URL: https://echonexus.site/
Submission: On September 15 via api from US — Scanned from SG

Summary

This website contacted 65 IPs in 5 countries across 51 domains to perform 136 HTTP transactions. The main IP is 118.139.179.166, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is echonexus.site.
TLS certificate: Issued by R11 on September 13th 2024. Valid for: 3 months.
This is the only time echonexus.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 118.139.179.166 26496 (AS-26496-...)
33 3.1.255.16 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
16 2600:9000:21b... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.251.12.156 15169 (GOOGLE)
5 23.52.40.66 20940 (AKAMAI-ASN1)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 157.240.7.26 32934 (FACEBOOK)
1 74.125.24.156 15169 (GOOGLE)
1 2 103.132.192.30 138552 (RTBHOUSE-...)
2 2404:6800:400... 15169 (GOOGLE)
1 172.253.118.147 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 74.125.130.157 15169 (GOOGLE)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2600:9000:275... 16509 (AMAZON-02)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 104.248.98.228 14061 (DIGITALOC...)
1 172.67.159.95 13335 (CLOUDFLAR...)
1 3.165.82.125 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 74.125.130.155 15169 (GOOGLE)
2 2600:1417:3f:... 20940 (AKAMAI-ASN1)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 34.122.181.146 396982 (GOOGLE-CL...)
1 172.67.156.234 13335 (CLOUDFLAR...)
1 23.45.207.172 20940 (AKAMAI-ASN1)
1 108.156.133.35 16509 (AMAZON-02)
3 182.161.73.146 55569 (CRITEO-AS...)
2 13.234.61.153 16509 (AMAZON-02)
1 2600:1417:3f:... 20940 (AKAMAI-ASN1)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 1 142.251.10.156 15169 (GOOGLE)
1 172.67.181.199 13335 (CLOUDFLAR...)
2 2 142.251.10.155 15169 (GOOGLE)
1 2 35.213.7.90 15169 (GOOGLE)
2 3 103.43.90.178 29990 (ASN-APPNEX)
1 23.106.127.169 59253 (LEASEWEB-...)
1 141.226.229.48 200478 (TABOOLA-AS)
1 124.146.153.152 2514 (INFOSPHER...)
1 23.53.217.82 16625 (AKAMAI-AS)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 172.234.85.243 63949 (AKAMAI-LI...)
1 52.194.56.11 16509 (AMAZON-02)
1 139.99.123.98 16276 (OVH)
1 35.244.154.8 396982 (GOOGLE-CL...)
1 23.40.36.23 16625 (AKAMAI-AS)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 66.225.223.159 3949 (NTTA-3946)
1 207.65.33.82 62713 (AS-PUBMATIC)
1 69.173.158.64 26667 (RUBICONPR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 23.53.160.138 16625 (AKAMAI-AS)
1 2600:1413:a00... 20940 (AKAMAI-ASN1)
1 2 52.223.2.229 16509 (AMAZON-02)
1 1 43.249.38.110 59253 (LEASEWEB-...)
1 172.67.71.254 13335 (CLOUDFLAR...)
1 54.179.202.19 16509 (AMAZON-02)
2 3 74.118.186.107 6336 (TURN-US-ASN)
136 65
Apex Domain
Subdomains
Transfer
49 berrybenka.com
berrybenka.com
im.berrybenka.com
5 MB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
td.doubleclick.net — Cisco Umbrella Rank: 189
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
154 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 474
sslwidget.criteo.com — Cisco Umbrella Rank: 2578
fledge.as.criteo.com — Cisco Umbrella Rank: 29246
measurement-api.criteo.com — Cisco Umbrella Rank: 2133
dis.criteo.com — Cisco Umbrella Rank: 706
5 KB
6 netcoresmartech.com
cdnvc.netcoresmartech.com — Cisco Umbrella Rank: 50822
osjs.netcoresmartech.com — Cisco Umbrella Rank: 60356
twa.netcoresmartech.com — Cisco Umbrella Rank: 44750
cdnt.netcoresmartech.com — Cisco Umbrella Rank: 45516
81 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 801
139 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 270
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
73 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 140
24 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 509
739 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 424
977 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 2080
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 402
835 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
3 KB
2 f-tra.com
conf.f-tra.com
asset.f-tra.com
53 KB
2 ematicsolutions.com
api.ematicsolutions.com — Cisco Umbrella Rank: 248202
sg5-api.ematicsolutions.com — Cisco Umbrella Rank: 926083
153 KB
2 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13030
562 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
184 KB
2 creativecdn.com
asia.creativecdn.com — Cisco Umbrella Rank: 24170
918 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
148 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1217
378 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3610
620 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 7906
602 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2891
617 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 3365
259 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3433
278 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 676
381 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 414
1 KB
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 967
577 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 931
360 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
690 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 732
814 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
440 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 597
660 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4645
413 B
1 dable.io
adx.dable.io — Cisco Umbrella Rank: 21654
165 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 853
583 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2202
870 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 2072
373 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 780
687 B
1 tangooserver.com
ban.tangooserver.com — Cisco Umbrella Rank: 31627
1 mndtrk.com
cdn.mndtrk.com — Cisco Umbrella Rank: 479921
3 KB
1 mainadv.com
www.mainadv.com — Cisco Umbrella Rank: 33164
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
17 KB
1 netcore.co.in
tw.netcore.co.in — Cisco Umbrella Rank: 203986
2 KB
1 useinsider.com
berrybenka.api.useinsider.com
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 312
32 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 91
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 echonexus.site
echonexus.site
10 KB
0 360yield.com Failed
ad.360yield.com — Cisco Umbrella Rank: 786 Failed
136 51
Domain Requested by
33 berrybenka.com echonexus.site
berrybenka.com
16 im.berrybenka.com echonexus.site
5 analytics.tiktok.com echonexus.site
analytics.tiktok.com
3 ib.adnxs.com 2 redirects
3 cm.g.doubleclick.net 3 redirects
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 connect.facebook.net berrybenka.com
echonexus.site
connect.facebook.net
2 sync.1rx.io 2 redirects
2 eb2.3lift.com 1 redirects
2 r.casalemedia.com 1 redirects
2 x.bidswitch.net 1 redirects
2 dis.criteo.com
2 twa.netcoresmartech.com osjs.netcoresmartech.com
2 gum.criteo.com 1 redirects static.criteo.net
2 www.facebook.com echonexus.site
2 cdnvc.netcoresmartech.com tw.netcore.co.in
2 www.google.com.sg echonexus.site
2 www.googletagmanager.com echonexus.site
www.google-analytics.com
2 asia.creativecdn.com 1 redirects echonexus.site
2 www.google-analytics.com berrybenka.com
www.google-analytics.com
1 sync.targeting.unrulymedia.com
1 sync-criteo.ads.yieldmo.com
1 cdn.aralego.net
1 sync.aralego.com 1 redirects
1 ade.clmbtech.com
1 criteo-sync.teads.tv
1 s.ad.smaato.net
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 c.bing.com
1 contextual.media.net
1 idsync.rlcdn.com
1 ads.stickyadstv.com
1 cs.adingo.jp
1 adx.dable.io
1 tags.bluekai.com
1 tg.socdm.com
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 ban.tangooserver.com cdn.mndtrk.com
1 measurement-api.criteo.com echonexus.site
1 fledge.as.criteo.com echonexus.site
1 cdnt.netcoresmartech.com osjs.netcoresmartech.com
1 sslwidget.criteo.com static.criteo.net
1 asset.f-tra.com www.googletagmanager.com
1 osjs.netcoresmartech.com tw.netcore.co.in
1 cdn.mndtrk.com www.mainadv.com
1 sg5-api.ematicsolutions.com api.ematicsolutions.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 conf.f-tra.com www.googletagmanager.com
1 www.mainadv.com echonexus.site
1 api.ematicsolutions.com echonexus.site
1 static.criteo.net www.googletagmanager.com
1 tw.netcore.co.in www.googletagmanager.com
1 berrybenka.api.useinsider.com www.googletagmanager.com
1 www.google.com echonexus.site
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googletagservices.com berrybenka.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googleadservices.com echonexus.site
1 www.gstatic.com echonexus.site
1 apis.google.com echonexus.site
1 fonts.googleapis.com echonexus.site
1 echonexus.site
0 ad.360yield.com Failed
136 68
Subject Issuer Validity Valid
webdisk.echonexus.site
R11
2024-09-13 -
2024-12-12
3 months crt.sh
*.berrybenka.com
Amazon RSA 2048 M03
2024-01-04 -
2025-02-01
a year crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.apis.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.googleadservices.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-24 -
2024-09-22
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2024-04-05 -
2025-04-30
a year crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google.com.sg
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
useinsider.com
Cloudflare Inc ECC CA-3
2023-12-05 -
2024-12-04
a year crt.sh
*.netcorecloud.net
GlobalSign RSA OV SSL CA 2018
2024-01-02 -
2025-02-02
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-02 -
2024-11-28
3 months crt.sh
*.ematicsolutions.com
RapidSSL TLS RSA CA G1
2024-04-19 -
2025-04-22
a year crt.sh
mainadv.com
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
*.f-tra.com
Amazon RSA 2048 M03
2024-07-06 -
2025-08-04
a year crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
cdnvc.netcoresmartech.com
R10
2024-09-06 -
2024-12-05
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-26 -
2024-11-20
3 months crt.sh
mndtrk.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
cdnt.netcoresmartech.com
DigiCert TLS RSA SHA256 2020 CA1
2024-08-14 -
2025-08-14
a year crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-21 -
2024-11-13
3 months crt.sh
tangooserver.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018
2024-05-17 -
2025-06-18
a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA
2023-10-27 -
2024-11-25
a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03
2024-08-14 -
2025-09-13
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-18 -
2025-05-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-21
a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04
2024-06-19 -
2024-12-16
6 months crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2024-07-31 -
2024-11-27
4 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02
2024-08-04 -
2025-09-02
a year crt.sh
teads.tv
R10
2024-09-02 -
2024-12-01
3 months crt.sh
colombiaonline.com
R11
2024-09-09 -
2024-12-08
3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03
2024-02-24 -
2025-03-24
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh

This page contains 8 frames:

Primary Page: https://echonexus.site/
Frame ID: E592D8DAF3938443D2F2B34CF38CDEBF
Requests: 104 HTTP requests in this frame

Frame: https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home&tc=1
Frame ID: A0ADCEDBB7132BECEC0A3E13B0CFCE3D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-SC60C8MG5J&gacid=1504663832.1726402601&gtm=45je4990v9137224586za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=1665413877
Frame ID: AF439393A870F736D690DF04B23482C5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9CF6C8CD54412374BF87A31EAFCBEAE0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=echonexus.site&origin=onetag
Frame ID: 54F962404872179B9203E0484B86D4DA
Requests: 1 HTTP requests in this frame

Frame: https://fledge.as.criteo.com/interest-group?data=8kF_LnxlRE0xd2M2cjlTa0JCcHVlVGN0TS8rZVpBWWlyUHJXWSs0U0lUanRyUWJLTXl3Y1VnRjF2ZjdjNmR4bUlBQUJNSlVod3IxSzZzdnEwMEd5WVZMRlRONWZQUDBMSURLSGVBWmZlL08wOEM3akI1YUhpVDk2RllLUDFidnhWNE1vdFQzaERqYVJ4aXozUnhBeTRRbTUrejVWLy9RSURJb25tZWZOblNoRHl3R3M9fA
Frame ID: 22FE2304E09ED040B2BFF54D75263D2F
Requests: 1 HTTP requests in this frame

Frame: https://ban.tangooserver.com/rtb/google/cookiematch.aspx?id=tangoomedia&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechonexus.site%2F&pagetype=home&Browsercheck=true&a15=false&dw15=false&google_gid=CAESEHWsboMpH82GlX-n_eens2E&google_cver=1&google_ula=7241462486,0
Frame ID: 0E72DF8A3DC03BE6F5C4632B95EC7E90
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_gid=CAESEPwu01bbPHZ_BaZTCpood20&google_cver=1&google_ula=913071,0
Frame ID: 1DE0B3DEF7F7BFC2C7FF7CBD0D168C7E
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Toko Fashion Wanita dan Pria Online. | Berrybenka.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Bag

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

136
Requests

87 %
HTTPS

36 %
IPv6

51
Domains

68
Subdomains

65
IPs

5
Countries

5812 kB
Transfer

7872 kB
Size

72
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home HTTP 302
  • https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home&tc=1
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=tangoomedia&google_ula=7241462486&google_cm&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechonexus.site%2F&pagetype=home&Browsercheck=true&a15=false&dw15=false HTTP 302
  • https://ban.tangooserver.com/rtb/google/cookiematch.aspx?id=tangoomedia&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechonexus.site%2F&pagetype=home&Browsercheck=true&a15=false&dw15=false&google_gid=CAESEHWsboMpH82GlX-n_eens2E&google_cver=1&google_ula=7241462486,0
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_cm&google_hm=ay1SYkxVRmpZRGFVbDJFLTI5R29qZDhqNnBwQVktamlSUmI0bDA1Zw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_gid=CAESEPwu01bbPHZ_BaZTCpood20&google_cver=1&google_ula=913071,0
Request Chain 109
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30
Request Chain 110
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1194787372441022830
Request Chain 114
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ApiTJuX8FXaqz67bq2mCf8wlZJieqGYz
Request Chain 115
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw&C=1
Request Chain 119
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JpCe7DYDaUl2E-29Gojd8j6ppAZ1Q_wVshOjdw HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JpCe7DYDaUl2E-29Gojd8j6ppAZ1Q_wVshOjdw
Request Chain 129
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 130
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-iWQG0TYDaUl2E-29Gojd8j6ppAbLJQbNLQ5xlg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NDQxOTczY2EtZGRhZi0zYTIxLTkwN2QtMzI0OWExZWQ3OWM1&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 132
  • https://sync.1rx.io/usersync/criteodsp/k-9T0-fjYDaUl2E-29Gojd8j6ppAaIfHOurCI5nQ HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-9T0-fjYDaUl2E-29Gojd8j6ppAaIfHOurCI5nQ?zcc=1&cb=1726402603010 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32c06487-73e6-4543-b436-b8553a79bae3-004

136 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
echonexus.site/
49 KB
10 KB
Document
General
Full URL
https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.139.179.166 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
sg2nlhdb5004-16-04.shr.prod.sin2.secureserver.net
Software
Apache /
Resource Hash
c050c02824724ac30323522be5a32920fe5700d8a0f5d59e0c8ac9031d691a9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
10112
content-type
text/html; charset=UTF-8
date
Sun, 15 Sep 2024 12:16:40 GMT
server
Apache
vary
Accept-Encoding
reset.css
berrybenka.com/berrybenka/desktop/css/
990 B
810 B
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/reset.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c1604b001ca99ed50994eb1e8f9830ae2139e56acbb1dbd3b7504fec9f45754a

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-3de"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
core.css
berrybenka.com/berrybenka/desktop/css/
25 KB
4 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/core.css?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d9cd2d1ea19a7b07c37e288606503b157d69d921e7add3d61f3da24a1d67052c

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Tue, 30 Oct 2018 08:11:26 GMT
server
nginx
etag
W/"5bd8122e-63ee"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
search.css
berrybenka.com/berrybenka/desktop/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/search.css?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
17696f263958a5fb862f4adadb314465ead2ba0c91347d47945d68d593226d33

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-950"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
jqueryui.css
berrybenka.com/berrybenka/desktop/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/jqueryui.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5fcfe13f6603741910d719c25fabf1b21fdadfa9625b1efeb32a5dcda20c4e90

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-82e3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
font-awesome.min.css
berrybenka.com/berrybenka/desktop/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/font-awesome.min.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-6b4a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.scrollable.css
berrybenka.com/berrybenka/desktop/script/scrollable/
2 KB
739 B
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/scrollable/jquery.scrollable.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
49dd98d3c8e57eef0cc48294f1700ed37013f2f86c5892907676f94b4ad85576

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-6db"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
flexslider.css
berrybenka.com/berrybenka/desktop/flexslider/
7 KB
2 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/flexslider/flexslider.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e7e3de96dd9dfe3dfcd5825e74d1d37896c2ccb07e93d1a3af3dd0424ca398af

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
W/"5ae19dae-1abe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.fancybox.css
berrybenka.com/berrybenka/desktop/script/fancybox/
5 KB
2 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/fancybox/jquery.fancybox.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e50787b3c76ab27d3b5164d9d83fc95dccdd354179d289cbb2381dfb32fc34e

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-132b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.fancybox.css
berrybenka.com/berrybenka/desktop/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/jquery.fancybox.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1786d47468f3bfec3cb71723ab6ae6952a9f371a22ac5934e79b8fd2f843f9ca

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2017 13:51:49 GMT
server
nginx
etag
W/"59b2a075-338a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
css
fonts.googleapis.com/
18 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Didact+Gothic|Open+Sans:300,400,700
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ceb463e26efcf753a679b8e0a853b87780999b211a5e14c2dad3e9f3ce18e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Sep 2024 12:16:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Sep 2024 12:16:40 GMT
home.css
berrybenka.com/berrybenka/desktop/css/
691 B
589 B
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/home.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ea102e6c796081b0d292b1a34ed7003ea339556fa49eea8e70daa1fddac985b4

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
W/"5982de93-2b3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
berrybenka.png
berrybenka.com/berrybenka/desktop/img/
5 KB
5 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/berrybenka.png
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6f739a8b95da9828efdb2ff356e6aced2acd03b50d0f1b3d57e0df57e80c72d6

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-12f8"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
4856
expires
Sun, 22 Sep 2024 12:16:40 GMT
berrybenka-white.png
berrybenka.com/berrybenka/desktop/img/
5 KB
6 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/berrybenka-white.png
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
84a311b5b4f9864161cca581cd28a2f39227e0b221ee51912225f355f8020887

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-15ba"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
5562
expires
Sun, 22 Sep 2024 12:16:40 GMT
PromoInfo-AllDayShipfree-2000x50_L645J.gif
im.berrybenka.com/assets/promo_page/
5 KB
6 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/PromoInfo-AllDayShipfree-2000x50_L645J.gif
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7e61e5769bc1a07fb25cee630607d699c1f8043aae90065da59736789fd0e914

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Tue, 10 Sep 2024 23:46:55 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 10:03:30 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
390585
etag
"6527c472-1583"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
5507
x-amz-cf-id
hAHtKMTlEQfo2Kri67lnW4xFhINHruX0XxbfCtooRuVX6KsEA7oQtA==
expires
Tue, 17 Sep 2024 23:46:55 GMT
Coll-BigSalePayday-2000x900_853IM.gif
im.berrybenka.com/assets/promo_page/
886 KB
887 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Coll-BigSalePayday-2000x900_853IM.gif
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d16380941fee3a332cb01bfe8c62e951d3d3cd494dfa564ed14e90100fc72d3d

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Sep 2024 17:37:57 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 11:07:43 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
499123
etag
"652fbc7f-dd74b"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
907083
x-amz-cf-id
b4vVOvIqJzw0cVXNEDGPfXnfd6ICJb-s2rZqXSUvfcvZoCm3j1z7Vw==
expires
Mon, 16 Sep 2024 17:37:57 GMT
Coll1-Essentials-Denim-2000x900_NPOYT.jpg
im.berrybenka.com/assets/promo_page/
156 KB
156 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Coll1-Essentials-Denim-2000x900_NPOYT.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ae1bc11686acc72246055d616f6d5878435324958bcdd2ecd2ae3bedfa6e5a51

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Sep 2024 00:01:15 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 10:48:35 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
562525
etag
"652fb803-26f02"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
159490
x-amz-cf-id
PII3feIKuKjdZLS7a81QVZm7pL68EZ923kaHNmLsmvcq1B_KLVU6Cw==
expires
Mon, 16 Sep 2024 00:01:15 GMT
Coll-NostalgiaNona-2000x900_W3NXU.jpg
im.berrybenka.com/assets/promo_page/
2 MB
2 MB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Coll-NostalgiaNona-2000x900_W3NXU.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f4dbaa5b975c065e77afb9494c80681512ba9f96508f0415afdfadffa570cb0a

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 11 Sep 2024 19:41:04 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:48:23 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
318936
etag
"651a83d7-1bb6f2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1816306
x-amz-cf-id
G9Nv_aWhGgIQ6UOyDso7pMHazv_JowbNBo5Sf6P10Lq9JlMT2qQ8Bw==
expires
Wed, 18 Sep 2024 19:41:04 GMT
Coll1-Retrograde-2000x900_LG9FQ.jpg
im.berrybenka.com/assets/promo_page/
227 KB
228 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Coll1-Retrograde-2000x900_LG9FQ.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6a4812c869d9b8ad1d05dc99b5dda98c761e879b5c22db883a99803d05178e9f

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Sep 2024 12:20:15 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 08:54:09 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
518185
etag
"64f59b31-38d1a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
232730
x-amz-cf-id
pxDLyO_9YLIGiF7-oovTx27vO-XRK_KPclTr4qv7-n_dUUayC8--XA==
expires
Mon, 16 Sep 2024 12:20:15 GMT
Asset1-Category-429x429_VZFIP.jpg
im.berrybenka.com/assets/promo_page/
28 KB
29 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Asset1-Category-429x429_VZFIP.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c10eb7c9d39ccd2af74b28e1ecb7e2641fdd35fb05a4c5e6e57af280c4e4ee7

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Sep 2024 12:20:15 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 10:05:01 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
518185
etag
"6527c4cd-7176"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
29046
x-amz-cf-id
KD19u3p_lHbvbVIFfibKw25kqCjlPJhi4EHKxRWhQ74778KYzslAHg==
expires
Mon, 16 Sep 2024 12:20:15 GMT
Asset2-Category-429x429_N38YT.jpg
im.berrybenka.com/assets/promo_page/
33 KB
34 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Asset2-Category-429x429_N38YT.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0dd2a8458bacae09035104909bd7383ffcde713124b8871c19cc9fc495e1f1fa

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 14 Sep 2024 00:53:52 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 10:05:11 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
127368
etag
"6527c4d7-84d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
34000
x-amz-cf-id
oRY8Cinrf2pZ3HLf33MQbSVBvDDNz6Wp09Cob_CzBrzcj6UvKSuFBw==
expires
Sat, 21 Sep 2024 00:53:52 GMT
Asset3-Category-429x429_ZSEG4.jpg
im.berrybenka.com/assets/promo_page/
28 KB
28 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Asset3-Category-429x429_ZSEG4.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ce457547006efd94ed24813bbe30e655ff8cfdd4671da4f2e2853ea8cf1c371

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 12 Sep 2024 16:33:44 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 10:05:19 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
243776
etag
"6527c4df-6fd5"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
28629
x-amz-cf-id
-j1-Y_NTH5hHknrXo_yHhRpc5wMrhLZGA0OlHdWAYdRRc70gaV0Q7Q==
expires
Thu, 19 Sep 2024 16:33:44 GMT
Asset4-Category-429x429_KCYL6.jpg
im.berrybenka.com/assets/promo_page/
31 KB
32 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Asset4-Category-429x429_KCYL6.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c177cccf36a0a974b17f8211ff98442b206f2111f6737ac35a2b965e935ca0b1

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 11 Sep 2024 19:41:04 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 06:39:43 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
318936
etag
"652f7daf-7dce"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
32206
x-amz-cf-id
D0sQCcGJKY5R6MzrN-L8KaWxWSprWvOX-8w8VCUh-OmcSTgdCSujpg==
expires
Wed, 18 Sep 2024 19:41:04 GMT
Desktop-CUR1-W2OCT-580x450_5ZNDC.jpg
im.berrybenka.com/assets/promo_page/
92 KB
92 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Desktop-CUR1-W2OCT-580x450_5ZNDC.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e5f6c1109af66924308753c4c7c9a7683b9d1ac926d9242b48411844f09a50b

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Tue, 10 Sep 2024 01:10:22 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 11:08:07 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
471978
etag
"652fbc97-16f7d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
94077
x-amz-cf-id
7QN5UJ7KFmgcgcQQfCiFEu--QEWeDoZzJ5XgO9LNSEDBBkSYpo2nZw==
expires
Tue, 17 Sep 2024 01:10:22 GMT
Desktop-CUR2-W2OCT-580x450_JIEVN.jpg
im.berrybenka.com/assets/promo_page/
117 KB
117 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/Desktop-CUR2-W2OCT-580x450_JIEVN.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a5fdaefdc880141c8fbefa6b72855bbfb15b5dcfd4f534ed93aa776bc6a28e25

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 12 Sep 2024 10:48:13 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 11:08:18 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
264507
etag
"652fbca2-1d38c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
119692
x-amz-cf-id
clTQJI5wC0fDRZViPYD6k2UaNQO3dPXmfNcs6LFB7IPr25hON9NyTg==
expires
Thu, 19 Sep 2024 10:48:13 GMT
HOMEPAGE-Store-Banner_BUY34.jpg
im.berrybenka.com/assets/promo_page/
250 KB
251 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/HOMEPAGE-Store-Banner_BUY34.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85b158b0ae18617d880bd82f9393a3c025bbd0ca6689c12cffc4108be6c1bc70

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 11 Sep 2024 19:41:04 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Fri, 09 Sep 2022 04:02:14 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
318936
etag
"631abac6-3e7d9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
255961
x-amz-cf-id
PrGIJuV3I8Ud-Y0IpEHs6_jT5sNfwJPSVxMbqvK98__zWxVdvegB_A==
expires
Wed, 18 Sep 2024 19:41:04 GMT
PrevColl-NoirBlanc300x370_PB60B.jpg
im.berrybenka.com/assets/promo_page/
65 KB
65 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/PrevColl-NoirBlanc300x370_PB60B.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44ed3dcf54a6a8849c4584aa59dc42beb8670e35e15812a799fa209f78f22218

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 12 Sep 2024 21:56:36 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 10:54:38 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
224404
etag
"652fb96e-10324"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
66340
x-amz-cf-id
U5V5aMMG2zXUtfUD_n1Fr1S8HwBtuOblP7g462k2sfermO3Vw7L5Ww==
expires
Thu, 19 Sep 2024 21:56:36 GMT
PrevColl-Naturale-300x370_PD8SN.jpg
im.berrybenka.com/assets/promo_page/
32 KB
33 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/PrevColl-Naturale-300x370_PD8SN.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
180295a40ebec397beb953189d661376c4dd899a74bc81d70c8f8c52c8f30e8b

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 12 Sep 2024 12:52:08 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 09:01:19 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
257072
etag
"64f59cdf-8118"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
33048
x-amz-cf-id
kcT5O1hQKbAP4rmHEKr_FCDHc6uB_9SJGeYrOw2YAThRY_DYtjOqzw==
expires
Thu, 19 Sep 2024 12:52:08 GMT
PrevColl-Sand-Sets300x370_BR6TN.jpg
im.berrybenka.com/assets/promo_page/
24 KB
25 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/PrevColl-Sand-Sets300x370_BR6TN.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
97e2765924212ce36a9b80578f0a77e195cfbd7956b4ab23aa458a09a055db08

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Tue, 10 Sep 2024 04:53:50 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 06:44:32 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
458570
etag
"64c9fb50-60b6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
24758
x-amz-cf-id
z-oHvSltA6MRTJofg5Kaf-yIWDqdTnIPgVUyvKmIRJSzAgk0L7Elog==
expires
Tue, 17 Sep 2024 04:53:50 GMT
PrevColl-DowntownAppeal300x370_SWRAL.jpg
im.berrybenka.com/assets/promo_page/
82 KB
83 KB
Image
General
Full URL
https://im.berrybenka.com/assets/promo_page/PrevColl-DowntownAppeal300x370_SWRAL.jpg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:7400:1a:297d:f300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b8d3c544f7e469f69fca0118de3e6d33c8da0da5acec1f874c33fc731bdf7b7

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 11 Sep 2024 19:41:04 GMT
via
1.1 61bff898c9646bbcc7f7eadde4d76fe4.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 18:40:45 GMT
server
nginx
x-amz-cf-pop
SIN52-C2
age
318936
etag
"649c7ead-1489c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
84124
x-amz-cf-id
6G9yqnKupNRqUrqUPoY-VS8Fdy3ElL6OnGtiUKl_SKOFeXcSwYLhgg==
expires
Wed, 18 Sep 2024 19:41:04 GMT
platform.js
apis.google.com/js/
63 KB
24 KB
Script
General
Full URL
https://apis.google.com/js/platform.js?onload=renderBadge
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26fdefd54c0f2b5d598ca66632be76bd34acceaa6210eeb978df39875ef33709
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Sep 2024 12:16:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24118
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"2e8880be7131cf17"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 12:16:40 GMT
pl.css
berrybenka.com/berrybenka/desktop/css/
208 B
405 B
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/pl.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
95bd01393dbf89354f89b08d37469663236117b32a7f331c8c461e4b83dc2759

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 08:39:29 GMT
server
nginx
etag
W/"5c9c8841-d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
apps-button-ios.png
berrybenka.com/berrybenka/desktop/img/
43 KB
43 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/apps-button-ios.png
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f9587943c4d4326fa17bd192e919af03dc16fe88c59c46d8677f03d5dcc8945

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Wed, 10 Apr 2019 06:22:22 GMT
server
nginx
etag
"5cad8b9e-aa39"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
43577
expires
Sun, 22 Sep 2024 12:16:40 GMT
apps-button-android.png
berrybenka.com/berrybenka/desktop/img/
31 KB
31 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/apps-button-android.png
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f36a700d1fb2587480ce07acb702512eaa6bf4b9b614b244f18fcbc4a74716e

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Wed, 10 Apr 2019 06:22:22 GMT
server
nginx
etag
"5cad8b9e-7aa0"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
31392
expires
Sun, 22 Sep 2024 12:16:40 GMT
truck.svg
berrybenka.com/berrybenka/desktop/img/icon/
2 KB
3 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/icon/truck.svg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8fe5370ca363eee5abfdc24ea9f9d359cd38574b2a4cbb1eccb64ccda7b0fd2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-98f"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
2447
x-xss-protection
1; mode=block
rupiah.svg
berrybenka.com/berrybenka/desktop/img/icon/
3 KB
4 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/icon/rupiah.svg
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1709a7c57ec534a6ec92f5ce63f763cda36475ba437ef141f9535a018746db97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-d84"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
3460
x-xss-protection
1; mode=block
chat.css
berrybenka.com/berrybenka/desktop/css/
362 B
503 B
Stylesheet
General
Full URL
https://berrybenka.com/berrybenka/desktop/css/chat.css
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0201fa5c17047b0cd554c93d55f175bbf2c8767fa1c71ebf51254017cad38a26

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 15:07:26 GMT
server
nginx
etag
W/"5e820b2e-16a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery-1.10.2.js
berrybenka.com/js/
267 KB
267 KB
Script
General
Full URL
https://berrybenka.com/js/jquery-1.10.2.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Fri, 08 Sep 2017 13:51:49 GMT
server
nginx
etag
"59b2a075-42b2f"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
273199
expires
Sun, 22 Sep 2024 12:16:40 GMT
sticky-side.js
berrybenka.com/berrybenka/desktop/script/
20 KB
21 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/sticky-side.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2e653bf3905faf94b56e60262f58b46bf092e08dc159bca7e1c63a3d866bd710

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-5167"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
20839
expires
Sun, 22 Sep 2024 12:16:40 GMT
sticky.js
berrybenka.com/berrybenka/desktop/script/
20 KB
21 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/sticky.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f605324ea02a9073118ee85c43766679e7a47f50d83ced49531eb2f72734b291

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-5166"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
20838
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery-ui.js
berrybenka.com/js/
235 KB
235 KB
Script
General
Full URL
https://berrybenka.com/js/jquery-ui.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Fri, 08 Sep 2017 13:51:49 GMT
server
nginx
etag
"59b2a075-3ab2b"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
240427
expires
Sun, 22 Sep 2024 12:16:40 GMT
autocomplete.js
berrybenka.com/berrybenka/desktop/script/
20 KB
20 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/autocomplete.js?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9cdcbabfdfbcd3137cd1b614c1ba1fdb5562d5573f441a1a40b93d3cdfcef4e6

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-4ea8"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
20136
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.scrollable.js
berrybenka.com/berrybenka/desktop/script/scrollable/
15 KB
15 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/scrollable/jquery.scrollable.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ced15666d74d694ed2d0cf51ec820ea809bb6eb44b9718fdac422de2318b697d

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-3ca5"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
15525
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.fancybox.pack.js
berrybenka.com/berrybenka/desktop/script/fancybox/
38 KB
38 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/fancybox/jquery.fancybox.pack.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
466543b83ff5faa4061b16c99017044e16008af1c79d757bd8be83fe018d3fce

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-97d6"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
38870
expires
Sun, 22 Sep 2024 12:16:40 GMT
clipboard.min.js
berrybenka.com/berrybenka/desktop/script/clipboard/
9 KB
9 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/clipboard/clipboard.min.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f2c012b3784c211f4a48c444da62efa237a11fd26af66b4c3a2742e773c83de0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-224c"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
8780
expires
Sun, 22 Sep 2024 12:16:40 GMT
core.js
berrybenka.com/berrybenka/desktop/script/
8 KB
8 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/core.js?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88f545a1945f1958b3892ea9eae9aef611ff913cbb7b4ba563e5c0a6ebd21338

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Wed, 08 Aug 2018 17:23:41 GMT
server
nginx
etag
"5b6b271d-1edd"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
7901
expires
Sun, 22 Sep 2024 12:16:40 GMT
lazyload.js
berrybenka.com/berrybenka/desktop/script/
3 KB
3 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/script/lazyload.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e3a8fb59278b3cb623a5fef64dbcaefa2335bba38fbbe6febcfdf9431531a2a

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 03 Aug 2017 08:28:03 GMT
server
nginx
etag
"5982de93-baf"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2991
expires
Sun, 22 Sep 2024 12:16:40 GMT
app_bb.js
berrybenka.com/js/desktop/
13 KB
13 KB
Script
General
Full URL
https://berrybenka.com/js/desktop/app_bb.js?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6cbd4a4fbfdebe6ab94381cbbeea9c4b9d92206d080d8961ab761e211e4121eb

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Wed, 31 Oct 2018 03:28:07 GMT
server
nginx
etag
"5bd92147-3336"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
13110
expires
Sun, 22 Sep 2024 12:16:40 GMT
jquery.flexslider.js
berrybenka.com/berrybenka/desktop/flexslider/
55 KB
55 KB
Script
General
Full URL
https://berrybenka.com/berrybenka/desktop/flexslider/jquery.flexslider.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
093c983329059e830ea55476ae2d2afe7a6d22ce45e66cac799b224b628ee2b1

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-dbf3"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
56307
expires
Sun, 22 Sep 2024 12:16:40 GMT
global.js
berrybenka.com/js/marketing-js/
3 KB
3 KB
Script
General
Full URL
https://berrybenka.com/js/marketing-js/global.js?t=20240914125443
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7e230e3f74efd86d94783d2fb9420fe4ce1d2aadd2707f29241fcf598a0cb4ad

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Fri, 29 Sep 2017 07:27:28 GMT
server
nginx
etag
"59cdf5e0-b9d"
content-type
application/javascript
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2973
expires
Sun, 22 Sep 2024 12:16:40 GMT
firebase.js
www.gstatic.com/firebasejs/3.4.1/
299 KB
101 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/3.4.1/firebase.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e018e9afe645bdd2415871d221d0ca27330afd08d29357f32ddfb66da624b05a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 13:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102428
x-xss-protection
0
last-modified
Tue, 27 Sep 2016 16:27:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Sep 2025 13:52:46 GMT
conversion.js
www.googleadservices.com/pagead/
56 KB
20 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
7e02d82244afece4d81dbfa0318378cfe946de1cb062cc2c0ddb498f3ff3eb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20848
x-xss-protection
0
server
cafe
etag
13646012712460357126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 Sep 2024 12:16:40 GMT
events.js
analytics.tiktok.com/i18n/pixel/
6 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRI60CBC77U51LO9KAMG&lib=ttq
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.66 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6ddb611a9a8290642666b785121bcefffd1e11d217085a6a1ff3736101fd55b7

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
367a8d2e.91b7b2b8
date
Sun, 15 Sep 2024 12:16:40 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240915121640137C276FA5AF920756F5-19C5629A961FACA5-00
x-cache
TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
232,23.52.40.70
server-timing
cdn-cache; desc=MISS, edge; dur=214, origin; dur=18, inner; dur=12
content-length
2255
pragma
no-cache
server
nginx
x-tt-logid
20240915121640137C276FA5AF920756F5
x-cache-remote
TCP_MISS from a23-220-105-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.220.105.83
x-tt-trace-host
018662393f50042bb32f145e03f9e0a2e59af01e2510d512cd98f18449dfcd7f9b4dd85f3e4c2f2dec3d15084bcb0aa18ddcd787f98026e7355eaee184aa079c432b73c23aa5ac81e16b30949a28b92d7d91196c0a73381b6fb0a78e386b9964c39e5a7084a9b411dab6301990b782eae9
expires
Sun, 15 Sep 2024 12:16:40 GMT
bgPattern.png
berrybenka.com/berrybenka/desktop/img/
1 KB
1 KB
Image
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/bgPattern.png
Requested by
Host: berrybenka.com
URL: https://berrybenka.com/berrybenka/desktop/css/core.css?t=20240914125443
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fc36496993d02d841a23f3b8c0486c816d1333e987003497b822df431db00d74

Request headers

Referer
https://berrybenka.com/berrybenka/desktop/css/core.css?t=20240914125443
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:40 GMT
last-modified
Thu, 26 Apr 2018 09:36:46 GMT
server
nginx
etag
"5ae19dae-45c"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1116
expires
Sun, 22 Sep 2024 12:16:40 GMT
futurabold.woff
berrybenka.com/berrybenka/desktop/fonts/
0
0

futura.woff
berrybenka.com/berrybenka/desktop/fonts/
0
0

fontawesome-webfont.woff2
berrybenka.com/berrybenka/desktop/fonts/
0
0

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Didact+Gothic|Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://echonexus.site
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 14:21:01 GMT
x-content-type-options
nosniff
age
338139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Sep 2025 14:21:01 GMT
futura.ttf
berrybenka.com/berrybenka/desktop/fonts/
0
0

flexslider-icon.woff
berrybenka.com/berrybenka/desktop/flexslider/fonts/
0
0

futurabold.ttf
berrybenka.com/berrybenka/desktop/fonts/
0
0

fontawesome-webfont.woff
berrybenka.com/berrybenka/desktop/fonts/
0
0

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: berrybenka.com
URL: https://berrybenka.com/js/marketing-js/global.js?t=20240914125443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Sep 2024 11:21:24 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3317
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 15 Sep 2024 13:21:24 GMT
gpt.js
www.googletagservices.com/tag/js/
103 KB
32 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: berrybenka.com
URL: https://berrybenka.com/js/marketing-js/global.js?t=20240914125443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41062db136b4059ce04b575e02ed75a6b47db17d8e7df0e170726379b141f45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32111
x-xss-protection
0
server
cafe
etag
930 / 19981 / 31087123 / config-hash: 6381089854016581128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 15 Sep 2024 12:16:41 GMT
fbds.js
connect.facebook.net/en_US/
4 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: berrybenka.com
URL: https://berrybenka.com/js/marketing-js/global.js?t=20240914125443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
2a7ac6ab79f4925ebabbef29ea7a477d7c2d8dfaebc74cba71889d2ff812cfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Sep 2024 12:16:41 GMT
content-md5
x5AhP3SY4xdBCIItqrFdgQ==
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2180
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4414, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
frgGoZr+lLwxwfdkoQnDMjhttKKTHASuEdfSeWwJmRVucaQds7ADL6IDPHo4o5uufiur0ICjQtzeSZQndfgBDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f831b005b3e439729d568bfcf054db73
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8fc57e44540a09954b0caece68c62857"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 15 Sep 2024 12:20:08 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/993328875/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993328875/?random=1726402600984&cv=9&fst=1726402600984&num=1&label=p1McCKqDzAgQvq7K1QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fechonexus.site%2F&tiba=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
2da8ff969e8dab3d84abf4051c4a4ea95bcdc80aeab5a6eecd1d4558c99dd940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tags
asia.creativecdn.com/ Frame A0AD
Redirect Chain
  • https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home
  • https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home&tc=1
0
0
Document
General
Full URL
https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home&tc=1
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Referer
https://echonexus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 15 Sep 2024 12:16:41 GMT Sun, 15 Sep 2024 12:16:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://asia.creativecdn.com/tags?id=pr_QVBoOhP0iAXuw71oerc0_home&tc=1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
vary
Origin
flexslider-icon.ttf
berrybenka.com/berrybenka/desktop/flexslider/fonts/
0
0

fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 15 Sep 2024 12:16:41 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=8750, tp=14, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
nrT8vx/9A1lyDe15hFzkW+Dz5YoEQoFkAWMuk4aZEJt5BFGkzlEm1qr4awYqga6owASBrwiXKPQhI8nZWaYSbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/
257 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7902d83592355226421620ffa5920a46f6cea2340cac8657646f4f9892555a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88924
x-xss-protection
0
last-modified
Sun, 15 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 Sep 2024 12:16:41 GMT
fontawesome-webfont.ttf
berrybenka.com/berrybenka/desktop/fonts/
0
0

main.MTcyYmY3Y2UyMQ.js
analytics.tiktok.com/i18n/pixel/static/
340 KB
95 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRI60CBC77U51LO9KAMG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.66 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
91b7b97a
date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202409141717180E794C4774DAE4B9011F
x-tt-trace-id
00-2409141717180E794C4774DAE4B9011F-2D0F6E291AFEAAB6-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010ab5fccef44d1f7b71330d3776d710eed5a26ead8681e82464a76eb8174c361d60382d8138573cd2f994a979290b515195cbd25e4958d515ab8496de9d20deef19294d51f0c0b9d3ac5285245edba2621847cc6c5ceb3ccbee3b1ce1b7a3a44c
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=19
content-length
96482
256929811160719
connect.facebook.net/signals/config/
66 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/256929811160719?v=2.9.167&r=stable&domain=echonexus.site&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
922d753959ca449c7651e08d06b1134dbddf61fbaeed85fed4c49956d211a61f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 15 Sep 2024 12:16:41 GMT
document-policy
force-load-at-top
x-fb-server-load
61
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=76, mss=1232, tbw=69742, tp=66, tpl=0, uplat=268, ullat=0
pragma
public
x-fb-debug
3zjrsJ4oSaQmitxw1CQTNTty9Mek230Imr8yT9xq2j31ALsE06L+v7XFo39x5lX+AKAUTT5hk0mdt8NqWkIRVg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/993328875/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/993328875/?random=1726402600984&cv=9&fst=1726401600000&num=1&label=p1McCKqDzAgQvq7K1QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fechonexus.site%2F&tiba=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYpwK5eUX8KYUHsSPXkG1PjxrITwbDA&random=1148707716&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.sg/pagead/1p-user-list/993328875/
42 B
455 B
Image
General
Full URL
https://www.google.com.sg/pagead/1p-user-list/993328875/?random=1726402600984&cv=9&fst=1726401600000&num=1&label=p1McCKqDzAgQvq7K1QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fechonexus.site%2F&tiba=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYpwK5eUX8KYUHsSPXkG1PjxrITwbDA&random=1148707716&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
15 B
220 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1719905498&t=pageview&_s=1&dl=https%3A%2F%2Fechonexus.site%2F&ul=en-sg&de=UTF-8&dt=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=693481523&gjid=305186492&cid=1504663832.1726402601&tid=UA-22337758-1&_gid=1382882832.1726402601&_r=1&_slc=1&z=1812752035
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a7484ec7a276c8c6eb2e338441c5db43af0e12a2e27ef2e3532e48798d8d2351
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://echonexus.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130601/
478 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130601/pubads_impl.js?cb=31087123
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
40197c032258a582600fce95b5d80d5c6ba7181c0b819d87c3978705271aa720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 19:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
60331
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152738
x-xss-protection
0
server
cafe
etag
1724168742003712727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 14 Sep 2025 19:31:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
68 B
80 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=echonexus.site
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
2fcd710ce4b8c7439a2405020bc397074447d0a4655279b4c29362819a154d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
x-xss-protection
0
expires
Sun, 15 Sep 2024 12:16:41 GMT
js
www.googletagmanager.com/gtag/
285 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SC60C8MG5J&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00b149d5112b8a4a0d1ba974da091633307d6011c464c87394a5dedd8f7b3e99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99113
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 15 Sep 2024 12:16:41 GMT
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.66 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
91b7be80
date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022625130B1784B8DAFA8C28EB
x-tt-trace-id
00-240830022625130B1784B8DAFA8C28EB-4C37F19C271BA576-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bf7a667b4e01a2f664be639514d898d700cfb72529a64172728e4865f294eefdd92b091b459ac083a6f5e7ddd1077eed3d09e6d630745c5df3506d029e6119eb2fe24427ff59d413c628c399e96a87448e74fdd2ce3cae163db0393b4fb417de
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
39700
pixel
analytics.tiktok.com/api/v2/
0
873 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.66 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6e19cd06.91b7beb6
date
Sun, 15 Sep 2024 12:16:41 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240915121641E58FB73324B62400BA46-78DA7DB24AA07F08-00
x-cache
TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
242,23.52.40.70
server-timing
cdn-cache; desc=MISS, edge; dur=223, origin; dur=28, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240915121641E58FB73324B62400BA46
x-cache-remote
TCP_MISS from a23-48-200-73.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.48.200.73
x-tt-trace-host
018662393f50042bb32f145e03f9e0a2e59af01e2510d512cd98f18449dfcd7f9b3d62fc69cc02bd00088b63dc982711a1ac6699f72ac6b9048298ae346787359daa39872b833cffd05ae6f2233f9e455bff78093287161626bfbe32749910a02304ef108e17202dff76fb74aadf0c50f8
access-control-allow-headers
Authorization,*
expires
Sun, 15 Sep 2024 12:16:41 GMT
ins.js
berrybenka.api.useinsider.com/
0
2 KB
Script
General
Full URL
https://berrybenka.api.useinsider.com/ins.js?id=10001267
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-version-id
gssW2dJR.cbHPQ21pxVenUHWKu3XuYC8
cf-cache-status
HIT
x-amz-request-id
NA3S0F7BG2QEHM94
age
2544
content-security-policy-report-only
connect-src *; default-src 'self'; font-src https://fonts.gstatic.com data: 'self' https://font.static.useinsider.com https://mobilefont.useinsider.com https://assets.api.useinsider.com https://fonts.app.apty.io https://use.fontawesome.com https://at.alicdn.com https://fonts.googleapis.com http://themes.googleusercontent.com https://static.preply.com https://static.hsappstatic.net https://assets.merci-app.com https://maxcdn.bootstrapcdn.com https://cdn-uicons.flaticon.com https://use.typekit.net https://email.static.useinsider.com; frame-src *.api.useinsider.com https://insider.b2metric.com; img-src * data:; media-src blob: 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://fast.wistia.com https://www.google-analytics.com https://www.googletagmanager.com mfe.useinsider.com https://cdnjs.cloudflare.com https://unpkg.com https://js.hsforms.net https://script.hotjar.com https://static.userguiding.com https://static.hotjar.com https://inone.useinsider.com https://edge.fullstory.com/s/fs.js https://browser.sentry-cdn.com/ https://edge.fullstory.com https://widget.usersnap.com https://static.getbeamer.com https://client.app.apty.io https://action-builder-bundle.useinsider.com connect.facebook.net https://resources.usersnap.com https://app.getbeamer.com https://code.jquery.com assets-staging.useinsider.com api.useinsider.com; style-src assets.api.useinsider.com 'unsafe-inline' 'self' https://fonts.googleapis.com https://unpkg.com; worker-src blob: https://*.inone.useinsider.com; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Sic3CSIfFinhju2l1vmXikeUr_xrOwkL3nHt7sGk_Fc-1726402601-1.0.1.1-OBBxTeIjNmkWcxBzTN74ZPgSP7oZ0xW0mTqp8uSg0CX9vB901dJ5L9B423hT4RZEXt3Lc_qcBakqfIsqDR_4rl6Gy96ROMZdYPVeLJ3Quq3ouk9_zEvZQ6yir6OgrL7feZwTLmigMAidiw8ZmJ6hAxCpOJjZGJU4Dn29rr8SMRWv5YcjZTRU159Wpk1eD8qP1tHoT0MZti5P1K7gWGDPvp9AYk5j0D3SxUZQ2ZMAaU4; report-to cf-qanelfihdsqolbef
content-length
0
x-amz-id-2
x+D4sxj9EkhSl3zFxHgG58Z/+xIy17/zWxSNersEZa1rXxvh0cWkxL0tr3kxlbfTfDbM54ZTBbw=
x-xss-protection
1
pragma
public
last-modified
Fri, 31 Mar 2023 06:50:34 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Sic3CSIfFinhju2l1vmXikeUr_xrOwkL3nHt7sGk_Fc-1726402601-1.0.1.1-OBBxTeIjNmkWcxBzTN74ZPgSP7oZ0xW0mTqp8uSg0CX9vB901dJ5L9B423hT4RZEXt3Lc_qcBakqfIsqDR_4rl6Gy96ROMZdYPVeLJ3Quq3ouk9_zEvZQ6yir6OgrL7feZwTLmigMAidiw8ZmJ6hAxCpOJjZGJU4Dn29rr8SMRWv5YcjZTRU159Wpk1eD8qP1tHoT0MZti5P1K7gWGDPvp9AYk5j0D3SxUZQ2ZMAaU4"}],"group":"cf-qanelfihdsqolbef","max_age":86400}
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
8c388ca2a8e1658f-SIN
expires
Sun, 15 Sep 2024 12:21:41 GMT
smartechclient.js
tw.netcore.co.in/
3 KB
2 KB
Script
General
Full URL
https://tw.netcore.co.in/smartechclient.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2753:8600:1c:47d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7224a2e65f63d9477c6a7759b460c2c8acdc72b9c933db58b694eaf83d004a1

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 14 Sep 2024 21:07:36 GMT
Content-Encoding
gzip
Via
1.1 63741248720e872eaffffc9818383c06.cloudfront.net (CloudFront)
Last-Modified
Fri, 23 Aug 2024 10:50:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P3
Age
54546
ETag
W/"8218a192f35b097dc754d23a282e5e22"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
qlenBU_Dk6vZrooXRZHWIGnypeDXzb-q9Ut7cgJl2KTLDSyCNIkUPQ==
ld.js
static.criteo.net/js/ld/
50 KB
17 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8472aa12e70d1d6bf8c13475037a0d4de3ffb3972d8c0ef2002a275604bbbcc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 04 Sep 2024 11:19:42 GMT
server
nginx
etag
W/"66d8424e-c772"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 16 Sep 2024 12:16:41 GMT
ematic.min.js
api.ematicsolutions.com/v1/
152 KB
152 KB
Script
General
Full URL
https://api.ematicsolutions.com/v1/ematic.min.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.248.98.228 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
7372a8d1415d15440ce0f2396da0072e09294582d3cb9b8e0e7babaf2f928b62

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
last-modified
Thu, 18 Feb 2021 10:02:10 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"602e3b22-2604c"
content-length
155724
content-type
application/javascript
Rtgag2-min.js
www.mainadv.com/Visibility/
4 KB
2 KB
Script
General
Full URL
https://www.mainadv.com/Visibility/Rtgag2-min.js
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0cc7007c504297c142cb1f2d5c4044049e029c94b35d2775d946582104b922

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2254
x-guploader-uploadid
AD-8ljvgR5dd2AF9ZWoloYFNtoQ2-D8Ws_Q5YCM5dLd2ToeJcsf1MCGCKciMbHEHA2dZQHb9i5qX0ciNpQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1628151099123356
last-modified
Thu, 08 Jun 2023 06:05:21 GMT
server
cloudflare
etag
W/"a036d22196946d9531a20fbc91928b89"
vary
Accept-Encoding
x-goog-hash
crc32c=lbi7sQ==, md5=oDbSIZaUbZUxog+8kZKLiQ==
x-goog-generation
1686204321643188
content-type
application/x-javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UziCIDJJB4QpXUu6Cx5lj4tzHuFL9IunUWv7jv2gBy%2F51Y0b76%2F2pxYVE7cmUnGNIHJHvi8GBRSyf%2BDLC2g%2FxWkQ3lCk7aCgxgGaZFZD2N8CEbihIiHMltc%2B5TFvgLleCj4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=3600
x-goog-stored-content-length
4474
cf-ray
8c388ca30e5c20ea-HKG
expires
Sun, 15 Sep 2024 12:39:06 GMT
fcconf_0610_0001.js
conf.f-tra.com/fcconf/
18 KB
18 KB
Script
General
Full URL
https://conf.f-tra.com/fcconf/fcconf_0610_0001.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.82.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-82-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fc572c0a1cb8c47134c1d5320151f69489c1674f7adb0d0571c374e2fcc4a5f

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ot0aeuB1OCkc6PtAHB1E97WJkUzFVPtj
date
Sun, 15 Sep 2024 12:16:42 GMT
via
1.1 3f57f54780fa22cdb3d004afb266e09a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P5
x-cache
RefreshHit from cloudfront
x-amz-meta-mode
33188
content-length
18043
last-modified
Fri, 06 Jul 2018 02:38:56 GMT
server
AmazonS3
etag
"2efd806de85248761b1d994140606a25"
x-amz-meta-uid
0
vary
Accept-Encoding
x-amz-meta-gid
0
content-type
application/octet-stream
accept-ranges
bytes
x-amz-cf-id
GvY5XQ0kAWh4JbXUE_-z3numn46aJOTo2Wd3SMohODlTYjJerfqUWQ==
x-amz-meta-mtime
1530844735
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SC60C8MG5J&gtm=45je4990v9137224586za200&_p=1726402601006&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-sg&sr=1600x1200&cid=1504663832.1726402601&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fechonexus.site%2F&dt=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&sid=1726402601&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1371
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SC60C8MG5J&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://echonexus.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-SC60C8MG5J&cid=1504663832.1726402601&gtm=45je4990v9137224586za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SC60C8MG5J&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://echonexus.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame AF43
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-SC60C8MG5J&gacid=1504663832.1726402601&gtm=45je4990v9137224586za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=1665413877
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SC60C8MG5J&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 12:16:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com.sg/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-SC60C8MG5J&cid=1504663832.1726402601&gtm=45je4990v9137224586za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=2093652782
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9CF6
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130601/pubads_impl.js?cb=31087123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29531
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 11:54:48 GMT
expires
Sun, 15 Sep 2024 12:44:48 GMT
last-modified
Mon, 09 Sep 2024 19:45:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
act
analytics.tiktok.com/api/v2/pixel/
0
873 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.66 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
39cb15ba.91b7c4b2
date
Sun, 15 Sep 2024 12:16:41 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24091512164198C9B0DD17F8B6FE2352-7E3E2C8CB0304893-00
x-cache
TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
233,23.52.40.70
server-timing
cdn-cache; desc=MISS, edge; dur=226, origin; dur=18, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024091512164198C9B0DD17F8B6FE2352
x-cache-remote
TCP_MISS from a23-32-16-75.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.32.16.75
x-tt-trace-host
018662393f50042bb32f145e03f9e0a2e59af01e2510d512cd98f18449dfcd7f9b505445d6372ad1f85c797becff39a156aaf319692deb0b6274f0aed251fadb216a9088ae16f64696147fb68b1f20dead4e8ab317d97a67543c05a3859ea6a94df7f4f4d4aca1a6077ac2afaab126958f
access-control-allow-headers
Authorization,*
expires
Sun, 15 Sep 2024 12:16:41 GMT
wntoken.txt
cdnvc.netcoresmartech.com/vc/prod/
14 B
503 B
Fetch
General
Full URL
https://cdnvc.netcoresmartech.com/vc/prod/wntoken.txt?ts=1726402601545
Requested by
Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f::b81c:eb53 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6f9ac8ace33ef7d67b0b9398e37d08a56c4a383126660de2b2cfbe4e5969fbdd

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
BK7kylxucHrNGGYOy7DgB2E6eofywqWL
content-encoding
gzip
date
Sun, 15 Sep 2024 12:16:41 GMT
x-amz-request-id
1SATC7F63P5QCF7N
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726402601614_3088902991_1035799755_20_818_10_25_219";dur=1
content-length
34
x-amz-id-2
pAXf7jLbasx19xTBeBMRK4HhSFWNeHj150Z5PwtqyBf0NfPD5ftORgrFKz4lCABMWYNddKl19Rw=
last-modified
Thu, 25 Jul 2024 15:34:08 GMT
etag
"8566d9b9e14165cb401f9e9c09089670"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=273509
accept-ranges
bytes
expires
Wed, 18 Sep 2024 16:15:10 GMT
wntoken_4eb6706d1249aaaa2d56520475cd9f3f.txt
cdnvc.netcoresmartech.com/vc/prod/
14 B
513 B
Fetch
General
Full URL
https://cdnvc.netcoresmartech.com/vc/prod/wntoken_4eb6706d1249aaaa2d56520475cd9f3f.txt?ts=1726402601546
Requested by
Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f::b81c:eb53 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
030b2dff5a86ab33b28345732c12e2371c15b96969bba615992eaf3aea493351

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
mSs0TvbuHxP2g1BjWe_DGTg8.Om.7vDD
content-encoding
gzip
date
Sun, 15 Sep 2024 12:16:41 GMT
x-amz-request-id
9MVMK4QFS0VB925F
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726402601588_3088902991_1035799754_50_845_10_0_219";dur=1
content-length
34
x-amz-id-2
EW3deCJ775TG7ncgKgrmyxZaZ3u7PZ97lX0B4BLKdZwBK5YU1kh7D8jESB7Y52z8qbj4Ku5clX7krlipeIRCEg==
last-modified
Thu, 25 Jul 2024 17:24:36 GMT
etag
"4e4cc0ab348f3ad9f88657c0bab2d0ef"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=278783
accept-ranges
bytes
expires
Wed, 18 Sep 2024 17:43:04 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=256929811160719&ev=PageView&dl=https%3A%2F%2Fechonexus.site%2F&rl=&if=false&ts=1726402601583&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726402601582.93271221747341502&ler=empty&cdl=API_unavailable&it=1726402601144&coo=false&rqm=GET
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 15 Sep 2024 12:16:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=256929811160719&ev=PageView&dl=https%3A%2F%2Fechonexus.site%2F&rl=&if=false&ts=1726402601583&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726402601582.93271221747341502&ler=empty&cdl=API_unavailable&it=1726402601144&coo=false&rqm=FGET
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 15 Sep 2024 12:16:41 GMT
document-policy
force-load-at-top
x-fb-server-load
9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7414842711375738614", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=10, mss=1297, tbw=3094, tp=-1, tpl=-1, uplat=251, ullat=0
pragma
no-cache
x-fb-debug
GDRPkJcUSo3Nt04vexCgSHqZeQCl0JhIsj5b8ML6vUNNu4skE7xYrF/a1fbut/Ujs7IaWarYM6btUcY+fIyRqw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7414842711375738614"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 54F9
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=echonexus.site&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://echonexus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 12:16:41 GMT
server
Kestrel
server-processing-duration-in-ticks
368332
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
settings.php
sg5-api.ematicsolutions.com/v1/scripts/
131 B
364 B
Script
General
Full URL
https://sg5-api.ematicsolutions.com/v1/scripts/settings.php?callback=_EmaticCallbacks.settings&json=%7B%22method%22%3A%22%22%2C%22apikey%22%3A%22fd280b46dc6a11e6be9a0242ac110002-sg5%22%2C%22listId%22%3Anull%2C%22debug%22%3A0%2C%22opt%22%3A%7B%22isControl%22%3Anull%2C%22email%22%3Anull%2C%22cookieless%22%3Anull%7D%2C%22env%22%3A%7B%22deviceHeight%22%3A1200%2C%22deviceWidth%22%3A1600%2C%22viewportHeight%22%3A1200%2C%22viewportWidth%22%3A1600%7D%2C%22session%22%3A%7B%22utmData%22%3A%7B%22utm_source%22%3A%22%22%2C%22utm_medium%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%7D%7D%7D&page_url=https%3A%2F%2Fechonexus.site%2F&page_referer=&_=1726402601558
Requested by
Host: api.ematicsolutions.com
URL: https://api.ematicsolutions.com/v1/ematic.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.122.181.146 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.181.122.34.bc.googleusercontent.com
Software
nginx/1.10.0 / PHP/7.1.33
Resource Hash
6c405f346bc85e49e5ddf63aef3e27064341bffedf67f6b5d835783a10b4f902

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 15 Sep 2024 12:16:42 GMT
Content-Encoding
gzip
Server
nginx/1.10.0
Connection
keep-alive
X-Powered-By
PHP/7.1.33
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
2466.js
cdn.mndtrk.com/aud/clientjs/
5 KB
3 KB
Script
General
Full URL
https://cdn.mndtrk.com/aud/clientjs/2466.js?&t=1
Requested by
Host: www.mainadv.com
URL: https://www.mainadv.com/Visibility/Rtgag2-min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.156.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5136fb48032b6da12c72b9f8ffa95d27472f0631d63aa4672fc5ed7d352bf

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18692
x-guploader-uploadid
AD-8ljtXCUeIQQgHO02RM-aMKyhC-JOASNjZZlpc7LEULgcBYj3B229CPDnDyvgfFT7y6yNDU4Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Jul 2024 16:04:42 GMT
server
cloudflare
etag
W/"238d807c084a48554c15414a57835257"
vary
Accept-Encoding
x-goog-hash
crc32c=2hsSbQ==, md5=I42AfAhKSFVMFUFKV4NSVw==
x-goog-generation
1721664282235448
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTn2j4ZBt5OP6Xlc8h985bukcUQzgI97Q4ORiFeqoWBFHHSD3%2FnyVxXBWg7%2B6wACFN7KgfsdP8%2FpN2WQ7IaQnetsOsRRZSqMN1c6KtaByGiOWY8CrtvPHaKxF6a%2Fs153gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800
x-goog-stored-content-length
4824
cf-ray
8c388ca49be221e5-HKG
expires
Sun, 15 Sep 2024 07:20:08 GMT
js-versioning
osjs.netcoresmartech.com/v1/
286 KB
79 KB
Script
General
Full URL
https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00&siteid=4eb6706d1249aaaa2d56520475cd9f3f&rc=s&tk1=20240725090406&tk2=20240725105435
Requested by
Host: tw.netcore.co.in
URL: https://tw.netcore.co.in/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.207.172 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-207-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1b86e647c40a83bb912f639d2b15af3ea92395b1e2f1c0adfe0cf1ef0e82cce

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
last-modified
Fri, 13 Sep 2024 00:25:26 GMT
x-amzn-requestid
6659eb69-6bbd-454e-b09c-3583a3642b3b
x-amzn-trace-id
Root=1-66e38d1e-280a6559419b2c9f4fe1f192;Parent=02b3dbc97a1fad3b;Sampled=0;lineage=8d157353:0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=391068
content-disposition
inline; filename=smartech-sdk.js
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726402601680_388877996_1074103728_142_606_6_25_146";dur=1
x-amz-apigw-id
eBL8xEhQBcwEbPg=
content-length
80411
cta2.js
asset.f-tra.com/track/
99 KB
35 KB
Script
General
Full URL
https://asset.f-tra.com/track/cta2.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNWWGW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.133.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-133-35.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f988fd1bdf023c892e4ae3ba523fa806630da6da3187627be9853e9f74e8d8a1

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
fOOW53jteeoRXHjlZHMvDVdSEvkmobnD
content-encoding
gzip
via
1.1 116da182b39d985666ed62f3630a9fe4.cloudfront.net (CloudFront)
date
Sun, 15 Sep 2024 12:16:06 GMT
last-modified
Wed, 03 Mar 2021 06:08:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P4
age
303
etag
W/"04006360a2199d27cc59c14c9268dd22"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
PHJ4mbV8E6rTqcH08LvzNcCDbMzKxUTOqBvGPAOfrfz7gDAZFxXKdg==
event
sslwidget.criteo.com/
9 KB
4 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=17238&v=5.26.2&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=4KfoSl9EUW1reDZuU1F2YlEwTXNlYkIzRzQwVVolMkJ1d2E3b2pHeHFTeko0cEFtenA3MlZhdSUyQiUyRmsxQ0N1JTJCSTlhejdWMjFiZUZOVk5NJTJGZWRwdGZ1ZHlwcXhKNGElMkJJVXQlMkZVSjhMYm5MUUFHd05IcUZoRW9sT1RqTUhoU0xlJTJCOTExaHJIeDh3NnlFNyUyRkJrTncyWHdJR3Y1OFFCbDNLMkFMS1pvRjVpQjdZN0NBR2J4SWslM0Q&sc=%7B%22fbp%22%3A%22fb.1.1726402601582.93271221747341502%22%2C%22ttp%22%3A%228-Z4r4LWWrhLk1_MZl7x1nQd_A8%22%7D&tld=echonexus.site&fu=https%253A%252F%252Fechonexus.site%252F&ceid=4c2055fa-f3a3-4127-9d8b-376cfa87b05c
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
987d55f48542b3ed6087e8f70759a9f77900635f2f02b7fcbdb66204d5e09fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8343985
timing-allow-origin
*
expires
0
dispatch
twa.netcoresmartech.com/
7 B
94 B
XHR
General
Full URL
https://twa.netcoresmartech.com/dispatch?user_key=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00&customer_key=&uuid=3f2b067e-b587-4e6a-8c6b-c4fa8b67bfc0&siteid=4eb6706d1249aaaa2d56520475cd9f3f&browser=chrome&sid=1726402601761&visit=new&pts=0&sts=0&url=https%3A%2F%2Fechonexus.site%2F&tx=1726402601761&npv=0&title=Toko%20Fashion%20Wanita%20dan%20Pria%20Online.%20%7C%20Berrybenka.com&usertimings=1726402601765&web_activity=1
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00&siteid=4eb6706d1249aaaa2d56520475cd9f3f&rc=s&tk1=20240725090406&tk2=20240725105435
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.234.61.153 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-234-61-153.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 15 Sep 2024 12:16:41 GMT
server
awselb/2.0
content-length
7
content-type
text/plain
ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00.js
cdnt.netcoresmartech.com/webactivity/
89 B
501 B
Script
General
Full URL
https://cdnt.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00&siteid=4eb6706d1249aaaa2d56520475cd9f3f&rc=s&tk1=20240725090406&tk2=20240725105435
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1417:3f::b81b:7b69 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7b6a23d858b6a906bcf5e15ac91e8898f1b614eb57d1432d4f5d8dd854a0d45

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 10:34:53 GMT
server
AmazonS3
x-amz-request-id
0K8B7GF03G0SGS3W
etag
"4456be522b62a5970480f6cef92e2159"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=415600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1726402601812_3088808805_377815100_20_660_2_10_146";dur=1
accept-ranges
bytes
content-length
93
x-amz-id-2
IWLKMwdaeikkt/naxdooVgBXK7UrdqM2l0MPfakJrikcSebzEf2iqZI3vrrpl1im/Em/KjQAmfE=
expires
Fri, 20 Sep 2024 07:43:21 GMT
df
twa.netcoresmartech.com/
57 B
150 B
XHR
General
Full URL
https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96BOCO5PSA3LIARJ83CAPRLAITR00&siteid=4eb6706d1249aaaa2d56520475cd9f3f&rc=s&tk1=20240725090406&tk2=20240725105435
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.234.61.153 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-234-61-153.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 15 Sep 2024 12:16:41 GMT
server
awselb/2.0
content-length
57
content-type
application/json
interest-group
fledge.as.criteo.com/ Frame 22FE
0
0
Document
General
Full URL
https://fledge.as.criteo.com/interest-group?data=8kF_LnxlRE0xd2M2cjlTa0JCcHVlVGN0TS8rZVpBWWlyUHJXWSs0U0lUanRyUWJLTXl3Y1VnRjF2ZjdjNmR4bUlBQUJNSlVod3IxSzZzdnEwMEd5WVZMRlRONWZQUDBMSURLSGVBWmZlL08wOEM3akI1YUhpVDk2RllLUDFidnhWNE1vdFQzaERqYVJ4aXozUnhBeTRRbTUrejVWLy9RSURJb25tZWZOblNoRHl3R3M9fA
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::19 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://echonexus.site/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Sun, 15 Sep 2024 12:16:41 GMT
observe-browsing-topics
?1
server
Kestrel
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-allow-fledge
true
register-trigger
measurement-api.criteo.com/
0
0
Fetch
General
Full URL
https://measurement-api.criteo.com/register-trigger?partner_id=17238&uid=971169e1-a453-4dae-8fe0-35616e48ff6b&event_name=Page&islcc=0&amount_euro=0&client_side_event_id=4c2055fa-f3a3-4127-9d8b-376cfa87b05c
Requested by
Host: echonexus.site
URL: https://echonexus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:41 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"18122245294171256281","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://echonexus.site
access-control-allow-credentials
true
content-length
0
cookiematch.aspx
ban.tangooserver.com/rtb/google/ Frame 0E72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tangoomedia&google_ula=7241462486&google_cm&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=ht...
  • https://ban.tangooserver.com/rtb/google/cookiematch.aspx?id=tangoomedia&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechone...
0
0
Document
General
Full URL
https://ban.tangooserver.com/rtb/google/cookiematch.aspx?id=tangoomedia&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechonexus.site%2F&pagetype=home&Browsercheck=true&a15=false&dw15=false&google_gid=CAESEHWsboMpH82GlX-n_eens2E&google_cver=1&google_ula=7241462486,0
Requested by
Host: cdn.mndtrk.com
URL: https://cdn.mndtrk.com/aud/clientjs/2466.js?&t=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://echonexus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c388ca629dc84d6-HKG
content-encoding
br
content-type
text/html;charset=ISO-8859-1
date
Sun, 15 Sep 2024 12:16:42 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
unsafe-url
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJuZxwXrBVxSZKGz4hpuSWCiHGX69K8WBZwmPaBVK9YiLMsRL1YjOpwQvOU9jYJlcmqAPArpyPYVKkizi3Khbg9D1xFG41UdQHHaNSiBKTar9QB%2FVTS900xYTzjA6IKEL6OQr7MbfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
591
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 12:16:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://ban.tangooserver.com/rtb/google/cookiematch.aspx?id=tangoomedia&cok15=$CookieName$&cnty15=$GRegionCode$&t=4&ProgramName=berrybenka&AudienceId=2466&CampaignId=0&Referrer=https%3A%2F%2Fechonexus.site%2F&pagetype=home&Browsercheck=true&a15=false&dw15=false&google_gid=CAESEHWsboMpH82GlX-n_eens2E&google_cver=1&google_ula=7241462486,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 1DE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_cm&google_hm=ay1SYkxVRmpZRGFVbDJFLTI5R29qZDhqNnBwQVktamlSU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_gid=CAESEPwu01bbPHZ_BaZTCpood20&google_cver=1&google_ula=913071,0
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_gid=CAESEPwu01bbPHZ_BaZTCpood20&google_cver=1&google_ula=913071,0
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1921554
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RbLUFjYDaUl2E-29Gojd8j6ppAY-jiRRb4l05g&google_gid=CAESEPwu01bbPHZ_BaZTCpood20&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 1DE0
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30
43 B
288 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30
Protocol
H2
Server
35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
90.7.213.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Lj4FmzYDaUl2E-29Gojd8j6ppAbA2VSzsEt9_A&expires=30
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 1DE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1194787372441022830
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1194787372441022830
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
941275
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
an-x-request-uuid
70d29b64-a5c3-4772-afe7-36ebc06177d4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1194787372441022830
x-proxy-origin
209.58.162.239; 209.58.162.239; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1DE0
43 B
687 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jE7hdDYDaUl2E-29Gojd8j6ppAbybcEN05llug
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.169 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1DE0
0
373 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-pyHNszYDaUl2E-29Gojd8j6ppAYaPRqsGUr4zQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
2787
idsync
tg.socdm.com/aux/ Frame 1DE0
43 B
870 B
Image
General
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-CGbppzYDaUl2E-29Gojd8j6ppAZlnDA8OhLewQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.152 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Sun, 15 Sep 2024 12:16:42 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-CGbppzYDaUl2E-29Gojd8j6ppAZlnDA8OhLewQ","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.239","key":"ZubQKsCo8X0AAHmck5gAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40222"}
X-SO-Key
ZubQKsCo8X0AAHmck5gAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40222
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
a-ad40222.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
5
Content-Length
43
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
209.58.162.239
sync
tags.bluekai.com/site/29001/ Frame 1DE0
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ApiTJuX8FXaqz67bq2mCf8wlZJieqGYz
62 B
583 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ApiTJuX8FXaqz67bq2mCf8wlZJieqGYz
Protocol
H2
Server
23.53.217.82 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-217-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type
image/gif
x-request-id
13f5b12241e68a84b91e001c93ae454b
date
Sun, 15 Sep 2024 12:16:42 GMT
content-length
62
bk-server
c1ca
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=ApiTJuX8FXaqz67bq2mCf8wlZJieqGYz
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
625348
content-length
0
rum
r.casalemedia.com/ Frame 1DE0
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw&C=1
43 B
324 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zc1dy4Yqdqqu9KV2C1GVDvRdLHjb0YWfInLxvdZ7eyf62I95kkhpAPHpDoTjtRvBcf19BXkn1ZTIloH9RkyundJlV7AnzsIFr6pkcq%2BM%2BpJrBLgbJxTNA%2FiE0QtlMRVoKczI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8c388caae8ec84c6-HKG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqCZrDD7niG%2BllpmCONKi%2Bchjgmhyr0kwwxQRP4jzcS3kq1GX6WoU3WfT6htnooJ7jsMRMCLw2GmRu9WiY%2BlJ180Uc4jruB%2BbXOHrTBM0ewSijS2o6IjIjxLaq6bqjVxjfLM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-gQHBtDYDaUl2E-29Gojd8j6ppAZXRqfk-LMjLw&C=1
cache-control
no-cache
cf-ray
8c388caa4fd084c6-HKG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
adx.dable.io/ Frame 1DE0
0
165 B
Image
General
Full URL
https://adx.dable.io/pixel?dsp_id=6&uid=k-6lRKwjYDaUl2E-29Gojd8j6ppAYPaSbIC490lg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.234.85.243 Osaka, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-234-85-243.ip.linodeusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:42 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame 1DE0
43 B
413 B
Image
General
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-vpY6MTYDaUl2E-29Gojd8j6ppAYqapTPbV3gNw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.56.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-56-11.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 1DE0
43 B
660 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-XywWmzYDaUl2E-29Gojd8j6ppAYAtQX61c17_g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.123.98 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ads12-sgp.stickyadstv.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Sep 2024 12:16:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1726402602990034-85
match
ad.360yield.com/ul_cb/ Frame 1DE0
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JpCe7DYDaUl2E-29Gojd8j6ppAZ1Q_wVshOjdw
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JpCe7DYDaUl2E-29Gojd8j6ppAZ1Q_wVshOjdw
0
0

362338.gif
idsync.rlcdn.com/ Frame 1DE0
42 B
440 B
Image
General
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-sGSpazYDaUl2E-29Gojd8j6ppAYpuXPaQ2W37A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync.php
contextual.media.net/ Frame 1DE0
61 B
814 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KeTLnzYDaUl2E-29Gojd8j6ppAbufftOY10hQA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.36.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 15 Sep 2024 12:16:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
61
x-mnet-hl2
E
expires
Sun, 15 Sep 2024 12:16:42 GMT
c.gif
c.bing.com/ Frame 1DE0
42 B
690 B
Image
General
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-mZ5mijYDaUl2E-29Gojd8j6ppAZf2facVg89kw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
last-modified
Tue, 13 Aug 2024 21:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 623BA3D5AC024B9FBD0927E17D5B72B1 Ref B: SIN30EDGE0317 Ref C: 2024-09-15T12:16:42Z
etag
"3bd2d078c5edda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 1DE0
0
360 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7lBUMTYDaUl2E-29Gojd8j6ppAYdnEV57CET-w&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:43 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
99b009011104250c3ff32ecf3512ccc5
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1DE0
42 B
577 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-0zKYrTYDaUl2E-29Gojd8j6ppAZHuMmsnra8Hw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 15 Sep 2024 12:16:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 1DE0
42 B
1 KB
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-cMhbxDYDaUl2E-29Gojd8j6ppAb8eMldefv-fA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
Expires
0
/
s.ad.smaato.net/c/ Frame 1DE0
0
381 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-vVrkwTYDaUl2E-29Gojd8j6ppAY9k28vBOivDA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223b:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache, must-revalidate
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
F4gsoDhTMIHC7FHfe1ROgAg2Z0CN1PZUm4Tr1Wli9-YF8elfSdO7cw==
x-cache
Miss from cloudfront
um
criteo-sync.teads.tv/ Frame 1DE0
23 B
278 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-_tFRnzYDaUl2E-29Gojd8j6ppAY5cnfiZmO7WA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 15 Sep 2024 12:16:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.1
content-length
23
expires
Sun, 15 Sep 2024 12:16:43 GMT
sync.htm
ade.clmbtech.com/uid/ Frame 1DE0
68 B
259 B
Image
General
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-_0BA2zYDaUl2E-29Gojd8j6ppAasMXfsFl0m-A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:a000::1734:2878 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Sun, 15 Sep 2024 12:16:42 GMT
x-content-type-options
nosniff
server
Bhoot
x-frame-options
sameorigin
content-type
image/jpeg
x-upstream
172.29.17.241:80
content-length
68
x-xss-protection
1; mode=block
xuid
eb2.3lift.com/ Frame 1DE0
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-MnmCVjYDaUl2E-29Gojd8j6ppAbtAJ-tL40A8Q&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 15 Sep 2024 12:16:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
1x1.png
cdn.aralego.net/img/ Frame 1DE0
Redirect Chain
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-iWQG0TYDaUl2E-29Gojd8j6ppAbLJQbNLQ5xlg
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NDQxOTczY2EtZGRhZi0zYTIxLTkwN2QtMzI0OWExZWQ3OWM1&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
602 B
Image
General
Full URL
https://cdn.aralego.net/img/1x1.png
Protocol
H3
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13387
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
68
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwjsKEK%2FJa8gaUpcjLTUsXLg4ACfea09WHE2yRHguGuoPoXCnOnxt41IYF92p%2BA8KUQs3viX7wzM9wkw4OVHIthXpIV0RqoLPh5V1TqKrpN%2Byw5QgWcQVZkukCUoP7Gbyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8c388cacdf2204f2-HKG

Redirect headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cdn.aralego.net/img/1x1.png
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 1DE0
43 B
620 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-tG0iuDYDaUl2E-29Gojd8j6ppAb0UPWxLXKU2w&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.202.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-202-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
RX-32c06487-73e6-4543-b436-b8553a79bae3-004
sync.targeting.unrulymedia.com/csync/ Frame 1DE0
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-9T0-fjYDaUl2E-29Gojd8j6ppAaIfHOurCI5nQ
  • https://sync.1rx.io/usersync/criteodsp/k-9T0-fjYDaUl2E-29Gojd8j6ppAaIfHOurCI5nQ?zcc=1&cb=1726402603010
  • https://sync.targeting.unrulymedia.com/csync/RX-32c06487-73e6-4543-b436-b8553a79bae3-004
43 B
378 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-32c06487-73e6-4543-b436-b8553a79bae3-004
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 12:16:43 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

content-type
text/html
pragma
no-cache
date
Sun, 15 Sep 2024 12:16:43 GMT
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-32c06487-73e6-4543-b436-b8553a79bae3-004
expires
0
favicon.png
berrybenka.com/berrybenka/desktop/img/
1 KB
2 KB
Other
General
Full URL
https://berrybenka.com/berrybenka/desktop/img/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.255.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-255-16.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
806266ca4614e735ce6ed55f60104ca6e1f01e8d8d58d45025cb6ff46d62967c

Request headers

Referer
https://echonexus.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 15 Sep 2024 12:16:42 GMT
last-modified
Fri, 08 Sep 2017 13:51:49 GMT
server
nginx
etag
"59b2a075-53c"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1340
expires
Sun, 22 Sep 2024 12:16:42 GMT
setuid
ib.adnxs.com/ Frame 1DE0
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-EdrmlTYDaUl2E-29Gojd8j6ppAYPZz_F7fYXaQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 12:16:42 GMT
an-x-request-uuid
2c830820-b358-4e07-bf34-1bc7862a3c36
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
209.58.162.239; 209.58.162.239; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/futurabold.woff
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/futura.woff
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff2?v=4.5.0
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/futura.ttf
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.woff
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/futurabold.ttf
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff?v=4.5.0
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.ttf
Domain
berrybenka.com
URL
https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.ttf?v=4.5.0
Domain
ad.360yield.com
URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JpCe7DYDaUl2E-29Gojd8j6ppAZ1Q_wVshOjdw

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| TiktokAnalyticsObject object| ttq object| isMobile object| isNon object| gapi object| ___jsl function| renderBadge object| ___gcfg function| $ function| jQuery object| jQuery110209885008604051211 object| action object| input function| toSlug function| sendVal function| searchSolr function| search_bb function| find_key function| create_uri function| urlSegment function| urlGetSegment function| get_separator function| set_separator function| last_url function| findUriSegment function| findUriKey function| writeImpression function| ChangeMenu object| dataLayer object| mydata336CC993E54D object| googletag string| GoogleAnalyticsObject function| ga object| _fbq object| firebase function| ca function| ba function| da function| ea function| aa object| config object| closure_lm_710869 object| google_tag_data function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time function| onProductClick function| fbq function| number_format function| ucfirst function| strstr object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| google_tag_manager function| postscribe object| google_tag_manager_external object| criteo_q string| ematicApikey object| opt function| callback object| mergeVars function| formatCurrency function| abpCall function| convertCall string| EmaticsObject function| ematics object| rtgsettings object| google_reactive_ads_global_state object| google_tag_topics_state object| smartechclient string| SmartechObject function| smartech object| _EmaticCallbacks function| Spinner string| tok string| p1 string| c function| diff_hours function| chkses function| chk function| CDV function| CIF function| CST function| CIG function| ToLowerItem function| stripHTML function| getParm function| TrafficCalculator function| CAU function| checkDuplicateScript object| messageMap object| FCconf object| LB2466 function| AL2466 function| A2466 function| FDV function| CUDV function| urlcheck function| lengthcheck function| checkBrowser function| auditcheck function| dw function| _cc function| FCj function| $FC object| smartech_wnconfig object| STAPI function| smtReloader object| configuration_map object| data_2466

72 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2m6gmmUnO2aoIzCGQmgLZOjUWFr
.creativecdn.com/ Name: g
Value: h82ypkOcWJUqGlhuMqmU_1726402601121
.creativecdn.com/ Name: c
Value: h82ypkOcWJUqGlhuMqmU_QVBoOhP0iAXuw71oerc0_1726402601121
.creativecdn.com/ Name: ts
Value: 1726402601
.echonexus.site/ Name: _ga
Value: GA1.2.1504663832.1726402601
.echonexus.site/ Name: _gid
Value: GA1.2.1382882832.1726402601
.echonexus.site/ Name: _gat
Value: 1
.echonexus.site/ Name: _tt_enable_cookie
Value: 1
.echonexus.site/ Name: _ttp
Value: 8-Z4r4LWWrhLk1_MZl7x1nQd_A8
.echonexus.site/ Name: _ga_SC60C8MG5J
Value: GS1.2.1726402601.1.0.1726402601.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUm_zKgm2a1DeZGkTwq0fIDRLwBXguc1PX-YK3VFJ-5ND8Tc-zlIvufzh3uK
.echonexus.site/ Name: _fbp
Value: fb.1.1726402601582.93271221747341502
.echonexus.site/ Name: _v1EmaticSolutionsUTMData
Value: %7B%22utm_source%22%3A%22%22%2C%22utm_medium%22%3A%22%22%2C%22utm_campaign%22%3A%22%22%7D
.criteo.com/ Name: uid
Value: 971169e1-a453-4dae-8fe0-35616e48ff6b
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.echonexus.site/ Name: cto_bundle
Value: 4KfoSl9EUW1reDZuU1F2YlEwTXNlYkIzRzQwVVolMkJ1d2E3b2pHeHFTeko0cEFtenA3MlZhdSUyQiUyRmsxQ0N1JTJCSTlhejdWMjFiZUZOVk5NJTJGZWRwdGZ1ZHlwcXhKNGElMkJJVXQlMkZVSjhMYm5MUUFHd05IcUZoRW9sT1RqTUhoU0xlJTJCOTExaHJIeDh3NnlFNyUyRkJrTncyWHdJR3Y1OFFCbDNLMkFMS1pvRjVpQjdZN0NBR2J4SWslM0Q
echonexus.site/ Name: __sts
Value: eyJzaWQiOjE3MjY0MDI2MDE3NjEsInR4IjoxNzI2NDAyNjAxNzYxLCJ1cmwiOiJodHRwcyUzQSUyRiUyRmVjaG9uZXh1cy5zaXRlJTJGIiwicGV0IjoxNzI2NDAyNjAxNzYxLCJzZXQiOjE3MjY0MDI2MDE3NjF9
echonexus.site/ Name: __stp
Value: eyJ2aXNpdCI6Im5ldyIsInV1aWQiOiIzZjJiMDY3ZS1iNTg3LTRlNmEtOGM2Yi1jNGZhOGI2N2JmYzAifQ==
measurement-api.criteo.com/ Name: ar_debug
Value: 1
echonexus.site/ Name: __stgeo
Value: IjAi
echonexus.site/ Name: __stbpnenable
Value: MA==
echonexus.site/ Name: __stdf
Value: MA==
.criteo.com/ Name: cto_bundle
Value: S6PanV9ScjRPUm9aeFhIa3c5NjNvd1glMkZMUVVvYnAwWWVoYyUyRm5SNUthNnVrY1VjJTJCWFNQZFhNNGw4cnNMZEdIcW1hN2Vl
.adnxs.com/ Name: XANDR_PANID
Value: Q7Edsa4fmawfc6di7Dxjz7GGiO8u32DfIuZPU4EW4rd89CLhngqF-E70CmG9UUOY8lCd8K-FutMWdXtPpNAtRucr-bZn9dQwpkmt_5y-JAY.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1194787372441022830
.taboola.com/ Name: t_gid
Value: efb1e133-7bd7-427c-abed-54595fdbdc0d-tuctde055aa
.taboola.com/ Name: t_pt_gid
Value: efb1e133-7bd7-427c-abed-54595fdbdc0d-tuctde055aa
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2E?bcuaKP!]tbPl@/D!9hy6]/Cwg[Z)s<Q/lrys4wr`?kBzF)8>faxgL1ET3jxqS1h2I72QaQ+>lmm-l#^4-*bpRz*qF1`*bcDa+[cw!
.360yield.com/ Name: tuuid
Value: 568545f0-34ec-44d4-8165-b7833a0bd1f4
.360yield.com/ Name: tuuid_lu
Value: 1726402602
.smartadserver.com/ Name: pid
Value: 785810094738129060
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-jE7hdDYDaUl2E-29Gojd8j6ppAbybcEN05llug
.casalemedia.com/ Name: CMID
Value: ZubQKosFVsIAAB26AH-kxgAA
.casalemedia.com/ Name: CMPS
Value: 4724
.casalemedia.com/ Name: CMPRO
Value: 4724
.adingo.jp/ Name: criteo_dsp
Value: k-vpY6MTYDaUl2E-29Gojd8j6ppAYqapTPbV3gNw
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LUDL09phvGtyz/+/nvy016X3B1oNEg1GpT700Ay+5/IL9QenJHSW
.bluekai.com/ Name: bku
Value: uUW99Ygx8ZSaAY6C
.bidswitch.net/ Name: tuuid
Value: bbdedf39-b0d3-4d36-8c54-22b26806d694
.bidswitch.net/ Name: c
Value: 1726402602
.bidswitch.net/ Name: tuuid_lu
Value: 1726402602
.socdm.com/ Name: SOC
Value: ZubQKsCo8X0AAHmck5gAAAAA
.rlcdn.com/ Name: rlas3
Value: vCLQiA/OKC8xqkOlICP6HhVIyfb176K4PLqecW3yc1Y=
.rlcdn.com/ Name: pxrc
Value: CAA=
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-0zKYrTYDaUl2E-29Gojd8j6ppAZHuMmsnra8Hw&KRTB&23037-uid:k-0zKYrTYDaUl2E-29Gojd8j6ppAZHuMmsnra8Hw&KRTB&23144-uid:k-0zKYrTYDaUl2E-29Gojd8j6ppAZHuMmsnra8Hw&KRTB&23286-uid:k-0zKYrTYDaUl2E-29Gojd8j6ppAZHuMmsnra8Hw
.pubmatic.com/ Name: PugT
Value: 1726402601
.dable.io/ Name: uid
Value: 50580311.1726402602741
.bing.com/ Name: MUID
Value: 2D09C826DDFD68363F83DCDDDCFC697C
.c.bing.com/ Name: MR
Value: 0
.smaato.net/ Name: SCM
Value: 5c5bcc5af7
.smaato.net/ Name: SCM1001851
Value: 5c5bcc5af7
.3lift.com/ Name: tluidp
Value: 1067254057331258047030
.3lift.com/ Name: tluid
Value: 1067254057331258047030
.aralego.com/ Name: sspid
Value: 441973ca-ddaf-3a21-907d-3249a1ed79c5
.yieldmo.com/ Name: yieldmo_id
Value: VRpqdwpjYLpWOFmz_uyj%7C1726358400000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-tG0iuDYDaUl2E-29Gojd8j6ppAb0UPWxLXKU2w
.media.net/ Name: visitor-id
Value: 3694042028094320000V10
.media.net/ Name: data-c-ts
Value: 1726402602
.media.net/ Name: data-c
Value: k-KeTLnzYDaUl2E-29Gojd8j6ppAbufftOY10hQA~~3
.ads.stickyadstv.com/ Name: UID
Value: 986ca8c56b533e51616578bbf31447
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-XywWmzYDaUl2E-29Gojd8j6ppAYAtQX61c17_g
.teads.tv/ Name: tt_viewer
Value: 68ec07de-627f-47a8-abe4-611d01b54a75
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32c06487-73e6-4543-b436-b8553a79bae3-004%22%7D
.rubiconproject.com/ Name: audit_p
Value: 1|6bl3k1c1LZDrcJDiEZy8P6eY+UBaLK5R9QIn8saHiSqJl7/YsOb2JStIFz4jXoWXQWN56cDH2USM1KxoLazIt+aleybw1oy9Ba0etFFpiE0ZMzK7+jhU+LZcgFQzZC4/vCO8QkugW6g7SJq2KPiB/gg4xSusLNL2/0H6zFUdfzjmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.rubiconproject.com/ Name: khaos
Value: M13JJ9XX-Y-DOME
.rubiconproject.com/ Name: khaos_p
Value: M13JJ9XX-Y-DOME
.rubiconproject.com/ Name: audit
Value: 1|6bl3k1c1LZDrcJDiEZy8P6eY+UBaLK5R9QIn8saHiSqJl7/YsOb2JStIFz4jXoWXQWN56cDH2USM1KxoLazIt+aleybw1oy9Ba0etFFpiE0ZMzK7+jhU+LZcgFQzZC4/vCO8QkugW6g7SJq2KPiB/gg4xSusLNL2/0H6zFUdfzjmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32c06487-73e6-4543-b436-b8553a79bae3-004%22%7D

20 Console Messages

Source Level URL
Text
javascript error URL: https://echonexus.site/(Line 816)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/futura.woff' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/futura.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/(Line 816)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/futurabold.woff' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/futurabold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/(Line 816)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff2?v=4.5.0' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff2?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/(Line 1048)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/futura.ttf' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/futura.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/(Line 1048)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.woff' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/(Line 1048)
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/futurabold.ttf' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/futurabold.ttf
Message:
Failed to load resource: net::ERR_FAILED
recommendation verbose URL: https://echonexus.site/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://echonexus.site/
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff?v=4.5.0' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.woff?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.ttf' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/flexslider/fonts/flexslider-icon.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://echonexus.site/
Message:
Access to font at 'https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.ttf?v=4.5.0' from origin 'https://echonexus.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://berrybenka.com/berrybenka/desktop/fonts/fontawesome-webfont.ttf?v=4.5.0
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ade.clmbtech.com
ads.stickyadstv.com
adx.dable.io
analytics.google.com
analytics.tiktok.com
api.ematicsolutions.com
apis.google.com
asia.creativecdn.com
asset.f-tra.com
ban.tangooserver.com
berrybenka.api.useinsider.com
berrybenka.com
c.bing.com
cdn.aralego.net
cdn.mndtrk.com
cdnt.netcoresmartech.com
cdnvc.netcoresmartech.com
cm.g.doubleclick.net
conf.f-tra.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
dis.criteo.com
eb2.3lift.com
echonexus.site
fledge.as.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
im.berrybenka.com
measurement-api.criteo.com
osjs.netcoresmartech.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
securepubads.g.doubleclick.net
sg5-api.ematicsolutions.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.aralego.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.bluekai.com
td.doubleclick.net
tg.socdm.com
tw.netcore.co.in
twa.netcoresmartech.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mainadv.com
x.bidswitch.net
ad.360yield.com
berrybenka.com
103.132.192.30
103.43.90.178
104.18.36.155
104.248.98.228
108.156.133.35
118.139.179.166
124.146.153.152
13.234.61.153
139.99.123.98
141.226.229.48
142.251.10.155
142.251.10.156
142.251.12.156
157.240.7.26
172.234.85.243
172.253.118.147
172.67.156.234
172.67.159.95
172.67.181.199
172.67.71.254
182.161.73.146
2001:4860:4802:32::181
207.65.33.82
23.106.127.169
23.40.36.23
23.45.207.172
23.52.40.66
23.53.160.138
23.53.217.82
2404:6800:4003:c00::5e
2404:6800:4003:c03::9b
2404:6800:4003:c05::9b
2404:6800:4003:c11::5e
2404:6800:4003:c11::8a
2404:6800:4003:c1a::5e
2404:6800:4003:c1a::9d
2404:6800:4003:c1c::5f
2404:6800:4003:c1c::61
2404:6800:4003:c1c::8a
2406:2600:7:100::
2406:2600:7:100::1
2406:2600:7:100::19
2406:2600:7:100::9
2600:1413:a000::1734:2878
2600:1417:3f::b81b:7b69
2600:1417:3f::b81c:eb53
2600:9000:21b4:7400:1a:297d:f300:93a1
2600:9000:223b:ec00:1b:5138:8a40:93a1
2600:9000:2753:8600:1c:47d:4bc0:93a1
2606:4700:7::a29f:863d
2620:1ec:c11::237
2a03:2880:f10c:83:face:b00c:0:25de
3.1.255.16
3.165.82.125
34.122.181.146
35.213.7.90
35.244.154.8
43.249.38.110
52.194.56.11
52.223.2.229
54.179.202.19
66.225.223.159
69.173.158.64
74.118.186.107
74.125.130.155
74.125.130.157
74.125.24.156
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
00b149d5112b8a4a0d1ba974da091633307d6011c464c87394a5dedd8f7b3e99
0201fa5c17047b0cd554c93d55f175bbf2c8767fa1c71ebf51254017cad38a26
030b2dff5a86ab33b28345732c12e2371c15b96969bba615992eaf3aea493351
093c983329059e830ea55476ae2d2afe7a6d22ce45e66cac799b224b628ee2b1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dd2a8458bacae09035104909bd7383ffcde713124b8871c19cc9fc495e1f1fa
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
1709a7c57ec534a6ec92f5ce63f763cda36475ba437ef141f9535a018746db97
17696f263958a5fb862f4adadb314465ead2ba0c91347d47945d68d593226d33
1786d47468f3bfec3cb71723ab6ae6952a9f371a22ac5934e79b8fd2f843f9ca
180295a40ebec397beb953189d661376c4dd899a74bc81d70c8f8c52c8f30e8b
1e3a8fb59278b3cb623a5fef64dbcaefa2335bba38fbbe6febcfdf9431531a2a
1f36a700d1fb2587480ce07acb702512eaa6bf4b9b614b244f18fcbc4a74716e
26fdefd54c0f2b5d598ca66632be76bd34acceaa6210eeb978df39875ef33709
2a7ac6ab79f4925ebabbef29ea7a477d7c2d8dfaebc74cba71889d2ff812cfca
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2da8ff969e8dab3d84abf4051c4a4ea95bcdc80aeab5a6eecd1d4558c99dd940
2e653bf3905faf94b56e60262f58b46bf092e08dc159bca7e1c63a3d866bd710
2fcd710ce4b8c7439a2405020bc397074447d0a4655279b4c29362819a154d64
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fc572c0a1cb8c47134c1d5320151f69489c1674f7adb0d0571c374e2fcc4a5f
40197c032258a582600fce95b5d80d5c6ba7181c0b819d87c3978705271aa720
41062db136b4059ce04b575e02ed75a6b47db17d8e7df0e170726379b141f45c
44ed3dcf54a6a8849c4584aa59dc42beb8670e35e15812a799fa209f78f22218
466543b83ff5faa4061b16c99017044e16008af1c79d757bd8be83fe018d3fce
49dd98d3c8e57eef0cc48294f1700ed37013f2f86c5892907676f94b4ad85576
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c10eb7c9d39ccd2af74b28e1ecb7e2641fdd35fb05a4c5e6e57af280c4e4ee7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e50787b3c76ab27d3b5164d9d83fc95dccdd354179d289cbb2381dfb32fc34e
4e5f6c1109af66924308753c4c7c9a7683b9d1ac926d9242b48411844f09a50b
4f0cc7007c504297c142cb1f2d5c4044049e029c94b35d2775d946582104b922
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fcfe13f6603741910d719c25fabf1b21fdadfa9625b1efeb32a5dcda20c4e90
61b5136fb48032b6da12c72b9f8ffa95d27472f0631d63aa4672fc5ed7d352bf
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a4812c869d9b8ad1d05dc99b5dda98c761e879b5c22db883a99803d05178e9f
6c405f346bc85e49e5ddf63aef3e27064341bffedf67f6b5d835783a10b4f902
6cbd4a4fbfdebe6ab94381cbbeea9c4b9d92206d080d8961ab761e211e4121eb
6ce457547006efd94ed24813bbe30e655ff8cfdd4671da4f2e2853ea8cf1c371
6ddb611a9a8290642666b785121bcefffd1e11d217085a6a1ff3736101fd55b7
6f739a8b95da9828efdb2ff356e6aced2acd03b50d0f1b3d57e0df57e80c72d6
6f9ac8ace33ef7d67b0b9398e37d08a56c4a383126660de2b2cfbe4e5969fbdd
7372a8d1415d15440ce0f2396da0072e09294582d3cb9b8e0e7babaf2f928b62
7902d83592355226421620ffa5920a46f6cea2340cac8657646f4f9892555a6d
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b8d3c544f7e469f69fca0118de3e6d33c8da0da5acec1f874c33fc731bdf7b7
7e02d82244afece4d81dbfa0318378cfe946de1cb062cc2c0ddb498f3ff3eb79
7e230e3f74efd86d94783d2fb9420fe4ce1d2aadd2707f29241fcf598a0cb4ad
7e61e5769bc1a07fb25cee630607d699c1f8043aae90065da59736789fd0e914
806266ca4614e735ce6ed55f60104ca6e1f01e8d8d58d45025cb6ff46d62967c
8472aa12e70d1d6bf8c13475037a0d4de3ffb3972d8c0ef2002a275604bbbcc5
84a311b5b4f9864161cca581cd28a2f39227e0b221ee51912225f355f8020887
85b158b0ae18617d880bd82f9393a3c025bbd0ca6689c12cffc4108be6c1bc70
864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f
88f545a1945f1958b3892ea9eae9aef611ff913cbb7b4ba563e5c0a6ebd21338
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8ceb463e26efcf753a679b8e0a853b87780999b211a5e14c2dad3e9f3ce18e6d
8f9587943c4d4326fa17bd192e919af03dc16fe88c59c46d8677f03d5dcc8945
8fe5370ca363eee5abfdc24ea9f9d359cd38574b2a4cbb1eccb64ccda7b0fd2e
922d753959ca449c7651e08d06b1134dbddf61fbaeed85fed4c49956d211a61f
95bd01393dbf89354f89b08d37469663236117b32a7f331c8c461e4b83dc2759
97e2765924212ce36a9b80578f0a77e195cfbd7956b4ab23aa458a09a055db08
987d55f48542b3ed6087e8f70759a9f77900635f2f02b7fcbdb66204d5e09fc5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cdcbabfdfbcd3137cd1b614c1ba1fdb5562d5573f441a1a40b93d3cdfcef4e6
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1b86e647c40a83bb912f639d2b15af3ea92395b1e2f1c0adfe0cf1ef0e82cce
a5fdaefdc880141c8fbefa6b72855bbfb15b5dcfd4f534ed93aa776bc6a28e25
a7484ec7a276c8c6eb2e338441c5db43af0e12a2e27ef2e3532e48798d8d2351
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae1bc11686acc72246055d616f6d5878435324958bcdd2ecd2ae3bedfa6e5a51
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7b6a23d858b6a906bcf5e15ac91e8898f1b614eb57d1432d4f5d8dd854a0d45
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c050c02824724ac30323522be5a32920fe5700d8a0f5d59e0c8ac9031d691a9d
c1604b001ca99ed50994eb1e8f9830ae2139e56acbb1dbd3b7504fec9f45754a
c177cccf36a0a974b17f8211ff98442b206f2111f6737ac35a2b965e935ca0b1
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
ced15666d74d694ed2d0cf51ec820ea809bb6eb44b9718fdac422de2318b697d
d16380941fee3a332cb01bfe8c62e951d3d3cd494dfa564ed14e90100fc72d3d
d9cd2d1ea19a7b07c37e288606503b157d69d921e7add3d61f3da24a1d67052c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e018e9afe645bdd2415871d221d0ca27330afd08d29357f32ddfb66da624b05a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7224a2e65f63d9477c6a7759b460c2c8acdc72b9c933db58b694eaf83d004a1
e7e3de96dd9dfe3dfcd5825e74d1d37896c2ccb07e93d1a3af3dd0424ca398af
ea102e6c796081b0d292b1a34ed7003ea339556fa49eea8e70daa1fddac985b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c012b3784c211f4a48c444da62efa237a11fd26af66b4c3a2742e773c83de0
f4dbaa5b975c065e77afb9494c80681512ba9f96508f0415afdfadffa570cb0a
f605324ea02a9073118ee85c43766679e7a47f50d83ced49531eb2f72734b291
f988fd1bdf023c892e4ae3ba523fa806630da6da3187627be9853e9f74e8d8a1
fc36496993d02d841a23f3b8c0486c816d1333e987003497b822df431db00d74