x04xmJCc09g_F... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWIs_SUc-Ls5Xe_2wnAafduVhdkSueH-7DCgiORKijdF3Sm-9Su3PlbPDp7Fd0W1eDwSp9EVE8DlNpfNBVJYWlVUG4h3P8qhqcOlNvwgBWPIhnPyPmasRdNLBbYy8vBlvk-ooCtFk0Ywfc6x04xmJCc09g_F_b7YASz_qWfgLa0XjZPdMxrDPyJgug=/_/ad-layers--sync2ad-/swfbin/ad-/adprove_/adiframe2.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwp5gd9Fr7u9Krm0QbCjoSe6xM-qw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b37fca7bf3287a5b0f7659c99e154f84e097adfaab2c8ee60f410574b70aeee
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SE8uVrf1ka-cMy_YJoeKBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SE8uVrf1ka-cMy_YJoeKBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwp5gd9Fr7u9Krm0QbCjoSe6xM-qw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7f80935106390ce68b498562c40c39863298cf9edd85faa71d35fcdf848a6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11403
x-xss-protection
0
server
cafe
etag
8337112287831120551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Jan 2024 10:41:57 GMT
AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9cs6eEVB_d1fAql3KDFNEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9cs6eEVB_d1fAql3KDFNEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://berita.malasmikir.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
2981
tags.bluekai.com/site/ Frame 1540
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGAACWWiXQEAAAAIN%2FuHAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkhiRG41b1E5OVk3UDNKaw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPs7HDz3Jh-MV9LWCKSVPl4&google_cver=1
62 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPs7HDz3Jh-MV9LWCKSVPl4&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Sat, 13 Jan 2024 09:50:59 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPs7HDz3Jh-MV9LWCKSVPl4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Jan 2024 09:50:59 GMT
_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Y... 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Ydqr7OIPUIxQyc-vsTAeHCdwVHsJxR5oye0-3a6nbfIQ/w400-h400-c-rw/_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a96cf4b8c579f1e003d22c3cf1f8f174c899090ff4c256aaa0a18584c21e96f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
server
fife
etag
"v53a2"
vary
Origin
content-type
image/webp
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_9fbc4d2e-6299-4e4f-b385-02c061cb6305.webp"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59146
x-xss-protection
0
expires
Sun, 14 Jan 2024 09:50:59 GMT
_4a79769f-5702-46b0-84fd-b6da7f593943.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfPkq32xXYsyPWVKHrq_muC_EsxTf9bYnPlH5kC5L2jrLwg0zL2C209tQpY-6ekHRW3oBNWQJolflqd2pJO88SSYdLU8D6j94sXJFMjLU2idXSW6dRMdDgYqszL1lAG4ewiPFZP3HaLs7beWhp... 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfPkq32xXYsyPWVKHrq_muC_EsxTf9bYnPlH5kC5L2jrLwg0zL2C209tQpY-6ekHRW3oBNWQJolflqd2pJO88SSYdLU8D6j94sXJFMjLU2idXSW6dRMdDgYqszL1lAG4ewiPFZP3HaLs7beWhpkwU0MLEk_xTHU9QbPqkwCXq0zBbEPePy1ad8R6MxuDA/w400-h225-p-k-no-nu/_4a79769f-5702-46b0-84fd-b6da7f593943.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
00de4665a386f258d09cba98b045b5e6a4292d096856ebdbc57493ffb92ca8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:51:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v539e"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_4a79769f-5702-46b0-84fd-b6da7f593943.jpeg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64611
x-xss-protection
0
expires
Sun, 14 Jan 2024 09:51:00 GMT
_a50da3b9-5b13-453d-9374-d3ee9436c7c5.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiLuMRHN2VvOVQVL5kod2pZkEWIM4v7BqVR8hTneli6D2-g6yU5DaVeD9k74jUkdf7O66GglcunSPgEF_se1IJVLkZT6YUq33EwZ_4yVfGC5BHD43ltdvHwRJvDxkHHuh4M5Pxu35pDZ52_aR1... 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiLuMRHN2VvOVQVL5kod2pZkEWIM4v7BqVR8hTneli6D2-g6yU5DaVeD9k74jUkdf7O66GglcunSPgEF_se1IJVLkZT6YUq33EwZ_4yVfGC5BHD43ltdvHwRJvDxkHHuh4M5Pxu35pDZ52_aR1auwgyXxNIXmpXKT7_lk-k6WYCcQmqNWGiMQnWXrjnGA/w400-h225-p-k-no-nu/_a50da3b9-5b13-453d-9374-d3ee9436c7c5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
21bbff9d3fc943c3469b0b0713bd3b38c5aae536178fa626b3263793deffad56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:51:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v539a"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="_a50da3b9-5b13-453d-9374-d3ee9436c7c5.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49318
x-xss-protection
0
expires
Sun, 14 Jan 2024 09:51:00 GMT
Asuransi%20Terbaik.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiltlZUPJkJyoIcMq76pYFAON1wXPj6JpIjOO-dUOvTA0ncTkkYiRe-myNee3WtbYzvSHcTmzHcd19l7BUBG4Q5lZQ9A-o98uS1SbEUmfrn7XgToj1Oz9fpf-YPa1tsJtjx-kKjPuwoC1bh-3Ga... 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiltlZUPJkJyoIcMq76pYFAON1wXPj6JpIjOO-dUOvTA0ncTkkYiRe-myNee3WtbYzvSHcTmzHcd19l7BUBG4Q5lZQ9A-o98uS1SbEUmfrn7XgToj1Oz9fpf-YPa1tsJtjx-kKjPuwoC1bh-3Gagyzzt_H7_RMD86zI41H8TRJ42GltXfk5WQFpgD_E-MQ/w400-h225-p-k-no-nu/Asuransi%20Terbaik.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
125777a3b90eafb7e97d29eaca2bdccf071df9808d5905b06534e5e262d2b59c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:51:00 GMT
x-content-type-options
nosniff
server
fife
etag
"v535e"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Asuransi Terbaik.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116133
x-xss-protection
0
expires
Sun, 14 Jan 2024 09:51:00 GMT
AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W3rOULNPX1TVtxOh4jNlHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-W3rOULNPX1TVtxOh4jNlHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://berita.malasmikir.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qFe6FJxzzibI7q3v4BtArA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qFe6FJxzzibI7q3v4BtArA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://berita.malasmikir.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0hMwzJpdWWTaeVYiRnl7Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0hMwzJpdWWTaeVYiRnl7Gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://berita.malasmikir.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU9VV3qOeE5yAEca2nkmlFPgPJ18vyNJcRsAH-867qm5LxxeVhlyxpbR84bZ_ddWnF3NKFKPAjdSDUrcUTISr5FqcTBgwmcggMDY9SGZqSI2MXd9uCZoYlAyqs6ixgl-v7AVSac
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU9VV3qOeE5yAEca2nkmlFPgPJ18vyNJcRsAH-867qm5LxxeVhlyxpbR84bZ_ddWnF3NKFKPAjdSDUrcUTISr5FqcTBgwmcggMDY9SGZqSI2MXd9uCZoYlAyqs6ixgl-v7AVSac?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MTM5NDU5LDM3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iZXJpdGEubWFsYXNtaWtpci5jb20vIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98e484b101aee18a3bf9b6a6f9261d8b77de496dde16ed7aae549451d5832eaa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2eoeEpXJvvgZX-eH8N5EnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2eoeEpXJvvgZX-eH8N5EnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DDC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:44:03 GMT
expires
Sun, 12 Jan 2025 09:44:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D54 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25219ea194177296604247ab51cc04e4cc989203381ddf4a711522c875a96680
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4uBpZ7nfwkV7OtAU2BI8mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4uBpZ7nfwkV7OtAU2BI8mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jan 2024 09:50:59 GMT
expires
Sat, 13 Jan 2024 09:50:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfDTLAl2iZdn6AruCrr4P2aqukAUAAAAAOAHgBAI&bg=!cHOlczzNAAaumcC-jpk7ADQBe5WfOAPXrklj5raUmWELIx85894I5P85J9xtblZCuI_ojwT4jBQjj2vpotsAOHsrdGaAAgAAATRSAAAAA2gBB5kDBX77Cnh-Ts29V-IzoVHD7S3Fni2TuKpQ2m_vkFg1mpvs9QAC2i-P4p1eqeWqGCQXP7o45h0drbid8hWkjPjss3b0c71bzLu94yJDNtTDICXfrj36EP-BdBYwmDdEI1Wuz2sUOxx60nijX3RC7dd1WfZo9zWmbVMJG6pNsYgV4kLOIeXdMIE4K1TgSbcJCffMUGMqc-tMnZ2VYJMI5sve_VHMGK92C5vfXAZTy7eYvDkwStxF_2ZqA960m6lrF3bu_YsaYRdHoSGbC-h2F-SuztWBjQ6uGjWwLSdaQynTyRlcL0itx3PKcjxqsxKA0Evhe0dQMiA3uT0o53GPu8ooW4lktFs-a1OvggK9m4H0mtSg34TOpQK5rzB0dwZtWIIpDBizbzm2gr3Pn47Yd3O0rSbwoGoN0fIX4EiioPttqdZ4Cs9WvQhSBzOmBbRrP4XoZtVNRRSUPw-6b5xY9rqMlSvLGOcsRX0_T17lQ_k_NGmog2GHUXy6RzAmOzufba8YcnfQ08L3xyRGoLwHiSBLp-LxGcKuGd0SPbxoKxQ2n5_tFxd8H4IOthTIzJPaN6PK4YFiGzTUtEpG4s2lwojkk8PLBadNY9NA9tZQbUuhi6GWdtqveDOqXAQI7ScYtEmvYB1JDpWm8vIU_fD8hZFcSe7VVnn4iRO2dToIEesR8-qKLaFH4qg1yd1NDNk51IyomYJPAsJYZDGyqcMpl6KXdPGh370RCEmp9A7StwEHvyaEnqnLskNU1-m-lkK_7USwwYSZfs4mjf0u6nYQ4wXHZXdwOCuLhSrycne9enrrXkCda-QZ3yr6GPCM9TorE5L7KYpGtV9USMuTqcWkOsNBqy0W2YqhOhSaQGuibDkyPQIkoEsIihaBZPE5NTKBrGjIPaQYPQZ_908bFMLuwL-TDq_9i1OnxbgfCnz-FpsdYKi9dYEOVwCc72vGPDqQWMx6WhgkKrCSR6HYzAWQ33ug11BOl0C1nIK03b_DY_SsSH_Ekoct4YyQxmIuso6LawxP6Q1KOjB-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		557 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f144424bdd4a15e8762e25b71cdc5c068804c929971bd83630fe95141c6350c

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://berita.malasmikir.com
cache-control
no-cache
x-server
10.40.51.155
access-control-allow-credentials
true
content-length
557
expires
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 4DDC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 03:25:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
23117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 03:25:42 GMT
AGSKWxWW37ZQZHHNsHCi2EvTFpRol8lpsenYHWVh5IyKesM-_d9fe9ZjYYx8RYqOIFfDNiru4iELM2szAW4M6gjI_qz5FX-6Ca5306IBvnWg6gwhIlZxFwBC4uA4VZADOvobwGl7V2u2
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWW37ZQZHHNsHCi2EvTFpRol8lpsenYHWVh5IyKesM-_d9fe9ZjYYx8RYqOIFfDNiru4iELM2szAW4M6gjI_qz5FX-6Ca5306IBvnWg6gwhIlZxFwBC4uA4VZADOvobwGl7V2u2
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-coPre8bCcvkwhmLf8te4sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-coPre8bCcvkwhmLf8te4sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://berita.malasmikir.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbDxNU0r05sFK8_Iu3fC4Vn1LOxoK071DD8o89ghZzBaqqGTFCG-PkY0BEHBQQuowm6gUDd47hRmM6PbAlY3nWGqV_KhiqejpmFl3Pr96cHODZcp2ZLN_LilmFl3D1vwec7zFO
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMzXiHOnAFlRAYe0VsuuEaDlaT54LA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GSw-T-CQqbrzaqTBtcHK3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://berita.malasmikir.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-GSw-T-CQqbrzaqTBtcHK3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://berita.malasmikir.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=4475351312536087&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4DDC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?O9TbBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 09:50:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AD8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukjKoceXneEe6qreHCqGokE13aUufclo2jae3IiJCrz2OdHzZo0ucGD1vWv6C97F0CUF1hcd-gtvui3Be6K6Bt6WUmT1AWIomsu19H0R6Kre031VS2wPQTDizHbhSCWU0b3711U3iLMrSR4ekYyEz6BdGC&sai=AMfl-YTG0XPYoC0BB5xNKOlszIpo7jFI2ZZDU-_-NNqoWikMWhscwHyLZRN7NaNl_v1VTJGOXg3p45oX-UAgb8etnNpvo2y26fLbhceYF1nDJV7vJY7vpMjugSsaevIfaiS5TsCgahp6yy8k7KzMZyq-dA&sig=Cg0ArKJSzCf46QT65UifEAE&cid=CAQSTwAvHhf_4xrOoMQG2y-SQBQmGFZxagpkZN7zlU3dxJjGW8ZR3LBS02cB5U-Y060E2eCLGW4D_wUMuEkL7FKIXjIjv8g4RmnXk6151hpdpp0YAQ&id=lidar2&mcvt=1012&p=0,0,124,1005&mtos=340,930,1012,1012,1012&tos=340,590,82,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705139457996&rpt=612&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame DED6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://berita.malasmikir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38117
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 12 Jan 2024 23:15:49 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
x-amz-cf-id
k2IH-oWa72UO8ikM3-WgGCdYdbXVnPSQ3WYKZd8R0jcALQ2JENqDxg==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 2320 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a2869e1c3ef53d9c6f106a7731814b8c8570e5df1d6720fdeec69ef5b9b637d9

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
4242
content-type
text/html
date
Sat, 13 Jan 2024 09:50:59 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.3.93
/
partner.mediawallahscript.com/ Frame 2320
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=dce65619190c37668092ddef79f32bb0&custom=&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=dce65619190c37668092ddef79f32bb0&custom=&tag_format=img&tag_action=sync&final=true&reqid=4186cb30-b1f9-11ee-a824-794b10ca5...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=8341404090720412220&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=418f2fa0-b1f9-11ee-b1a0-519b679bbbc9?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=dce65619190c37668092ddef79f32bb0&tag_format=img&tag_action=sync&cb=196314593
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8fea502-2214-4aa1-a26a-f7c85d245ec0&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=418f2fa0-b1f9-11ee-b1a0-519b679bbbc9&cb=1705139460362&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=a30ec83e-ed05-40c5-a9ed-5a1d5cf198fb&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705139460362
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4206f7b0-b1f9-11ee-987d-6d8df76c0cfe
0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4206f7b0-b1f9-11ee-987d-6d8df76c0cfe
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
3.213.247.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-247-157.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Sat, 13 Jan 2024 09:51:00 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=4206f7b0-b1f9-11ee-987d-6d8df76c0cfe
date
Sat, 13 Jan 2024 09:51:00 GMT
cross-origin-resource-policy
cross-origin
content-length
0
qmap
sync.crwdcntrl.net/ Frame 2320
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6f30f18f-31f1-4fd8-9f11-01b7bb96a3b3&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6f30f18f-31f1-4fd8-9f11-01b7bb96a3b3&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.242
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=6f30f18f-31f1-4fd8-9f11-01b7bb96a3b3&gdpr=0
Date
Sat, 13 Jan 2024 09:50:59 GMT
Connection
keep-alive
X-CI-RTID
c2d360aa-e883-446f-9e61-7ac6413327a8
Content-Length
131
Content-Type
text/html; charset=utf-8
dcm
s.amazon-adsystem.com/ Frame 2320
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0&dcc=t
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 09:51:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
299WNX78BWJBSRPGTXVY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 09:50:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7FATSZ9QJGPC89R42N9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=dce65619190c37668092ddef79f32bb0&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 2320
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a8fea502-2214-4aa1-a26a-f7c85d245ec0/gdpr=0/ Frame 2320
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a8fea502-2214-4aa1-a26a-f7c85d245ec0/gdpr=0/gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a8fea502-2214-4aa1-a26a-f7c85d245ec0/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.112
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=a8fea502-2214-4aa1-a26a-f7c85d245ec0/gdpr=0/gdpr_consent=
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Kestrel
content-length
249
tpid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 2320
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=dce65619190c37668092ddef79f32bb0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8341404090720412220&pt=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.63.222
content-length
49
expires
0

Redirect headers

date
Sat, 13 Jan 2024 09:50:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tpid=c73bc7fd5dab62d13bdd256d862c13c4
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 2320
Redirect Chain
  • https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
  • https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=c73bc7fd5dab62d13bdd256d862c13c4
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=c73bc7fd5dab62d13bdd256d862c13c4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.98
content-length
49
expires
0

Redirect headers

date
Sat, 13 Jan 2024 09:50:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
to-dmp-sync
s2b-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=c73bc7fd5dab62d13bdd256d862c13c4
access-control-allow-origin
*
cache-control
no-store
cf-ray
844cbcf838d56dc7-MIA
expires
0
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84396632406889772972519171225428483348/ Frame 2320
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=dce65619190c37668092ddef79f32bb0&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=dce65619190c37668092ddef79f32bb0&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84396632406889772972519171225428483348/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84396632406889772972519171225428483348/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.38
content-length
49
expires
0

Redirect headers

dcs
dcs-prod-va6-2-v053-020de5208.edge-va6.demdex.com 1 ms
pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
J9U8DYl1Q2E=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84396632406889772972519171225428483348/gdpr=0
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 2320 		0
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:dce65619190c37668092ddef79f32bb0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.89.172.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 09:51:00 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
sd
us-u.openx.net/w/1.0/ Frame 2320
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=dce65619190c37668092ddef79f32bb0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZaJdA1gZTR9OyLaRGMGAJrAY&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1705139459998&ip=38.132.118.75&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D213180604760056767518
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=213180604760056767518
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.n...
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=61498c48-4e69-460b-80d7-c4cc79995114&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaJdA1gZTR9OyLaRGMGAJrAY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaJdA1gZTR9OyLaRGMGAJrAY
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 13 Jan 2024 09:51:00 GMT
server
Aorta/20240110.a47e9006f
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaJdA1gZTR9OyLaRGMGAJrAY
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
295b3205e33b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
image.sbxx
ib.mookie1.com/ Frame 2320
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0
120 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
64.58.232.177 , United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
be31-199.crrt01.las04.flexential.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 09:51:00 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/png
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS16
Content-Length
120
Expires
-1

Redirect headers

Date
Sat, 13 Jan 2024 09:51:00 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=dce65619190c37668092ddef79f32bb0
Access-Control-Allow-Origin
*
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control
private
X-Server
LAS04
Content-Length
217
utsync.ashx
ml314.com/ Frame 2320 		43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=dce65619190c37668092ddef79f32bb0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Sun, 14 Jan 2024 09:50:59 GMT
qmap
sync.crwdcntrl.net/ Frame 2320
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-de34c3d2-a910-51e7-748b-9e12f0d5ce46$ip$38.132.118.75&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-de34c3d2-a910-51e7-748b-9e12f0d5ce46$ip$38.132.118.75&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.44
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-de34c3d2-a910-51e7-748b-9e12f0d5ce46$ip$38.132.118.75&gdpr=0&gdpr_consent=
Date
Sat, 13 Jan 2024 09:51:00 GMT
Connection
keep-alive
Content-Length
167
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ Frame 2320
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-RK4r2o1E2pzL_Kn2sLPsEE9DmHRcpxwQYwc-~A&gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-RK4r2o1E2pzL_Kn2sLPsEE9DmHRcpxwQYwc-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.69
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-RK4r2o1E2pzL_Kn2sLPsEE9DmHRcpxwQYwc-~A&gdpr=0
date
Sat, 13 Jan 2024 09:51:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553/ Frame 2320
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.51.131
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=6ad3205c-6e14-4ec2-b86a-c00a24552f91-65a25d04-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 2320 		0
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=dce65619190c37668092ddef79f32bb0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaJdAgAOCfhUewAM/ Frame 2320
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaJdAgAOCfhUewAM/gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaJdAgAOCfhUewAM/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.52.130
content-length
49
expires
0

Redirect headers

x-served-by
cache-mia-kmia1760095-MIA
pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705139460.818997,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaJdAgAOCfhUewAM/gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 2320 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZGNlNjU2MTkxOTBjMzc2NjgwOTJkZGVmNzlmMzJiYjA&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 2320 		62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=2985b7b0a2a9d619545650cac7081824
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.230 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-230.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 13 Jan 2024 09:50:59 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 2320 		108 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-125.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
54259e26e29e06fdbc6033d288133a8ce2cdcfd8e76d26fdeeb2ed5ad1f10b86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
108
x-amz-cf-id
w-0YlSTq3VetLFpGUHdxRYUoC9WppFm2qoVwGaPpS0i-TI4bGrOtNQ==
expires
0
pixel
cm.g.doubleclick.net/ Frame 2320 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZGNlNjU2MTkxOTBjMzc2NjgwOTJkZGVmNzlmMzJiYjA&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7489826416846760829/ Frame 2320
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/dce65619190c37668092ddef79f32bb0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7489826416846760829/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7489826416846760829/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.4
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7489826416846760829/gdpr=0
pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=601771803
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8341404090720412220/gdpr=0/ Frame 2320
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=601771803
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8341404090720412220/gdpr=0/rand=601771803
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8341404090720412220/gdpr=0/rand=601771803
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C154%2C153%2C148%2C116%2C106%2C104%2C94%2C92%2C79%2C78%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.61.37
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:50:59 GMT
an-x-request-uuid
741f5651-2a64-4a69-a096-ff74b9805f08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8341404090720412220/gdpr=0/rand=601771803
x-proxy-origin
38.132.118.75; 38.132.118.75; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame CC67 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fberita.malasmikir.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCIC6ia0GEI-0mYvP-7SkHRgAKjYJIaV-i3fzkD8R0FEngc-EkD8ZAAAAoHA98j8h0A0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4iLwFgAEBigEDVVNEkgUG8GGYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHWh0dHBzOi8vYmVyaXRhLm1hbGFzbWlraXIuY29tgAMAiAMBkAMAmAMJoAMBqgOaAwqwAhEz8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjU3YmUyZTItNzZiZS00MmM3LWIzZjktNGFiNzViNDQ0YTJkJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDghiNTeGcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWIJGfQqAWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTEwMTY5MzcxMzE5MzYwMDE1IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ERXdPRGt4TURjeE1UTXlNekFqTWpNek1qZzRPRGM1TmpRMk1EZ3lOQT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYCTuZDq0JmlJcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfXwIfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAACT18AAAQABgA4AYB8gYCCACABwGIBwCgBwHIB4i8BdIHDQkuJgAM2gcGCAkvqAcA6gcCCADwB9yMyASKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=5d7eb99f3d355fba4e87828a6ecadab77b34c5b9&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=4013444381076259857&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
an-x-request-uuid
fb9f1544-6977-436f-81de-f95f4a8971c9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame CC67
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=85b52ede-b626-4e6f-9565-6bdfb3ee7cab&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=b57be2e2-76be-42c7...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5a8d7e8057b84595975d07f2a1e75283&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5a8d7e8057b84595975d07f2a1e75283&tids=15000&med=10
Protocol
H3
Server
2600:1408:5400:8::170c:91a9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3AABAFF468724FEE97441D5A89707A11 Ref B: ASHEDGE1514 Ref C: 2024-01-13T09:51:00Z
x-cdn-traceid
0.a9112017.1705139460.15040c1a
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Sat, 13 Jan 2024 09:51:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 33BF871B99AC4BEBBCDCBED27E7AB05E Ref B: BLUEDGE1414 Ref C: 2024-01-13T09:51:00Z
x-cdn-traceid
0.a9112017.1705139460.15040b64
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=5a8d7e8057b84595975d07f2a1e75283&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame CC67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDnuhhprEvBgoEKavJMyWZ5iOKA88H-Wol1AcV44xQzunAB74wtxtsLkpb-OYZfwY_GUR4Xsm65k_IQ8df-i4XAqo6sM--LNOIU5JpyfqHEHrBqAKcBWB0&sig=Cg0ArKJSzNRVqHliHpKFEAE&id=lidar2&mcvt=1011&p=0,0,600,160&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705139458123&rpt=718&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A45B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrbw0anz&c=8313234092077&slotId=4156617046038.5&qqid=CIfE87yL2oMDFTajywEdQ84CHA&umsem=0&ple=1&ape=1&met.4=vil.lrbw0b0y~vfl.lrbw0ba4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=4475351312536087&bg=!Tk2lTQLNAAaumcC-jpk7ADQBe5WfOEqqrYNFlgliVkpR7sHYdEZhW23ZN51YGT4FCiIPHedQxRQag2HFeVsb73zW43kWAgAAAHVSAAAAAmgBB5kC03Vi31KUg0vBYmNp9vsf-fhaSIggw609uBti_7FCFjPIOakTDlfumriTzBN7BPGi5q4ZTlYfRx-xtHYZffI_cnGCKNNicNa7w2og-IaT4Xozf4XFCYntvc0K9LhvnC_qP6dlPxjzZFLnGV7qyOCtqPPp0ydvHkebxHCcJdmwEsT_xntT2hQPRvyWmDCLVfsavpgzX-LG0kkZZROsGP6cusXIQScZoSH7K9QqWYOFK1_7HVaJlpTCUMgLYtjdJLI-KUmZLbaEBswd2kng1Zz6apQ8PWvakC6LcGz1eGRDrJoV9uwPAsddVuqK_MwgxS2Fnb5oHyYpzryf1l6oP_R-T58pnzPjmd4WE8IQclxVGP-zhBJxX8iGsUGz-tlp3qlEDT5ek_eJdAwtLadcBJ7Ihe67xngABALfQWMRBCjNg-6yx8aA09Mavd2lscsyBv948nmXkaaYmrJ_PGfqTjgRESJZHgz-2oRI1rpG7cBDsl7ydHGg4YxsQqMarDsA16ROa-My3YPgmLKmBDDxzYNUU3ud-NJW-l5qFZ_z7QiBgq2mXk_QTHalXFRkelUwGAMxpvhNpnSYDjgwEHGS2g1ep7UzYyC4P7gW4vjaTqfQA3G3TCTbneHpPlKmjNDHQ64L2HG-L-tnry5ykL9QqYTQMaRAlYgwMp634K6SJb8q8EibzJ-5Dl4JDCgFtt2qLFnJHqSJFnN9NXOqMnHu6yjP_D1okVz5pLNeS6_zMEiuKAv-wiCg7PeoPMKn0W7G67CCEpnxCBQbobouo3lhmYTHvBcnMY6jyMyBN9rsoNWefI8Yty1lVeLv9dGgAcGJ0gIEssGGYiHKgndAYK0taxroHBsZWgDzTR-OMzVixTzRPtuSzXoPNpU72tODLfHYESGFXUHYMtXD2cSzcIUCq4aFr6uhS-Gq1aZ1NqljjLJGTZCEBbZGk2UI8_V3_KKn3STc5fijaA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
a.gif
t.sharethis.com/d/ Frame 8D30 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWWiXQEAAAAIN%252FuHAw%253D%253D&tt=t.dhj&dhjLcy=1705139458163&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=berita.malasmikir.com&pn=%2F&qs=na&rdn=berita.malasmikir.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=oL1OC0YA40n1ZTSyNLuV&urls=!1!345!b-13j,!0!323!b-13l,!1!345!b-14s,!1!0!b-14t,!1!314!b-150,!1!412!b-16f&rnd=1705139461805&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-73-207-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jan 2024 09:51:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sat, 13 Jan 2024 09:51:01 GMT
1540_03681
track2.securedvisit.com/sync/ 		43 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H-9ujSZHQW-N_5wUQeWxy62J
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.16.50 -, , ASN (),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://berita.malasmikir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jan 2024 09:51:04 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blogger.googleusercontent.com
URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNFsWehdrGpmHwL6QGobwl5UcKyQfEaxAhZoUwpwrPAZ3KwK8dWvLW0B6QlsdiEm3heFnE1qBBUCZhJ6mdObApFqMxBTdklhO4-hIgHlxEWqnPCulVGxJzGH3AXXTKZtid27nySoBzKuT7SE1Ydqr7OIPUIxQyc-vsTAeHCdwVHsJxR5oye0-3a6nbfIQ/w400-h400-p-k-no-nu/_9fbc4d2e-6299-4e4f-b385-02c061cb6305.jpeg

Verdicts & Comments Add Verdict or Comment

374 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| gtag object| dataLayer undefined| linkMagzSetting function| optionLinkMagz function| Defer object| adsbygoogle function| infeedAds object| _Hasync function| setAttributeOnload function| chfh function| chfh2 string| _HST_cntval object| Histats object| gapi object| ___jsl function| LMstickyMenu function| LMmobileMenu function| LMmobileMenuSubMenu function| LMsearchForm function| LMcheckCheckbox function| darkMode function| LMScrollTop object| infinite_scroll function| customFeaturedPostSnippet function| customPostSnippet function| SmoothScroll string| stickyClass function| InfiniteScroll object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| _HistatsCounterGraphics_0_setValues function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| convertstr undefined| CryptoJS undefined| aesCrypto string| keyGenerator string| teksGenerate string| teksGetLink number| timerButton string| capubAds string| IDslotAds object| base64 function| getSafelink function| copySafelink function| resetSafelink object| autoSafelink function| getVariable undefined| uri undefined| clean_uri undefined| gotoLink undefined| clickIE4 undefined| clickNS4 function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| a object| cv object| Tynt object| _dtspv object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| _33Across function| __uspapi object| __connect object| lotame_3825 number| char object| googletag object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YmViNThmOWNmMzRmMzdibG9hZGVyX2pz string| YmViNThmOWNmMzRmMzdiY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Oa object| lt3825_Ya object| lt3825_Za object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_wa function| lt3825_L function| lt3825_M function| lt3825_K function| lt3825_xa function| lt3825_ya function| lt3825_N function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ja function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ka function| lt3825_Ma function| lt3825_La function| lt3825_Na function| lt3825_O function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_P function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_Q function| lt3825_R function| lt3825_2a function| lt3825_S function| lt3825_T function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_6a function| lt3825_9a function| lt3825_8a function| lt3825_7a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_ab function| lt3825_cb function| lt3825_bb function| lt3825_eb function| lt3825_db function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_hb function| lt3825_3 function| lt3825_$a function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_5 function| lt3825_6 function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_8 function| lt3825_zb function| lt3825_Ab function| lt3825_yb function| lt3825_xb function| lt3825_Cb function| lt3825_Bb function| lt3825_Eb function| lt3825_Db function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Lb function| lt3825_Sb function| lt3825_Nb function| lt3825_Qb function| lt3825_Ub function| lt3825_Tb function| lt3825_Vb function| lt3825_Rb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_9 function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_$ function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ac object| __underground object| GoogleGcLKhOms function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 3afcb1da-98f9-4c8e-a42e-93862e7c9457

128 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
berita.malasmikir.com/ Name: HstCfa4831236
Value: 1705139456208
berita.malasmikir.com/ Name: HstCla4831236
Value: 1705139456208
berita.malasmikir.com/ Name: HstCmu4831236
Value: 1705139456208
berita.malasmikir.com/ Name: HstPn4831236
Value: 1
berita.malasmikir.com/ Name: HstPt4831236
Value: 1
berita.malasmikir.com/ Name: HstCnv4831236
Value: 1
berita.malasmikir.com/ Name: HstCns4831236
Value: 1
.google.com/ Name: NID
Value: 511=sqVeK5RV5Q91RD5LvzFALjFV-lZJOwRBEjFtNgMAu-Sq-Bu-iR_Yd-LBesP0gY2Ae3Po4RTyXG5nLXHLCPzqa7y5Ja9bwcVhrs7IgeyUpiBZq-zG7PqpyW4V70JLLj-Babm-lDImQ1Td2RHw-hiIAL3DO2QIL-N2AK3ozkym6jo
.malasmikir.com/ Name: _ga_V1BT1J2P46
Value: GS1.1.1705139456.1.0.1705139456.0.0.0
.malasmikir.com/ Name: _ga
Value: GA1.1.786477649.1705139456
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1705139456
.dtscout.com/ Name: l
Value: 51A01705139456C410DAFC442A703E42
.sharethis.com/ Name: __stid
Value: ZGAACWWiXQEAAAAIN/uHAw==
.sharethis.com/ Name: __stidv
Value: 2
.malasmikir.com/ Name: __dtsu
Value: 51A01705139456C410DAFC442A703E42
.malasmikir.com/ Name: __gads
Value: ID=74676ef85220580f:T=1705139456:RT=1705139456:S=ALNI_MbhgBwnlsZk_tX8zOYeVsYVdH7LwA
.malasmikir.com/ Name: __gpi
Value: UID=00000db6d9fe79cf:T=1705139456:RT=1705139456:S=ALNI_MY8rVhW3qqT7qhLwKFJUNGz5hGddw
.tynt.com/ Name: uid
Value: CoIKTGWiXQF7c8gKBBcUAg==
.doubleclick.net/ Name: IDE
Value: AHWqTUlEhGJKmDtc-53F7sDOqVlhIV1_cmg95ptwSrmH64F9ZPlWdR1JaRKp8jCvWsQ
.doubleclick.net/ Name: APC
Value: AfxxVi78XMLCyBNdZ3jUIqmKiY2QGMPrxx7aJXsVzG5IYHB9u3JxPg
.dtscdn.com/ Name: uid
Value: 51A01705139456C410DAFC442A703E42
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1705139458059%7D%5D
.onaudience.com/ Name: cookie
Value: 5b97ce2f758cb5da
.onaudience.com/ Name: done_redirects109
Value: 1
.malasmikir.com/ Name: lotame_domain_check
Value: malasmikir.com
.tapad.com/ Name: TapAd_TS
Value: 1705139458342
.tapad.com/ Name: TapAd_DID
Value: 9cb63ea7-6d44-4cba-aabf-5c3b75678ebd
.go.affec.tv/ Name: ck
Value: 65a25d02789f510001ceccd5
.go.affec.tv/ Name: oo
Value: 1
.33across.com/ Name: 33x_ps
Value: u%3D212418775954579%3As1%3D1705139458348%3Ats%3D1705139458348
.eyeota.net/ Name: mako_uid
Value: 18d023b5153-bb10000010a40e6
.eyeota.net/ Name: SERVERID
Value: 16614~DM
.linkedin.com/ Name: li_sugr
Value: d82b8976-c013-4b9a-8563-7b68c9af7943
.linkedin.com/ Name: bcookie
Value: "v=2&ec7d7289-d0bb-41fc-869d-792f8d89bd26"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3102:u=1:x=1:i=1705139458:t=1705225858:v=2:sig=AQFv1tJawlEPIj5qjbruSrj4dj-R30fT"
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL999J5GZV9ajx+
.adnxs.com/ Name: uuid2
Value: 8341404090720412220
.adsrvr.org/ Name: TDID
Value: a8fea502-2214-4aa1-a26a-f7c85d245ec0
.casalemedia.com/ Name: CMID
Value: ZaJdAm24S.X-rISts-JYRQAA
.casalemedia.com/ Name: CMPS
Value: 1535
.casalemedia.com/ Name: CMPRO
Value: 1535
.bing.com/ Name: MUID
Value: 37E68222E4E76DBC0F569627E5576CD4
.lijit.com/ Name: ljt_reader
Value: H-9ujSZHQW-N_5wUQeWxy62J
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbzEc[1S!@wnfH8K6pQK`!5=E<*L5?%K>4^G.#0hD?V=kJYW/3MxM0i>8DBgKj7pC=gQP(hw9P-HC_#ttl])hV/U
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1705139458804
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaJdAgAOCfhUewAM
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwNTEzOTQ1OCwiaWQiOiI4MzQxNDA0MDkwNzIwNDEyMjIwIiwibHMiOjE3MDUxMzk0NTh9LCJ0dCI6eyJkdCI6MTcwNTEzOTQ1OCwiaWQiOiJDb0lLVEdXaVhRRjdjOGdLQkJjVUFnPT0iLCJscyI6MTcwNTEzOTQ1OH0sInRkIjp7ImR0IjoxNzA1MTM5NDU4LCJpZCI6ImE4ZmVhNTAyLTIyMTQtNGFhMS1hMjZhLWY3Yzg1ZDI0NWVjMCIsImxzIjoxNzA1MTM5NDU4fSwidiI6MH0=|1705139458|eee01c81915c9ee36c9b5f29a0d7f1265c5b2426
.yahoo.com/ Name: A3
Value: d=AQABBAJdomUCEKPQlf4bIu5xdD87AStgO6IFEgEBAQGuo2WsZQAAAAAA_eMAAA&S=AQAAAilgKf1HZnxu07RhDn51DRM
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.acuityplatform.com/ Name: auid
Value: 876337618462
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRkBHNRqqmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUZARzUaqo90aGlyZFBhcnR5VXNlcklkWkNBRVNFRHN4V0tLa0Z0dVRjUDczTklScDduc/v7hnZlcnNpb27C+w=="
.inmobi.com/ Name: idsp_c
Value: 04de2859-ff2e-49c9-a470-c31750cd00f1
.ml314.com/ Name: pi
Value: 3641319728665329722
.mediago.io/ Name: __mguid_
Value: acc8ce736c3d772021s6km00lrbw0ayb
.w55c.net/ Name: wfivefivec
Value: e3vT1UzL1RoAFk5
.tribalfusion.com/ Name: ANON_ID
Value: afnsAGmge06ousnA7ffxQGBdAK8j9BaNIIsbJ7qAFRsxlEe5vawZcnIuU4eKDZcoyjRtjHYDQ9VMCERaS8SQ2K
.pippio.com/ Name: did
Value: J181ji65wRnHM9Yk
.pippio.com/ Name: didts
Value: 1705139458
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIK6ia0GEgYIgr0rEAA=
sync-dmp.mobtrakk.com/ Name: pid
Value: NTdhMjVlZDM1OTc1OWRjMg
.rlcdn.com/ Name: rlas3
Value: LDKGZkHxGckMg+AzRqlFJ7eczw7lH8hxsrsCkvSTG4k=
.rlcdn.com/ Name: pxrc
Value: CIK6ia0GEgUI6EcQABIFCNtOEAE=
.krxd.net/ Name: _kuid_
Value: QCHOsnjN
.w55c.net/ Name: matchgoogle
Value: 5
.dotomi.com/ Name: DotomiTest
Value: 7517f1ee7e18070e
.yandex.ru/ Name: yuidss
Value: 847359311705139459
.yandex.ru/ Name: yandexuid
Value: 847359311705139459
.quantserve.com/ Name: d
Value: EEABCQHyKoEA
.quantserve.com/ Name: mc
Value: 65a25d03-407c0-4f5b8-7105e
.malasmikir.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_fUxGzWowayipzt0hGXpF4OwXh-J3iu_iW_kpgI73kNFEbeHYpoIaV5JOvrvTAtK2IuybV39wKUY2w8fCQwD3SwlGzqNQs6Uvme2iHvx8rCh7NB_BhDwAf3A9bjwl_aCVYRwOVyBqt-i7_2p_Ky8emfFryAQ%3D%3D%22%5D%5D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: dce65619190c37668092ddef79f32bb0
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSElONTM1M7Q0tDRINjY3M7MwsDRKSUlNM7dMMzZKSjJgAILURbHMIBoCeK8fbjVi%2FCjL8J%2BRkeHeB0sY89zRQ8ww9s%2BNU1hg7EunHrHB2Lv3XRaAsT803IezDy%2BeA1d%2Fd%2B1Tbpiad0sQ4g3%2FNWHCC2ccYIKx%2F3VpwZgAmVNBPA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXRTLDKQgAMjimgFmLmoFkYwP64EkAE89BJU%3D"
.malasmikir.com/ Name: _cc_id
Value: dce65619190c37668092ddef79f32bb0
.malasmikir.com/ Name: _cc_cc
Value: ACZ4XmNQSElONTM1M7Q0tDRINjY3M7MwsDRKSUlNM7dMMzZKSjJgAILURbHMIBoCeK8fbjVi%2FCjL8J%2BRkeHeB0sY89zRQ8ww9s%2BNU1hg7EunHrHB2Lv3XRaAsT803IezDy%2BeA1d%2Fd%2B1Tbpiad0sQ4g3%2FNWHCC2ccYIKx%2F3VpwZgAmVNBPA%3D%3D
.malasmikir.com/ Name: _cc_aud
Value: ABR4XmNgYGBIXRTLDKQgAMjimgFmLmoFkYwP64EkAE89BJU%3D
.malasmikir.com/ Name: panoramaId_expiry
Value: 1705225859579
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!321-2!321
.clickagy.com/ Name: cb
Value: ZaJdA1gZTR9OyLaRGMGAJrAY
.demdex.net/ Name: demdex
Value: 84396632406889772972519171225428483348
.truoptik.com/ Name: to_master_s
Value: c73bc7fd5dab62d13bdd256d862c13c4
.truoptik.com/ Name: to_version_s
Value: b2
.ipredictive.com/ Name: cu
Value: 6f30f18f-31f1-4fd8-9f11-01b7bb96a3b3|1705139459990
.mediawallahscript.com/ Name: mCookie
Value: 418f2fa0-b1f9-11ee-b1a0-519b679bbbc9
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.agkn.com/ Name: ab
Value: 0001%3A56OqfKhnTTbof64CXyllBbn6YONB9eE5
.dpm.demdex.net/ Name: dpm
Value: 84396632406889772972519171225428483348
.amazon-adsystem.com/ Name: ad-id
Value: A3UMO1i0OUkLv0lBGhkD5iM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-de34c3d2-a910-51e7-748b-9e12f0d5ce46.YcbwYiIad2wHv3SFZXAk3%2FUg4DBMnJnbyeCPlWPmlgg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-de34c3d2-a910-51e7-748b-9e12f0d5ce46.YcbwYiIad2wHv3SFZXAk3%2FUg4DBMnJnbyeCPlWPmlgg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3jTD0qkQUed0i54S8NXORiaEdks.c%2F4Jt8jpdMFIcv0wQHjaOENNOlOYGhM0dOX7ojk%2BI3Q
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3jTD0qkQUed0i54S8NXORiaEdks.c%2F4Jt8jpdMFIcv0wQHjaOENNOlOYGhM0dOX7ojk%2BI3Q
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINTBx7vLGq6MGVcMD1rudXKdet5DsK0Q-gyjzIsPbHIKEHwYBCCEuomtBjABOgRvD7diQgQtj-mb.f%2FlXEQHr463scpI2tTvbg81TrvzW4PFo25XGYWIvzyM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINTBx7vLGq6MGVcMD1rudXKdet5DsK0Q-gyjzIsPbHIKEHwYBCCEuomtBjABOgRvD7diQgQtj-mb.f%2FlXEQHr463scpI2tTvbg81TrvzW4PFo25XGYWIvzyM
.smartadserver.com/ Name: pid
Value: 3340792860938072039
.adnxs.com/ Name: XANDR_PANID
Value: y8Kpj3R8g0rw47_YrUUnc6X8ctO9LnlRNjPm2_kLvPRfHx-8QeeQu5t4xqhBo3EpFyspShJpc0bJKsyqyoEtSiXnmjJBwcFRc7tcxMH9k58.
.c.cintnetworks.com/ Name: TiPMix
Value: 64.3038634682328
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: xjkgjsf0z1d53n4smicchtwv
.agkn.com/ Name: u
Value: C|0AAAAAAAALTUZhAAAAAAA
.sitescout.com/ Name: ssi
Value: 6ad3205c-6e14-4ec2-b86a-c00a24552f91#1705139460205
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNzA1MTM5NDYwMjY1fQ
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bk~2g5l
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwi8kOHT5YnKPBAFGAEgASgCMgsIoPrrkPyJyjwQBTgBWgd2eHNydjNpYAI.
.rubiconproject.com/ Name: khaos
Value: LRBW0C15-1A-JEZ0
.rubiconproject.com/ Name: audit
Value: 1|iFcnzDZSkNCq1AgehCTBXuDmiIgWFax1EwsAMDLoRNKbz16xSA9sXZEJ/3GXl4JbitxY7lwYd7PyUhTWCqUS/D1eMj+H8dOHLiHAKyz6E5yOeMM4vnRRhhh+wuZXO55JpRGqgq4PrC8+txk0N3IiVWDw8Z8vTu4Tk50LKQzdh9Q=
.turn.com/ Name: uid
Value: 7489826416846760829
.openx.net/ Name: i
Value: ad6b87f4-b594-45b2-ac94-9765f98c6cd8|1705139460
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: l4xbviujiluk3yesdcw1ddod
.ib.mookie1.com/ Name: ibkukiuno
Value: s=e21dbe55-eb21-463b-80ee-2087a90aee41&h=&v=0&l=-8584964674249721913&op=&hl=0&vlu=0&tcs=1&dcc=-8584964674249721913
.ib.mookie1.com/ Name: ibkukinet
Value: 646215243=-8584964674249721913
.rqtrk.eu/ Name: browser_id
Value: 1:a30ec83e-ed05-40c5-a9ed-5a1d5cf198fb
aorta.clickagy.com/ Name: chs
Value: [{"ch":"120","t":"2024-01-13 09:50:59"},{"ch":"128","t":"2024-01-13 09:51:00"},{"ch":"5","t":"2024-01-13 09:51:00"},{"ch":"4","t":"2024-01-13 09:51:00"}]
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024
Value: %7B%221pVtae%22%3A1%7D
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 55

2 Console Messages

Source Level URL
Text
network error URL: https://min.gitcdn.link/repo/zenorocha/clipboard.js/master/dist/clipboard.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://berita.malasmikir.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H-9ujSZHQW-N_5wUQeWxy62J' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
ad.doubleclick.net
adsdk.microsoft.com
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
apis.google.com
bcp.crwdcntrl.net
beacon.krxd.net
berita.malasmikir.com
blogger.googleusercontent.com
c.cintnetworks.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn.tynt.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
csi.gstatic.com
d.agkn.com
d.turn.com
data-beacons.s-onetag.com
dclk-match.dotomi.com
de.tynt.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.dtscout.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
gtrace.mediago.io
i1.ytimg.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
idsync.rlcdn.com
map.go.affec.tv
match.adsrvr.org
min.gitcdn.link
ml314.com
mweb.ck.inmobi.com
nym1-ib.adnxs.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pd.sharethis.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.ads.linkedin.com
rawcdn.githack.com
rr5---sn-q4fl6n6y.googlevideo.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track2.securedvisit.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
ws.rqtrk.eu
www.bing.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
blogger.googleusercontent.com
104.17.219.204
107.178.254.65
13.224.214.125
13.224.214.70
13.224.214.92
13.89.172.0
141.94.170.77
142.251.16.157
142.251.163.154
151.101.1.108
151.101.130.49
172.253.62.148
172.64.151.101
172.64.153.173
18.116.4.103
18.205.16.50
18.238.4.21
192.184.69.239
20.253.86.149
207.198.113.93
216.22.16.72
23.220.132.230
23.34.194.26
23.73.207.17
2404:6800:4006:814::2003
2600:1408:5400:8::170c:91a9
2600:1f18:4e9:5a02:bfa:a46e:1266:8631
2600:9000:20ed:1000:19:fc2c:a140:93a1
2606:4700:10::6814:5063
2606:4700:20::681a:d3c
2606:4700:21::8d65:780a
2606:4700:3038::6815:ea55
2606:4700:3038::6815:eae6
2606:4700::6812:19ad
2606:ae80:1471:1a::1370
2607:f8b0:4000:1a::a
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::65
2607:f8b0:4004:c06::95
2607:f8b0:4004:c07::8a
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::68
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c09::bf
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c0b::9c
2607:f8b0:4004:c17::65
2607:f8b0:4004:c17::8a
2607:f8b0:4004:c19::79
2607:f8b0:4004:c1b::71
2620:112:f002:bbbb::23
2620:1ec:21::14
2620:1ec:46::38
2a02:6b8::90
2a04:4e42:600::485
3.14.20.113
3.213.247.157
3.222.34.50
3.225.218.10
3.233.22.19
34.111.113.62
34.117.77.79
34.192.24.192
34.199.184.22
34.231.201.253
34.98.64.218
35.169.211.189
35.208.249.213
35.244.154.8
44.217.35.132
5.161.62.221
51.222.241.100
51.222.39.186
52.223.40.198
52.46.143.56
52.7.115.38
54.146.126.47
54.227.205.3
54.39.128.162
54.89.198.103
63.251.86.51
64.58.232.176
64.58.232.177
67.202.105.21
67.202.105.23
67.202.105.33
68.67.160.137
68.67.160.24
69.173.151.100
69.90.254.78
0033ef33767a1d8ec23518004f85d316420a73f53f221253e59cc68f76bd518b
0048f10d1c0b4b5fb308afaccdd5999478646b661c4de7a26acea24a63ace0e6
00de4665a386f258d09cba98b045b5e6a4292d096856ebdbc57493ffb92ca8b0
052ae9d2c50c22ebc2f8d16d02d9d14a3f7f173604a36da787bda8cc6e6d372b
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0a96cf4b8c579f1e003d22c3cf1f8f174c899090ff4c256aaa0a18584c21e96f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcb6531cb0967359e17b655d4142b55d1eac2aed3fe5340f8ce930a7000e5d3
0bd5a31123ebb6af97d5928b9da832ce4c89fcab553af8097e9b3d5c631383e4
0f3a9b3040486ca20ebf49f1ed10ed1ca0bda3e305611a20ab32047b753b3fcb
11d71b160ce2fae5481ace1e456a0b76c46a17dbded771bec50d847e93e3947e
125777a3b90eafb7e97d29eaca2bdccf071df9808d5905b06534e5e262d2b59c
14f5e79971b6346c5b544bdab97888d29b2f9b100a0f2dc1b417abe2f7107a25
1564ef4d61d8b9c4d1cc03d4d38b371b763b99db39078ab0778aaa0f9571a3fb
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b47577bd1d698663718df653b5d1e83b2348876a6b00712229b0bd3be56f713
21bbff9d3fc943c3469b0b0713bd3b38c5aae536178fa626b3263793deffad56
25219ea194177296604247ab51cc04e4cc989203381ddf4a711522c875a96680
2544d907d888bef8afcfba20fec0d408beb701a52294db24f08b0eb6d9e3e3d7
28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ed8bd646fe44a266432d0b89d31fcd2b215dd4b494466daba5826c6c9908f65
2f144424bdd4a15e8762e25b71cdc5c068804c929971bd83630fe95141c6350c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34fbacff888f89084d42f0780e0b96621f02e8af21b8e0749b6ad2a58b672880
35079361d6c10065e29e5249e4263807091188fb35d41e25b68df9ca82a09009
35f7c9b1477ecc48f5d55101556e5f28ede46350f58be133dc7e662dfa327524
3679b021b653e6a41ae69527727029545fd1ae35cafebc017037da436c4c4baf
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3f8666739db0e909e56163e7c1457560f0212f53a1f40dbcf83cf7d228c35d32
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce84d5df487d816eeb7e1c4516f2b8b0b4ca84ddba291ea95ce5b640d76b94b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5076dc05d47658b596e8ab999c303956e204e0e6461830281f19111565e16d65
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54259e26e29e06fdbc6033d288133a8ce2cdcfd8e76d26fdeeb2ed5ad1f10b86
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e70c2fea595cdb15f418a8f79227fd5cb5838e2ee6e56fd44abc63e2cfa239
58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943
5acdf1295fe6afc7cf13db05c24c2cc1b280c9da476d21ce951f08df003ab59d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cebc16f49ea52df403175b4c8506adbd4ed0467c4fb285437a072feb183e776
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645ddd94c4e95c3339f2200f4eb72b25cc97d53e1dca235bdefbee3f9acc70be
656976881c4cb6fa4c047dfe83cf210da6e7e12f39f35e85c4bc89224342d364
68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6b37fca7bf3287a5b0f7659c99e154f84e097adfaab2c8ee60f410574b70aeee
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101
7613690568b20639da8f8d3980b2dff42f53acc181ca3a0fe4bba1ae1776dc52
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7f47ad7ad306abd1c99733432736f35a4672f57d520a9d9a2d49281f215c3185
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8d118b58cd27580b8feab695ee9967d348d0a5b71d43261e133c4668f603fedc
93256308d289a88dd41a0c3a9cf249365c2169392b2be3deaeb78b4fccdf1a91
9631731687a8b0ec9ad2c4684b03fea65d05c29f0c22316ea70626069b1291af
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98e484b101aee18a3bf9b6a6f9261d8b77de496dde16ed7aae549451d5832eaa
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f19d6b004fd9fc777089c02225b52b58739c814e367e3718824dfda08b9c9a3
9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2869e1c3ef53d9c6f106a7731814b8c8570e5df1d6720fdeec69ef5b9b637d9
a2ce8d1386d0fd6f8f21e77bd34d61cbf6c677d17f0574c1dc3be9992ae88405
a8156c8a39690b7bdc17fdee24b589e51faf985e18c760446c1965472200df7f
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aadaad2cbc1904269f5bd65ad8f5a78ea6b7da4dc7ef5b12f120f1870d0c2f42
ae378aa99aa5fb8761b7a52a1fbf3498df5c97996d53dd28a41211eef09cc1cf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7f80935106390ce68b498562c40c39863298cf9edd85faa71d35fcdf848a6c7
b9b399f46166be533079dfc7bdc804b8406389d200f1fc496f63dec7558df0e4
ba1a0f032d8c1fcc691aeaabb103d6c04277aabf6e39036db711077e8a4a4343
ba543c432144fc27414e31f455cb9e5441dcd7acb89df63d9b2d6d8f25f3f777
bad39e60525508719511aef0562589005a82994e049b7ccd8ff0d290ed12de30
bae615765bbe1b97bc279603bfb25632190b8b3060073de8435b7b0ae9e6dff1
bb3346cbbe576f59c7ecda6deb6fb008bdeba1d437c4e9d0222609e5d5e9e218
bb762d74da03781f08108dddc96f306fa42216a72d46856ecf14ae72484aa723
bd284e5aef3077f07c4764a9bc2295c20525d042ed8557d488a78340986a0f9a
beab9414e6c779e62bf27491edb682089315b7801c9a09f5b6b6de82c4affe0e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c8d2eef4661887496f8a78471dc83917b2f4d25e550543bb5a3876d7e896e1
c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52
c41ce0277ce68964f21925e4632eba71b0a9fa97b88f152a591a9bf436c558e5
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5d52efd3b18eb5074435bca41e2b98b5e8a57e8c159272729f13261d1c4777d
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dd4ffb656c748825bde91c504d2577be4450811a8e2fca4a17e901619b2960cd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfde64d89576c8fbb4888b641897afe4eb839313d5d2cac6ef023dd7b67e37f7
e15f72a08eabf154db79758333fafec5b1fcf5882ca81feb6ab183af41720926
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f086836661e656c0518bfa80052d445b6e7e252a25fd5fc3f5b6ad9f3651c270
f29e2d3a85889489ab2798ae5cb66feaec2e78384da28fbcbc11cacf5b8d8fdd
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fadd659d902be546becefeb90ff5ac7c495271e8fff628433dd70115b76533bb
fe23086227ba198a03943f4474ea4ad3e2e50eb3ac722d7dee58bfac15e6d0ae