www.info1.id Open in urlscan Pro
18.66.97.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-...
Submission: On August 16 via api (August 16th 2023, 9:38:38 am UTC) from US — Scanned from DE

Summary HTTP 390 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 48 domains to perform 390 HTTP transactions. The main IP is 18.66.97.124, located in United States and belongs to AMAZON-02, US. The main domain is www.info1.id.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 6th 2023. Valid for: a year.

This is the only time www.info1.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.66.97.124 18.66.97.124	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
16	2606:4700:10:... 2606:4700:10::ac43:4a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2400:52e0:150... 2400:52e0:1500::868:1	200325 (BUNNYCDN) (BUNNYCDN)
12	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
57	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
21	18.66.147.127 18.66.147.127	16509 (AMAZON-02) (AMAZON-02)
1	139.99.126.163 139.99.126.163	16276 (OVH) (OVH)
8	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	139.99.126.164 139.99.126.164	16276 (OVH) (OVH)
6	2606:4700:1::... 2606:4700:1::6813:854e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
33	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3 3	3.122.199.127 3.122.199.127	16509 (AMAZON-02) (AMAZON-02)
10 34	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:f10a:ace:7b5b:36c	16509 (AMAZON-02) (AMAZON-02)
2 4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
15	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:14d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
2 2	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2620:1ec:46::45 2620:1ec:46::45	() ()
1	23.218.208.187 23.218.208.187	() ()
1 3	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	() ()
4	142.250.186.130 142.250.186.130	() ()
1	85.14.248.91 85.14.248.91	() ()
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	() ()
2	185.89.210.20 185.89.210.20	() ()
1	2606:4700::68... 2606:4700::6810:7b60	() ()
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
4 4	37.157.3.26 37.157.3.26	() ()
4 4	52.48.194.69 52.48.194.69	() ()
1	89.149.192.197 89.149.192.197	() ()
3	3.67.123.166 3.67.123.166	() ()
1 1	35.190.0.66 35.190.0.66	() ()
2 2	213.155.156.166 213.155.156.166	() ()
2 2	198.47.127.19 198.47.127.19	() ()
2	142.250.185.99 142.250.185.99	() ()
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	() ()
1	178.250.1.9 178.250.1.9	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
390	55

2 18.66.97.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-124.fra56.r.cloudfront.net

www.info1.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:4a1 (United States)

ASN13335 (CLOUDFLARENET, US)

static.promediateknologi.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1500::868:1 (Singapore)

ASN200325 (BUNNYCDN, SI)

propsid.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.66.147.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-127.fra60.r.cloudfront.net

assets.ayobandung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.163 (Singapore)

ASN16276 (OVH, FR)
PTR: tinong247.vn

click.advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.164 (Singapore)

ASN16276 (OVH, FR)
PTR: ip164.ip-139-99-126.net

advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.199.127 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-199-127.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 172.217.16.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.158.49 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:f10a:ace:7b5b:36c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.215 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:14d9 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.impactify.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (None, )

ASN- ()

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.187 (None, )

ASN- ()

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:1b::1724:a392 (None, ) 1 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (None, )

ASN- ()

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (None, )

ASN- ()

ad.impactify.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (None, )

ASN- ()

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (None, )

ASN- ()

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (None, )

ASN- ()

dvr.impactify.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.26 (None, ) 4 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.194.69 (None, ) 4 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.197 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.123.166 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (None, ) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (None, )

ASN- ()

p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (None, )

ASN- ()

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163 db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com	2 MB
90	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 122 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 googleads4.g.doubleclick.net	529 KB
21	ayobandung.com assets.ayobandung.com — Cisco Umbrella Rank: 78679	100 KB
17	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	42 KB
17	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	597 KB
16	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2706 www.google.com — Cisco Umbrella Rank: 3	2 KB
16	promediateknologi.id static.promediateknologi.id — Cisco Umbrella Rank: 40707	360 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	521 KB
14	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8175 c.mgid.com — Cisco Umbrella Rank: 6607 cdn.mgid.com — Cisco Umbrella Rank: 11228 servicer.mgid.com — Cisco Umbrella Rank: 8282 s-img.mgid.com — Cisco Umbrella Rank: 7993 cm.mgid.com — Cisco Umbrella Rank: 1491	201 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	648 KB
10	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 275 secure.adnxs.com — Cisco Umbrella Rank: 542 cdn.adnxs.com ams3-ib.adnxs.com	34 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com	117 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	735 B
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	6 KB
4	360yield.com 4 redirects match.360yield.com	2 KB
4	adform.net 4 redirects c1.adform.net	3 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1550	944 B
4	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 651 image6.pubmatic.com	166 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5345	685 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	4 KB
3	bidswitch.net x.bidswitch.net	436 B
3	bing.com 1 redirects www.bing.com	29 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 984	867 B
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545 ups.analytics.yahoo.com — Cisco Umbrella Rank: 356	923 B
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1136	3 KB
3	b-cdn.net propsid.b-cdn.net — Cisco Umbrella Rank: 49214	11 KB
2	de17a.com 2 redirects d5p.de17a.com	732 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	impactify.media ad.impactify.media dvr.impactify.media	82 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 864	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 396	529 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1013 id5-sync.com — Cisco Umbrella Rank: 440	26 KB
2	advertnative.com click.advertnative.com — Cisco Umbrella Rank: 41736 advertnative.com — Cisco Umbrella Rank: 38904	7 KB
2	info1.id www.info1.id	97 KB
1	ad4m.at as.ad4m.at
1	criteo.com dis.criteo.com	363 B
1	quantserve.com cms.quantserve.com	465 B
1	travelaudience.com 1 redirects ads.travelaudience.com	588 B
1	smartadserver.com ssbsync.smartadserver.com	45 B
1	cloudflare.com www.cloudflare.com	461 B
1	exactag.com m.exactag.com	60 B
1	microsoft.com adsdk.microsoft.com	33 KB
1	impactify.io ad.impactify.io — Cisco Umbrella Rank: 33838	2 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1279	787 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189	399 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
390	48

	Domain	Requested by
57	pagead2.googlesyndication.com	www.info1.id pagead2.googlesyndication.com tpc.googlesyndication.com propsid.b-cdn.net googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
34	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
33	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com www.info1.id s0.2mdn.net
21	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
21	assets.ayobandung.com	www.info1.id
17	www.googletagmanager.com	www.info1.id www.googletagmanager.com www.google-analytics.com propsid.b-cdn.net
16	securepubads.g.doubleclick.net	www.googletagservices.com www.googletagmanager.com propsid.b-cdn.net securepubads.g.doubleclick.net www.info1.id
16	static.promediateknologi.id	www.info1.id static.promediateknologi.id
15	s0.2mdn.net	www.info1.id s0.2mdn.net
15	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
15	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
12	www.googletagservices.com	www.info1.id googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
11	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com www.info1.id
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	partner.googleadservices.com	pagead2.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	s-img.mgid.com	www.info1.id
5	region1.analytics.google.com	www.googletagmanager.com
5	fonts.gstatic.com	fonts.googleapis.com
4	match.360yield.com	4 redirects
4	c1.adform.net	4 redirects
4	googleads4.g.doubleclick.net	www.info1.id
4	sync.teads.tv	2 redirects
4	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.de	www.info1.id
4	fonts.googleapis.com	www.info1.id googleads.g.doubleclick.net db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
3	x.bidswitch.net	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	www.bing.com	1 redirects db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
3	onetag-sys.com	2 redirects db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
3	um.simpli.fi	3 redirects
3	pm.w55c.net	3 redirects
3	www.gstatic.com	www.info1.id googleads.g.doubleclick.net
3	propsid.b-cdn.net	www.info1.id propsid.b-cdn.net
2	p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ams3-ib.adnxs.com	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com cdn.adnxs.com
2	ups.analytics.yahoo.com	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	www.googleadservices.com
2	match.adsrvr.org	googleads.g.doubleclick.net
2	ads.pubmatic.com	jsc.mgid.com propsid.b-cdn.net
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	www.info1.id
2	region1.google-analytics.com	www.googletagmanager.com
2	jsc.mgid.com	www.info1.id jsc.mgid.com
2	www.info1.id	www.info1.id
1	as.ad4m.at	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	ssbsync.smartadserver.com	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
1	dvr.impactify.media	ad.impactify.media
1	www.cloudflare.com	ad.impactify.media
1	ad.impactify.media	ad.impactify.io
1	m.exactag.com	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
1	cdn.adnxs.com	www.info1.id
1	adsdk.microsoft.com	www.info1.id
1	secure.adnxs.com	1 redirects
1	r.turn.com	db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	ad.impactify.io	www.info1.id
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	www.info1.id
1	advertnative.com	www.info1.id
1	click.advertnative.com	www.info1.id
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
390	74

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
www.tiktok.com
api.whatsapp.com
advertnative.com
www.promediateknologi.id

Subject Issuer	Validity	Valid
info1.id Amazon RSA 2048 M02	`2023-03-06` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
promediateknologi.id GTS CA 1P5	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
ayobandung.com Amazon RSA 2048 M02	`2023-06-10` - `2024-07-08`	a year	crt.sh
click.advertnative.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
advertnative.com R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
impactify.io GTS CA 1P5	`2023-06-28` - `2023-09-26`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
1214925881.rsc.cdn77.org R3	`2023-07-26` - `2023-10-24`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-27` - `2023-09-26`	a year	crt.sh
1546566414.rsc.cdn77.org R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh

This page contains 52 frames:

Primary Page: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Frame ID: E153FE66CCBCA720D75D62F77F76A034
Requests: 153 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: ED8570B7061C6D2CCF044141D9F2A7A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1692171512&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178712314&bpp=5&bdt=664&idt=374&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418
Frame ID: 223D36C6149118FDA4FA77A4EA6F2957
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1692178713104493300889
Frame ID: 02797C8ACC2C3F94B1114A917467190D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21601FACB6DAF767FADCB15DB0C832BD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AE27D83C95200D327E25DE43E39FA83
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12
Frame ID: E59385E2EDC9D3C68A52D52F39789770
Requests: 13 HTTP requests in this frame

Frame: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4669F4B7E26D77B55BAA77F7E331E0EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D8D8BAC1C426B8122A5A359883F9BA33
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 097ED50FBF8F202FA351C8EE17258925
Requests: 9 HTTP requests in this frame

Frame: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5C169DED71590FAA8EBCB7C16AC5684
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhvzn4gEwAQ&v=APEucNVbva66mzMUAc3x9kfklxCJMd4exRw1LNPpDP2mb1-dPQ9-FBA7Q2FCd80RaIiyinwEarGhSuwx8iqnO88rnhVJMaiHoVqmmGecJi1qOjiruDCOdHGSRoaW_TAZbf_Z_LwDV6eBJCbr1wmxcw5SNltZGNyHA8h_7F8bLVXOe2HcjK6i3Zo
Frame ID: 997AD0BEB99733CBED4C8B3EAC440A7D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: C4F3E5DB7D17213837BE00E259D7A3BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66177AFB9D9947556C56A70F14E2A6F1
Requests: 9 HTTP requests in this frame

Frame: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE03E7435BC366E4F78B226DE43BDCF3
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC7Esrb5pSfN0nDoP4IMOVffIrmwUVqbvS61p2YpPZ0eTGOycg_ZMSFCCPpogcVBU2Cdpzaj_KJY-aGIOdxknby_2Sa2SnbLXDnZ_fW4RY-tg9WyRvqaeZNJ-veY3LYtjZVOBFK5cd5KE0baKwXNWgoMx5L2mpLdWqpapgvjcHglVWd3XnSxgqqJJ57aYR98mjiFaWmHjaTpzPmSNTKkY9feVCzGZpipwKV_74r9iDDQY5rLDVg_hFzLYq0mEbi1i9hRH4OxQn2I_tcs28_97_c3Y-vKkogs5_rNp7_5egGUOVGVcnDwuj7s3BjyLYZU__wgLub6g93do2&sai=AMfl-YSVVPq5CugBGeYSyORonLjFghLQF_NG--10YkcWtY0dztZChr8-hytMQ7mdgLRkySSIXkQN7C07tapLp3abRW4EpLTPo-KiuZCkWIiRbHkoOdiwjoa3LT_LJWIxbYRX_L0IcLIqRqTWPJ9nQv7J3w&sig=Cg0ArKJSzMbjInn3Q4oqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 16A989E0393386BA7D0CF9F09DE34167
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMvmGmGDOxJYtD15ztxMn5IEyTfc16noZkdn93O29lPVSW3s7A3eUwVYWDQf9MdJM-gfi3I8jjZPkvFrt215XmYJon717bYiat_ltRu_Gjd-jNwAQIjszCd9wRtz_1chPhl0mz33-KPNmKw_t8OMMbFmNEnXP6xOzHNnnexDszIzsDLpdt-uJjpVDf1P5PJ1_ftjC2rBlZHq0uCbxWst94gELVQs4hdTRswN_1636uNQ91cRtaNTfH8FWUC_Phwkt36Ny-lIdwvWej_cPVRxYCgwbOlx7BhDyu65_UweLk39lRSn8uf-3Jt6d1eIHw0iASqQ&sai=AMfl-YTdP2LJYhs45tnzGakY213mVtCZF5l7GQSCVvWKfUuiy7hAb59kQgiSdA3lV716sfp3SH8b-aVjp6cBt9vRT7xUEs3-2eeceO6XEUaevLaZCLzsnjVaFG0Ig-tuM5EUslWalNiVHN06ivRQWOHq7A&sig=Cg0ArKJSzAOft0ERhljeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7667EBC4E235FFB8396FE02DA78EA55D
Requests: 7 HTTP requests in this frame

Frame: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 027E7544F7BD824C186D5B56FAF947B5
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJSPrH7zVQJXb62uZQVrqcUHHKTzg4BHMuvqMlLcoLLyr3Aur1RtkjGjM_sj9B-qqTMyvxXvQJXtN39fPrr7af3Z020egg98Gte_Gz37ac3Nm11YvKok42Q-NRXkmicqInUxaYkNT3sYcH526k73IKpKyd9OmH4mdkjKnTZlIuk65bsda3JyouZgnEuhqCE6YqhKM6b_edLKxIm072t_3DCx6sphexyy27JpZewHGNGkf_6hJU_GNzgiwLd8tOUdtv9iULsmAceREs2qwRFNUgMcdOFaxjstEHJAOE0mVOQeCHd9ZXmFlCJNFEciyN7HusMgU7Ynk26Y37aA&sai=AMfl-YSwBAGkUET5-e63zTqkHhf4BidkAQ73hdWrI6_KVGfMBKogCq3juls2P26Yw1UBKukmrKLCRSm7yB_NY2QoWfLA74UUwn5DtbYP3EoKhhVGz75irAaKMBhXigeti4n3TlxVXfcmu3dAQzUZaicirw&sig=Cg0ArKJSzPNN03H6RSoPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C599F56B22666448684D8761D59DD08B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA1UllslbH6iliPUDXncKKqPjcpaDzUJHoupg89W0pWsbvCEnJLqxE4aIezMjZY5amj5FmxoPlJsypXmLj3ZjkrSG8AUSKxjGmIfv-8NbcslFaClsiGIgZLqUyIEkuACXZ1IKKNWT6CGVvUagppgCLtSCzuB9IzoLNiwupqHyZTGlv2z2EdGENzpN1d2qsTg0l_JOOxyioant2xokHftXactnpvnReLlhLrDnREwCi0xhgHU3OYSw4fTbnM4N_p77YRSDtmPmZArj70ipvN4ZWmRiTpg47eZ6FcgflM6KxGbtCOWtLOVc6ClnHTDkryDp2KaeaB6TSrExt8Q&sai=AMfl-YRvctknWclAM2dL43hbpA6hCLHrDAnIz6uz4iJqGhsex2OdU7wdpwd01Ow0h22uZRk7-dL21ikIEjH4ToCouvFUPUVdB24eTOt8PVqV6O-wNJDgahUzewfWZ4hc-p1hswCcaBdYRJSy0r6D8dyhKQ&sig=Cg0ArKJSzP6xHTpZVEKvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 65EC11E73E26846EEE9D20B31C9039DC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3hZD486-yYXf0bEOr6AoRrSIVWoT9illIEZruh4Tmiqj-L1_E-Z-75V1rWhei3q6r9bMH13BynmrkZG6yZs1k4vyRfcPdxtFqOR1GzgNsV2pKmsiDHwvSJt9uWBudYCUoxQobYE4QgRaVb0VybW2PqkOqaWdaLOGHzmEbn2yV1Bl5VX7rb9q0RxAHDjj0ZfPANobr4UiGPyzXPCpb1WhEMDfRB-Av487Glguk595KAfFBF2y3NQxRDPZJVPK1FvTcOPV_PiURrFmD6XbX8IqQxD8ZcNDOdbHJQvPIl4tHidyei8oF3aRzruljEHrKhJqayCrsbKTh-03BSA&sai=AMfl-YRU8_csFoWM9bAAaJGZt9hA1yIHkzpIonTe6jpsQQXxS1BSzIQ9T4oexw3QPxotFED_Qk0XU728CQNe7JGFdEDMIWWeTJnvdtvSy3VvJV9CvadCciFAEE2hWk93v606azYCGr1Uf-k-dtPXSH-5DA&sig=Cg0ArKJSzLFrmRPBiip2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B34BAC052644E1C9024038D7B137C29C
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdDReVdyyvhv0bkkF1mD89zUtWOrDiWfMI_tsh92-5eLvaJLume-lT9i57ULa8F2479vVxEHz3Ue5ZROunMb-bApWduLmY1kHECeO6RjztOwkvCZ67uSC-zodGlVsQYYMC2J5sjgRc1u8tVAjH_BmKF8hXyISXvyRNo9i_rti6L0C_189MgbhJEvWGz21EJaAuJ5xPd0qDbg-ibUKC9B5N5MedbZJfCzSUcBsQ0LccRzLpbD0qrS5Miine5qYv9iccAne0YnO472MtlPkWzJMGqVPJCR-ZNglTO64UkruW9_5W4HNCZXlewGjmLb5b52D0pP6EYKo&sai=AMfl-YSqLzlUQMtBaEt2SiUTVS5LsLrI75W-kuUJ8bO-aLQF1eIJkum_ETqaqc8aMEapg--OCv6a3SwNmx6Boir5ic-BlNVCBY8-vqUmjT0Tcx7O9c-7QeOlEVHo4Quw7dlId6YWnn2VdajquKaTt3pmbQ&sig=Cg0ArKJSzEd0j9pPVEauEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DC29704A6F69DFECFA98887E087DDE78
Requests: 7 HTTP requests in this frame

Frame: https://ad.impactify.io/static/ad/tag.js
Frame ID: C4502F1A3DEA12673D9AFA0F3F12389F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6CC266BE62411ECC97F7A6326CE5FE7F
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 0E9BE2A4320C6F0C811C3A9AC1251A5C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiPzNDwATAB&v=APEucNXk1mFzpQtpf6CrSXukW97mXb4PkyfgXPUfslne1v-MmWeyUeLClSR6d7TSM7gY43dotn5xkupbNV_T95NsUss_OlWDDFuL4ChrbsKvhvs_hzJ8yhfe7xcvIH_0M4efqmHtkkSR8zLno8iNIPlXL_TcATAvUemS4VaKbjZH6aZkA6cwEE0
Frame ID: B9A88BCA6DD749DA7425FBAB5E09484C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
Frame ID: 34E2C1BF63E8D80EDE3CD917242D8BB5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=3279755405&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178716824&bpp=3&bdt=312&idt=426&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=8223377&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=527224211&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076839%2C31076875%2C31077148%2C44799569&oid=2&pvsid=1066548811513919&tmod=1267509387&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.w1lx77gyrlvx&fsb=1&dtd=455
Frame ID: 9FB5DA5F612604F252407CEDDA790C6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=90&slotname=4993351895&adk=130625548&adf=3173046724&pi=t.ma~as.4993351895&w=728&lmt=1692171517&format=728x90&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178716828&bpp=1&bdt=315&idt=474&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=8223377&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=169&biw=1600&bih=1200&isw=728&ish=90&ifk=527224211&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076839%2C31076875%2C31077148%2C44799569&oid=2&pvsid=1066548811513919&tmod=1267509387&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.h17f2nitbfyh&fsb=1&dtd=490
Frame ID: 5D979E8ABD54FAA4F082184F36F990C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=3279755404&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717024&bpp=4&bdt=500&idt=326&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.9z70gntzimfa&fsb=1&dtd=353
Frame ID: 90F387AF4F8A3B906808F06A8F0A9AD0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6B57799DF30729310325261F651D65C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AEAF3431827A7087856844532406A4E5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439
Frame ID: F2EEB2B79AABDDAD3538C58E550F64E0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417936&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717041&bpp=3&bdt=477&idt=498&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=248365015&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=336&ish=280&ifk=2328354670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148%2C44799568&oid=2&pvsid=2931421315950464&tmod=677962373&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7344v9fh840j&btvi=1&fsb=1&dtd=526
Frame ID: 31CEE4B2BAD13FD34B11F34DFA16116B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417942&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717079&bpp=3&bdt=534&idt=496&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1302533990&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3914621714&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076876%2C31077148%2C44799580&oid=2&pvsid=939394294714835&tmod=366698208&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vo6zffaq9z6x&btvi=1&fsb=1&dtd=520
Frame ID: 49C5804242D2CDBB8B7F06439695B53F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417943&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717057&bpp=3&bdt=503&idt=550&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.a6kfwbo1i1xc&btvi=1&fsb=1&dtd=575
Frame ID: 5A618EAA64AB22B3C87D9D421FFBDB45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417937&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717146&bpp=4&bdt=571&idt=515&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1999083557&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=4214105617&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076875%2C31077148%2C44796700%2C44799578&oid=2&pvsid=2368382861799147&tmod=1856178442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7y4kdj22dzgs&fsb=1&dtd=541
Frame ID: ADFCA04F12F3CE888E7C9EFC1C260D19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=250&slotname=6042391179&adk=3106419642&adf=776186312&pi=t.ma~as.6042391179&w=300&fwrn=3&lmt=1692171517&format=300x250&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717083&bpp=1&bdt=538&idt=626&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1302533990&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=2156&biw=1600&bih=1200&isw=300&ish=250&ifk=3914621714&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076876%2C31077148%2C44799580&oid=2&pvsid=939394294714835&tmod=366698208&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.x3u8ee2jxlmd&btvi=2&fsb=1&dtd=631
Frame ID: 38EF72C13592C2E56363DDE01DB8A9CE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=280&slotname=1960828592&adk=2612915540&adf=776186319&pi=t.ma~as.1960828592&w=336&fwrn=3&lmt=1692171517&format=336x280&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717060&bpp=1&bdt=506&idt=674&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1846&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.g22coaocw70c&btvi=2&fsb=1&dtd=681
Frame ID: 10C2B7C7540AC3ED74276F9383DBECFB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=90&slotname=4993351895&adk=130625548&adf=776186317&pi=t.ma~as.4993351895&w=728&lmt=1692171517&format=728x90&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717150&bpp=1&bdt=576&idt=606&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1999083557&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1156&biw=1600&bih=1200&isw=728&ish=90&ifk=4214105617&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076875%2C31077148%2C44796700%2C44799578&oid=2&pvsid=2368382861799147&tmod=1856178442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xktn2j2aca7k&fsb=1&dtd=615
Frame ID: B82591BFA86D20B3F23194CBD02B6C38
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7145822662340933983/index.html?ev=01_250
Frame ID: 6BEDF5572C3657C4082FE4C5E743222D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8FA9930D8DC4F2F354213099D337463
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js
Frame ID: 81E3D613D47F9BAFD7F67082E7E02E64
Requests: 1 HTTP requests in this frame

Frame: https://p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 1DBDC83E0176FFCB49CEDFBAB9BBCE6F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C67F95F00035E11FB07228B0A0CA992E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3191AF1445D0772B17621AE30E0E4DF3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D90F60C09220AFBFB936B0991BA554F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 871D25D407F962956E9659D55781F729
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 482130A3AF9D4243CD414D053409F098
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jct6gfv9gbra3g31ra8fesg9mwvfc7b7c63at6ye7j9rcc0wamkk22bxjc0g2ay0b7m9yggpbyne5v4hq56y2sb4x135byn7phjzm5mw8nd4jpc66pdsey3txfenawspja19m13kgfeskhvtj9q193c5yg30btc9cb4fz9075vd1rr60zhg6rt84qdpgyb3sjdcemp1djrrgstbqcjp8z3bpstzenh9eck8z9qn4k9xp3rbq8h2jpsgbw5v5brer8a86zrwzbgt9eg66yd4exfp6anrxdn23pw0zzdhmq5ewjnsbmta72axax0zxj3jd374w1wkch5p3vs8ad9x8vhsh5qdzg7asttypv2m66yaaghw0eazkg1mn8ydt9jk33k1nb3ftez88ejx9raw6kmr52gssa69egw9x4j7drc6y69q7jy1kq0ny43mnehrz3r4x4tc9kg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuEhpHZncZOykMf6a2OMPkfmr0AqQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi0yMTg2MTAxMDA4NTAwNzI0yAEJqQJgXAMe80qyPqgDAcgDAqoEwgJP0KJj1tD5XFFZcWckY50IKX1akY9gY_QpClgRwegyhKm3uKoK9_AgH09qD3nCiYlYByox1VJhUWyW3Y45PrfdjzMLTMWicTkgbUkivM4-suhOtDwjBnpxr-NZ3BSDgHlslRNuTWi3jXMXwXaEqHzoJSyIT14xMz6iAdzdH8bQ8I3I-XtokjfJHPKlWNewu9hSn1YACk3GIpGa94zp_NdWZf6RfJ7tkhTOjPl4JosdNBmD-8DcVyTg3o3JNoQ5TcUjPwE2wut01R8_FcwTWrPMdmSBN_MEZQaf8xuiu36FtbEnYTaisCAOMg5VUOvLEcDaInbL2n2YajFqDKo9_jSHY-XUgkx46GaNOPRNzIpr_Xxd6523suIXux2vuBoQQHrUhnGqPZJabgcgj9mu73vtFCIL9NogxhCbR9HnLpkIWb0wgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1p-HVn61-ADRJAyZbVou0Qi0pE4g%26client%3Dca-pub-2186101008500724%26adurl%3D
Frame ID: 6408619D85747B365024506921304F86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DBAABDDF0943B1552107CB12CF856446
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04EA68EFACDC7426295268AC7CD66CB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Giliran Sektor Tambang, Freeport Dihajar Hacker, Serangan Siber Ransomware Buat Sistem Gangguan Berkepanjangan - Info 1

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

390
Requests

87 %
HTTPS

50 %
IPv6

48
Domains

74
Subdomains

55
IPs

8
Countries

5465 kB
Transfer

14347 kB
Size

46
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/profile.php?id=100090912141409

Search URL Search Domain Scan URL

URL: https://twitter.com/Info1id?s=20

Search URL Search Domain Scan URL

URL: https://instagram.com/info1.id?igshid=ODM2MWFjZDg=

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@info1.id?_t=8bOIQvOeBgF&_r=1

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Giliran%20Sektor%20Tambang%20%20Freeport%20Dihajar%20Hacker%20%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Search URL Search Domain Scan URL

URL: https://advertnative.com/

Search URL Search Domain Scan URL

URL: https://www.promediateknologi.id/
Title: ProMedia Teknologi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 168

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1zLgCpeAaO3QkWr2UWaWWl410QxfEifXuqdBCXpm3Dfkga9k77bR92cgsWFpkEbLI9uCVaJ5wSN6anfOdz1xlBK1sJN8FS90pa7GxDi0E6qm9E4fg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1zLgCpeAaO3QkWr2UWaWWl410QxfEifXuqdBCXpm3Dfkga9k77bR92cgsWFpkEbLI9uCVaJ5wSN6anfOdz1xlBK1sJN8FS90pa7GxDi0E6qm9E4fg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1zLgCpeAaO3QkWr2UWaWWl410QxfEifXuqdBCXpm3Dfkga9k77bR92cgsWFpkEbLI9uCVaJ5wSN6anfOdz1xlBK1sJN8FS90pa7GxDi0E6qm9E4fg

Request Chain 172

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFsNmj8x8r4T8DNxvX_0Res&google_cver=1&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7wSyjgzf4McuBvVVnP-F7iOnhjwPd8J6tqPwF6eQJ9vHQOTPfQp9fDtVzIDl8ltQH6226Rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7wSyjgzf4McuBvVVnP-F7iOnhjwPd8J6tqPwF6eQJ9vHQOTPfQp9fDtVzIDl8ltQH6226Rw

Request Chain 173

https://um.simpli.fi/gp_match?google_gid=CAESEBJjlGyMSzmDsgCEr-7iVQg&google_cver=1&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXaKxJFKjHYdaedf99KffH__VJN-cNtjgdzpTfm17rGNEPIiGEL9hVy_RzKFCK3jkDw_TsaCBuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXaKxJFKjHYdaedf99KffH__VJN-cNtjgdzpTfm17rGNEPIiGEL9hVy_RzKFCK3jkDw_TsaCBuA

Request Chain 175

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELMQ7gcLRWXbGIquyXor9i0&google_cver=1&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF_VFS__q1dy4dvGsw4Hn_su90wyVf0yTrASxDLI0GGsvz9QUhp7FN-S4m7wsrXzrc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF_VFS__q1dy4dvGsw4Hn_su90wyVf0yTrASxDLI0GGsvz9QUhp7FN-S4m7wsrXzrc&google_hm=eS1mQmFjSEVoRTJwR3ZxdnVnRk8zWUhCV0g0RUpLS2pvS35B

Request Chain 177

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL5f1BK0HgMVJ-Wsi1thsUc&google_cver=1&google_push=AXcoOmT5-eJdE1mqyLJmf5WrgxcjhZ1Vk2auqUHXDuO5GVkHHqEBQMAOWvJ8uvng84dpp--xoMOKelfno8yR_VO-mDo3SRAH2KK18yCHkP0sQVt5lgJfianRw74FlvakNb1r4kSovQB86eUCZMeNbRbAf2_sxzY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5-eJdE1mqyLJmf5WrgxcjhZ1Vk2auqUHXDuO5GVkHHqEBQMAOWvJ8uvng84dpp--xoMOKelfno8yR_VO-mDo3SRAH2KK18yCHkP0sQVt5lgJfianRw74FlvakNb1r4kSovQB86eUCZMeNbRbAf2_sxzY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 188

https://googleads.g.doubleclick.net/pagead/adview?ai=CSUHRG5ncZJ6TJLeg2OMPhPeEsAy28-Gycu67kp-xENvZHhABIJTy4itglYKAgLQHoAH51qWYAcgBAakCC94UsJJQsj6oAwHIA8sEqgTLAk_Q1cfjzAKFM5j3RX6ifpauMwVCH3msSfwN60yUYUkF7DDH1q1Y59aeHnuBSxYWXgXcKgRltRX2ruodstyozdLB_nPuI8BWqbFy5ydQgfsqnFrcwJR8bXr-zK-tU0j0njHKL7_i0E8g_YlEMq9ZxILYgEAPxP5GAsSbiqqqYqHvK_-HZPgWCJ6fej15CzLjnINI6LVxNs2Jg6E2ReDmQv60elEUYPxUO4v0bPKZ9jic8G7SQAlciVlbQqxzagfXNo21-MjG6GAK4jipuz7j9rh-lxLhbs28K2RtuPW8O5y1iFhPZyy5gaDq7yy3WxfU07eFLNajw59WN6kIqSCqLHwBAYyZqkesicIHShzP2EUYGdphjseXdD7SlaPlTqPmPyI9w9fU24HKpBcPe-rwQBPpaMAWBFuTc3w7LB0JJSMN6oGvrDB7UTFPRoLABL2v2OL7A5IFBAgEGAGSBQQIBRgEgAfvqNrnAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ6KCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCXpodHRwczovL2h3cmZhbWlseS5od3IuZGUvP3V0bV9zb3VyY2U9Z29vZ2xlLmNvbSZ1dG1fbWVkaXVtPWRpc3BsYXktY3BjJnV0bV9jYW1wYWlnbj1Qcm9kdWt0ZSZ1dG1fdGVybT0xSyZ1dG1fY29udGVudD1zbWFydIAKAcgLAdgTCogUA9AVAYAXAbIXHAoaCAASFHB1Yi0yMTg2MTAxMDA4NTAwNzI0GAA&sigh=dxLEqoX4ggw&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWmIAp2JKYi5iYcem1UQja9SRqX-g9gR8sfRraljm-RTSxFb1wQ5Wr_aC1A-QptRGojPRnFPHnGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213825220659752216783%22,%22debug_reporting%22:true,%22destination%22:%22https://hwr.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22319384441%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225198962702466500945%22}&andc=true

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&C=1

Request Chain 191

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNyZHNJMB.9lw.Q7LWWyOAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&google_hm=2

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG2M-xhO4fxD-hTKR8hs6V8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG2M-xhO4fxD-hTKR8hs6V8%26google_cver%3D1

Request Chain 193

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

Request Chain 227

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI8Y6xvDMugZ_3mpLkbi5d0&google_cver=1&google_push=AXcoOmSWnVRAeY2LD0olDE7cB8-OV6BLRQT3G_aMqK4I6XDeVsZLxf8juX_Dgx1pX6tU0zZ2CNmeF3kO7AuMknl4bwC9ZgoW_jBR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkyNzQzMTA5MDE2NjM3MTQ5OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECcOESndlRlgsL7qFcWZXZA&google_cver=1

Request Chain 228

https://um.simpli.fi/gp_match?google_gid=CAESELMs-2JyVGT7cSDm77O3v2U&google_cver=1&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-4rzEQ8bbtExGB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-4rzEQ8bbtExGB

Request Chain 229

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrfA1_AAFMIH-KkChQf41E&google_cver=1&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrfA1_AAFMIH-KkChQf41E&google_cver=1&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA&google_hm=HKOisGZHurzQW3OJTvyRF6YK

Request Chain 231

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNw-vzw5tLFdGfa7OgakQk&google_cver=1&google_push=AXcoOmQcvNRvDLWV-pitInjrYn2Y9oC5HQ5iN0RRCVm37V7OMhLf8Jc0FsBGnQPIcs9kxANeQmHYie6UbH0_TpgFFwyjiAxR94ozGqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQcvNRvDLWV-pitInjrYn2Y9oC5HQ5iN0RRCVm37V7OMhLf8Jc0FsBGnQPIcs9kxANeQmHYie6UbH0_TpgFFwyjiAxR94ozGqE HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 232

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPGW_j03drYx2FQcy5kZC2c&google_cver=1&google_push=AXcoOmSJXoHPcxVHfZa_Hjn96vBHEwDb4shjCRZ8btYgDIez9yu2E-AOq0ybR2BPke8_SyXrGjCW2etNmZxxOX66Dl-wF3J6rZBoYCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSJXoHPcxVHfZa_Hjn96vBHEwDb4shjCRZ8btYgDIez9yu2E-AOq0ybR2BPke8_SyXrGjCW2etNmZxxOX66Dl-wF3J6rZBoYCo HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 233

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJxCvS7rBBk9YO7ukqDA16I7QlLubh_RpCgpbwQvnEJNi5rUvApVuyw4hJsyrYFxoBmBCponwt3p9d6mi9dJNAhH0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJxCvS7rBBk9YO7ukqDA16I7QlLubh_RpCgpbwQvnEJNi5rUvApVuyw4hJsyrYFxoBmBCponwt3p9d6mi9dJNAhH0

Request Chain 243

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dd9a2855-b374-4d3b-8044-52d17d2ceca9&bidId=d8d68fa68c6f41cb885c5e6bacb2e43e&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a0dd8e3c-5152-4f14-bd0f-ebe884edfbef&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd8d68fa68c6f41cb885c5e6bacb2e43e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=8821148&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2102610400390090740 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d8d68fa68c6f41cb885c5e6bacb2e43e&SNR=1&GV=2&med=10

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1

Request Chain 259

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNyZHNJMB.9lw.Q7LWWyOAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1&google_hm=2

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZ2SQUe6qJI8CviTefgOc4&google_cver=1

Request Chain 261

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

Request Chain 320

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 321

https://um.simpli.fi/gp_match?google_gid=CAESEGDQIuw4ATABvcul_7z-Rp8&google_cver=1&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgooO6vxhuF_tVUuM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgooO6vxhuF_tVUuM

Request Chain 322

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQaBK9ZqNci05JCJnXXTVs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQaBK9ZqNci05JCJnXXTVs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU3MTY1NTEzMjg4NDY2NzAzNg&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQaBK9ZqNci05JCJnXXTVs

Request Chain 323

https://match.360yield.com/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd5pJh4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd5pJh4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd5pJh4

Request Chain 328

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOFk7HzgxVUJ3dL0O4lHdH0&google_cver=1&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmBEGcoHyDCpLCSB3pB5_JlgCyOtxGceMbin96tyg9oETKPVeDxIZ7ZX7s HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y87AoVjKRbigNXCy8s4CHw2&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmBEGcoHyDCpLCSB3pB5_JlgCyOtxGceMbin96tyg9oETKPVeDxIZ7ZX7s

Request Chain 330

https://d5p.de17a.com/cookies/google?google_gid=CAESEJc2j1LlIlXNvXgU0HpiKeE&google_cver=1&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5MVCiQIOsLGF2y5CniASPgkCimQ5C3qKaAgSM-OGt8 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJc2j1LlIlXNvXgU0HpiKeE&google_cver=1&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5MVCiQIOsLGF2y5CniASPgkCimQ5C3qKaAgSM-OGt8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5MVCiQIOsLGF2y5CniASPgkCimQ5C3qKaAgSM-OGt8

Request Chain 331

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHhl2qBAVhDrDa6vpSbGPXKZIU7_04ypOIS-PMNZDzdrBqAHw4jLhF0DiW0T2BxVB0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHhl2qBAVhDrDa6vpSbGPXKZIU7_04ypOIS-PMNZDzdrBqAHw4jLhF0DiW0T2BxVB0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwNjgwMjYxNTEzMTk5MDgxOA&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHhl2qBAVhDrDa6vpSbGPXKZIU7_04ypOIS-PMNZDzdrBqAHw4jLhF0DiW0T2BxVB0

Request Chain 332

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKcbRlZxlbt0us37bHCF1XI&google_cver=1&google_push=AXcoOmQaivoxnBypxvjWLhye_0XGiF9BYR1fZVNTJgqVvO2zWMK67qEGdxdo31GV0NyKqNnLEDzj--drilODW_1rfy86mSzvk07IqlMl_TkJJYSLKkDAOaxiSY-j86cKKyJkhFYDbTtkN3U HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKcbRlZxlbt0us37bHCF1XI&google_cver=1&google_push=AXcoOmQaivoxnBypxvjWLhye_0XGiF9BYR1fZVNTJgqVvO2zWMK67qEGdxdo31GV0NyKqNnLEDzj--drilODW_1rfy86mSzvk07IqlMl_TkJJYSLKkDAOaxiSY-j86cKKyJkhFYDbTtkN3U&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jxryGJ9IQoKy-BcOpDM0bw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaivoxnBypxvjWLhye_0XGiF9BYR1fZVNTJgqVvO2zWMK67qEGdxdo31GV0NyKqNnLEDzj--drilODW_1rfy86mSzvk07IqlMl_TkJJYSLKkDAOaxiSY-j86cKKyJkhFYDbTtkN3U

Request Chain 333

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENMJw4v3xn2VWXYWYGZD9NM&google_cver=1&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVzSGV8F6dlTCiBh7AKfWybU_DCI0sEKUga2OLF9OVctvHfSxd_mpBrxDRHkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVzSGV8F6dlTCiBh7AKfWybU_DCI0sEKUga2OLF9OVctvHfSxd_mpBrxDRHkA

Request Chain 334

https://match.360yield.com/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam6LpKmCPF7mFgkf8BN29YkUp6ALQZfQwClEFwfnbIDcSDLQ_A HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam6LpKmCPF7mFgkf8BN29YkUp6ALQZfQwClEFwfnbIDcSDLQ_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam6LpKmCPF7mFgkf8BN29YkUp6ALQZfQwClEFwfnbIDcSDLQ_A

Request Chain 379

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cver=1&google_push=AXcoOmSu7pGhLETwlBor1Y3SmwjR_WDaDGqhK2tm5IM92IFPk4R1Toaef2yseaI0V8bRtZgDv5zrTgcsQqVkRU0M9FZZRWph-buOjS3oWesNQ4edmUP3V4Y-0D2CuFsZy6neY7SVMRqE39RCfGXierxqx4EXmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cver=1&google_push=AXcoOmSu7pGhLETwlBor1Y3SmwjR_WDaDGqhK2tm5IM92IFPk4R1Toaef2yseaI0V8bRtZgDv5zrTgcsQqVkRU0M9FZZRWph-buOjS3oWesNQ4edmUP3V4Y-0D2CuFsZy6neY7SVMRqE39RCfGXierxqx4EXmA

Request Chain 383

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECZCVa3w8FV1f0jC-focZNM&google_cver=1&google_push=AXcoOmQIAqFzKaZPWQ_uWN1-ExC-PXOZnY9TkegRzfgd3R6iF8uzTjq5_F4sugmwU-ZlLv5G9uHFDhan7ujI5iszQryUNHaOGpmotGY1ZTaEBGie1cv4BfHNRMKcjZx-ePZkkWYdKy7LJRkMBwwqmyDKEAFp9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIAqFzKaZPWQ_uWN1-ExC-PXOZnY9TkegRzfgd3R6iF8uzTjq5_F4sugmwU-ZlLv5G9uHFDhan7ujI5iszQryUNHaOGpmotGY1ZTaEBGie1cv4BfHNRMKcjZx-ePZkkWYdKy7LJRkMBwwqmyDKEAFp9w&google_hm=eS1mQmFjSEVoRTJwR3ZxdnVnRk8zWUhCV0g0RUpLS2pvS35B

390 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan Show response
www.info1.id/tekno/10119810689/ 84 KB
12 KB 1098ms
1039ms Document
text/html 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-124.fra56.r.cloudfront.net

Software

nginx / PHP/7.3.31

Resource Hash

aa3e933328fd69daf80300e4488e09caa57f378114c108123ade2a1c880d3245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 09:38:31 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id: c0Ih5S73MICV0VAUlEVwV3XWTGEup9x8j3_1SQk4UAdpX44sGWrJ4A==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: PHP/7.3.31
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

477642a0dd052718497ee32627dd2f556552f95da59c3b7262841e6ffdd6aa7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 09:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:38:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 09:38:31 GMT

GET
H2 200 style.min.css
static.promediateknologi.id/promedia/news/desktop/css/ 62 KB
14 KB 60ms
16ms Stylesheet
text/css 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 019ddfe24f5f1fbc84c2eb85d249e814a937d26780d00885d08887f5e54d4c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: ITBL2qQuuuX0N9NEWlfr0zlHgHTLHJ2X
content-encoding: gzip
cf-cache-status: HIT
age: 1063198
x-amz-server-side-encryption: AES256
last-modified: Fri, 04 Aug 2023 02:12:16 GMT
server: cloudflare
etag: W/"cb1eb1162d569b6da1c7296dda7e69b9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b474198cbbaf-FRA
expires: Sat, 03 Aug 2024 02:18:33 GMT

GET
H2 200 style-news_ads.css
static.promediateknologi.id/promedia/news/desktop/css/ 7 KB
1 KB 58ms
15ms Stylesheet
text/css 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/css/style-news_ads.css?v=1017
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba91812ed0b4adc6eca0b0fb9d60e475af39572c661fa4b77bd5b9a7b4e9a317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: uYNCtg7uWnUxputNbYayfZfHGkG6U6vD
content-encoding: gzip
cf-cache-status: HIT
age: 2606536
x-amz-server-side-encryption: AES256
last-modified: Mon, 17 Jul 2023 05:23:41 GMT
server: cloudflare
etag: W/"f14a911a0c176f5d625e87af0d67d7d3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b474198fbbaf-FRA
expires: Tue, 16 Jul 2024 05:36:15 GMT

GET
H2 200 custom.min.css
static.promediateknologi.id/promedia/network/1011/desktop/css/ 12 KB
3 KB 397ms
354ms Stylesheet
text/css 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/network/1011/desktop/css/custom.min.css?v=1074
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd001c813f9fd1dc873f29199b6bd375b9853f4bfe19f24dacd3b773e4c4d842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: VlhHoFSwcKvNYftXqLRECB.OI0tBlNmv
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 25 Mar 2023 02:56:32 GMT
server: cloudflare
etag: W/"045ec208a601a3ce2fe7f5b7db56fd29"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4741992bbaf-FRA
expires: Thu, 15 Aug 2024 09:38:31 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 95 KB
33 KB 67ms
24ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/jquery-1.12.0.min.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: c4M1VXVERCsLe347TUy43IDTYBw14I7O
content-encoding: gzip
cf-cache-status: HIT
age: 6594404
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"b2f71c943f2f14613bc100fc3ec59db2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4741995bbaf-FRA
expires: Fri, 31 May 2024 01:51:47 GMT

GET
H2 200 info1.js Show response
propsid.b-cdn.net/gpt/pti/ 60 KB
10 KB 573ms
184ms Script
application/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://propsid.b-cdn.net/gpt/pti/info1.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: bdf67619053e1e6630c9a7be82530e329439a77d5e3c207546a7c0854ede824a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
cdn-edgestorageid: 868
cdn-storageserver: SG-561
cdn-cachedat: 08/15/2023 09:49:30
cdn-pullzone: 266288
last-modified: Wed, 02 Aug 2023 05:10:05 GMT
server: BunnyCDN-SG1-868
cdn-fileserver: 561
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64c9e52d-f06d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: ca82f1c7a0937e7c89102657e57c3efb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
28 KB 79ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0f564ebb75232c439b514469c064c436a3b6b8c1e1c88cdf5e30fa54106a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28490
x-xss-protection: 0
server: cafe
etag: 310 / 19585 / m202308100101 / config-hash: 497042775067235691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 84ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51a8c3340c14164c9d4d4db55f2e96d7dd6a32c44bf1780b3c72e7d64bacbba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50700
x-xss-protection: 0
server: cafe
etag: 3685510212495291017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 92ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6344910443143463

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be78c013ce34ebaed199aa255c73604ee16ebc1c8025ad3a264c4fb08eabdd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50704
x-xss-protection: 0
server: cafe
etag: 13162975838816960996
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 logo.png
static.promediateknologi.id/promedia/network/1011/desktop/images/ 232 KB
233 KB 775ms
771ms Image
image/png 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.promediateknologi.id/promedia/network/1011/desktop/images/logo.png?v=1064
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b6f83fe11492bdd74cc2cc7ee312e633efd92ea05a7666634923c79593d5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: mrUIz_Jsnj4GaU3CMmmzhe9.REfxNISI
cf-cache-status: MISS
x-amz-server-side-encryption: AES256
content-length: 237697
last-modified: Sat, 25 Mar 2023 02:56:34 GMT
server: cloudflare
etag: "46052c298174a683c16f316ba3626c74"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f78b4769dc5bbaf-FRA
expires: Thu, 15 Aug 2024 09:38:32 GMT

GET
H2 200 freeport-1032782188.jpeg
assets.ayobandung.com/crop/0x0:0x0/750x500/webp/photo/2023/07/16/ 50 KB
50 KB 100ms
14ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/750x500/webp/photo/2023/07/16/freeport-1032782188.jpeg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4585090af603e95d99e19f677d1e32965a9173b7134bbcc87ccb1c5a90d52d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 02:50:12 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 110900
etag: "991dd456046640da11dc8ef04932180fbd5c6211"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 51230
x-amz-cf-id: yCAQ0FsGZK4hnOAa-BfmHfyWxPHCyeqEF6rAMuLSzuiuQ0ZZo8Wamw==
expires: Wed, 14 Aug 2024 02:50:12 GMT

GET
H2 200 / Show response
click.advertnative.com/loading/ 4 KB
4 KB 617ms
250ms Script
application/javascript 139.99.126.163
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://click.advertnative.com/loading/?handle=15638

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.99.126.163 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

tinong247.vn

Software

nginx/1.18.0 / PHP/7.2.24

Resource Hash

13792a604d6e3b0a7a21d6e19a9bc9e0def8ed2bc550f3e16ada494266caffbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
strict-transport-security: max-age=15768000, max-age=15768000
server: nginx/1.18.0
x-powered-by: PHP/7.2.24
content-type: application/javascript; charset=utf-8

GET
H2 200 info1.id.1453201.js Show response
jsc.mgid.com/i/n/ 3 KB
2 KB 260ms
217ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/i/n/info1.id.1453201.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492e54b880aa40b9f579b97e2642450853c0ead2bd7971accf23429bd7996b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: lJvRuy3a.O_1bHydawe4I_ygshIX0MCf
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QMX256BSC2FKBS14
cf-polished: origSize=2678
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mlm6lnPy04VkjSjnvi+EFXxyNbNWMt9ZB3jlak1/5ENLxITRA8O+6Lit4qCVvmVYuN3d+d5M9fg=
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 08:26:40 GMT
server: cloudflare
etag: W/"973150c73b6e43065a2f5d81c72757d9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7f78b476dd8a0a67-AMS
expires: Wed, 16 Aug 2023 12:38:32 GMT

GET
H2 200 Screenshot_20230719-003809-125792938.jpg
assets.ayobandung.com/crop/0x396:720x904/100x100/webp/photo/2023/07/19/ 2 KB
3 KB 979ms
893ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x396:720x904/100x100/webp/photo/2023/07/19/Screenshot_20230719-003809-125792938.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9a802495cc0abf22d2e0930d83bb8ae0ed90c7267216b26eb75a3fab8f5fa588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
etag: "503c949858c9a4f2b9fef1199ab9e64c8f46c4fc"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000
content-length: 2220
x-amz-cf-id: SSv6c5s4ujkMbb5WUBdDVoYH7j3LkzFfuZ9MtWfx8XGXabEeCfmoBQ==
expires: Thu, 15 Aug 2024 09:38:32 GMT

GET
H2 200 Screenshot_20230816-043815-2364713706.jpg
assets.ayobandung.com/crop/186x0:1453x720/100x100/webp/photo/p1/1011/2023/08/16/ 3 KB
3 KB 571ms
486ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/186x0:1453x720/100x100/webp/photo/p1/1011/2023/08/16/Screenshot_20230816-043815-2364713706.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: acd14f2f9ffd37e06a13065dc6df993edccfc881bbb382b50cb496bcda3a695a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
etag: "34d48b7834b6d002b3e675542936510ecd744caf"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=31536000
content-length: 2728
x-amz-cf-id: xmtTUvxm5VOzNP6GKRqmtVtOnZK4KDiq0lo-JignxeUfULWH74SFRw==
expires: Thu, 15 Aug 2024 09:38:32 GMT

GET
H2 200 IMG-20230802-WA0023-339848948.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/ 3 KB
4 KB 100ms
15ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/IMG-20230802-WA0023-339848948.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 68da0fe7748968135aec80da08285e354d7b5320e99d3ba04b609f04714ffa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:04 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99868
etag: "ddf004d42f00bc46a79bb7d5f1c57cd9ade42e21"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 3400
x-amz-cf-id: dzbVZhylf_OTnCkjEj4QXzkLHJ9G9a9QITP4qjS1Qsb5p5tg93idfg==
expires: Wed, 14 Aug 2024 05:54:04 GMT

GET
H2 200 Screenshot_20230814-154714-2724763614.jpg
assets.ayobandung.com/crop/0x345:720x897/100x100/webp/photo/2023/08/14/ 1 KB
2 KB 26ms
23ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x345:720x897/100x100/webp/photo/2023/08/14/Screenshot_20230814-154714-2724763614.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 87407928d52cd1701b5ba9ae1b212b35ad72f0781d6f06ecdf1674c253db2736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:04 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99868
etag: "0341a718a7f3649a7d4a8c990ad7b5d988152d82"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1458
x-amz-cf-id: XRXfIMGbna0T50WPIcxBZ576kegc6fph31stYlmt8UmoZITahRe-LQ==
expires: Wed, 14 Aug 2024 05:54:04 GMT

GET
H2 200 freeport-1032782188.jpeg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/07/16/ 2 KB
3 KB 34ms
25ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/07/16/freeport-1032782188.jpeg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ba15f88cae41ec49784f3576f2aff002bf57f3e7f724ed0318a1d61ccb186279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:04 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99868
etag: "d5f89039fa34e8caf0804b2d0d7180144f4f2ddb"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 2528
x-amz-cf-id: ztB4VAxE6mBLqS2gWlVm-gt4Dzd3kwddclazt7Wz76fiks-oTeoTHw==
expires: Wed, 14 Aug 2024 05:54:04 GMT

GET
H2 200 Screenshot_20230811-204120-3436541282.jpg
assets.ayobandung.com/crop/0x342:720x836/100x100/webp/photo/2023/08/11/ 2 KB
2 KB 37ms
28ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x342:720x836/100x100/webp/photo/2023/08/11/Screenshot_20230811-204120-3436541282.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: cf15dca06a0eafa36ddbe5746801ca7e812235fac7a2b643ff85771545ca12ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 02:07:37 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 286255
etag: "2fce7cb96885a49a231401bba29c3744cf321f1d"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 2002
x-amz-cf-id: EFqCh0dYnWWw5UJLaTSmkHcXdVb5kwykpliZtKnhXHISD0hE1hytAw==
expires: Mon, 12 Aug 2024 02:07:37 GMT

GET
H2 200 Screen-Shot-2023-07-25-at-162820-3674267223.png
assets.ayobandung.com/crop/429x176:1163x625/100x100/webp/photo/2023/07/25/ 2 KB
2 KB 32ms
23ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/429x176:1163x625/100x100/webp/photo/2023/07/25/Screen-Shot-2023-07-25-at-162820-3674267223.png
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ecb7f3b16c404d2907442c985a3dca8c86f5680be31998c3217ccb3a0efa6b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:06 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99865
etag: "705fa32f260f91e8ffa0a03d2cb0b85b282a7535"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1696
x-amz-cf-id: s4LcACxQ6fb0Tcd28KLf6HWACLB8G_T16clrPW7p86pdLNdBi00D_Q==
expires: Wed, 14 Aug 2024 05:54:06 GMT

GET
H2 200 2789147042.png
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/01/31/ 3 KB
3 KB 38ms
30ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/01/31/2789147042.png
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 3ae3ba0c844398f7da7ec12bd61798ab8d663f765d1d76c3f3008848b7ccbe2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:37 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273115
etag: "7811a7cf67cb96e63c9092ced3793dbbd4474b27"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 2842
x-amz-cf-id: U0cjKp2s56OAbcTDC_4v-1RCGxtQ90Zi8WN4vhCyigaxkzhPrYw9rQ==
expires: Mon, 12 Aug 2024 05:46:37 GMT

GET
H2 200 Screenshot_20230811-112911-1862319737.jpg
assets.ayobandung.com/crop/0x503:720x1053/100x100/webp/photo/2023/08/11/ 4 KB
4 KB 41ms
33ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x503:720x1053/100x100/webp/photo/2023/08/11/Screenshot_20230811-112911-1862319737.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2f8ba1471495a908a379e67a451274c23a739bdde5628b5ecdc014cdcc55f342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:06 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99866
etag: "5df7dc8c807287395c174084c07cce3618c78f95"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 3778
x-amz-cf-id: 6V3fo7E0FPEDD4DifMdvZCVVVQgnyRoEeeUEx16uoj2koX1tROy2fQ==
expires: Wed, 14 Aug 2024 05:54:06 GMT

GET
H2 200 Screenshot_20230811-104341-3065722157.jpg
assets.ayobandung.com/crop/0x707:720x1203/100x100/webp/photo/2023/08/11/ 3 KB
3 KB 32ms
24ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x707:720x1203/100x100/webp/photo/2023/08/11/Screenshot_20230811-104341-3065722157.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 99d911527c8d296b302e015ef8caf943c4279194b0314cb34160143d0ea03ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:05 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99867
etag: "8497db781211f5128024aa0ab134121ab6ba6efc"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 2964
x-amz-cf-id: AGJZ89bVr-xFFVfgihAvfp7nHCYrGdue5ZJAf5tsnqvxiQxDeBXHWw==
expires: Wed, 14 Aug 2024 05:54:05 GMT

GET
H2 200 Screenshot_20230811-054652-293373549.jpg
assets.ayobandung.com/crop/0x290:720x689/100x100/webp/photo/2023/08/11/ 1 KB
2 KB 34ms
26ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x290:720x689/100x100/webp/photo/2023/08/11/Screenshot_20230811-054652-293373549.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 86fec9a12e70c4ba6b85ea02bca08dae81364ce99acb53a943ae97c68ee381b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:36 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273116
etag: "bd30b6e01b6dd540d22183f860f5829aabdec0f6"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1510
x-amz-cf-id: x9XFop262wyQzyOmSZ88dRRfX793aOVawlu6pCUmQyzHy75ombiImA==
expires: Mon, 12 Aug 2024 05:46:36 GMT

GET
H2 200 Picsart_23-08-10_12-58-58-197-387343468.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/10/ 2 KB
2 KB 36ms
28ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/10/Picsart_23-08-10_12-58-58-197-387343468.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6a3c62a15117683b1cfff63b0d8e355aa63e6eec50b176c501d8ae34726c10e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:37 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273115
etag: "16b003509577c6af6b0294bffd394e4219789200"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1706
x-amz-cf-id: NRQmD7IEP0tgQplmf-4yqxzKNKAJeUsqhRhTMtZ4E93A7KiiXC-_jg==
expires: Mon, 12 Aug 2024 05:46:37 GMT

GET
H2 200 pexels-anton-46924-3708752054.jpg
assets.ayobandung.com/crop/128x85:1152x767/100x100/webp/photo/2023/08/09/ 2 KB
2 KB 40ms
32ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/128x85:1152x767/100x100/webp/photo/2023/08/09/pexels-anton-46924-3708752054.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 47d270a3ba9cd557c13244cf6daf21497620e487030e2965b07b2ac021244c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:06 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99866
etag: "fa517d0e311fcc43fc0c78f77ae8b8dd9572608b"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1992
x-amz-cf-id: wnsAYRw_XWXP2rRoqUOJB_s_jv7YCndLA9OjVecDf4fHjTdUKtKpLg==
expires: Wed, 14 Aug 2024 05:54:06 GMT

GET
H2 200 zoom-3127449164.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/08/ 1 KB
2 KB 41ms
33ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/08/zoom-3127449164.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6318049ecaa1666391c0f632b6f8cb30a82ac28ec401389ad07f1acd2980eb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:36 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273116
etag: "3a8b6cb94b7e2e35eb58cd92ae93f476e496516e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1240
x-amz-cf-id: b42ydVteF1UBydq_fHrTO8Wqcwn0judxixv7rEKKHYumWbalZk6XuA==
expires: Mon, 12 Aug 2024 05:46:36 GMT

GET
H2 200 scrnli_8_5_2023_9-55-56-AM-2710503522.png
assets.ayobandung.com/crop/102x60:790x435/100x100/webp/photo/2023/08/05/ 1 KB
2 KB 31ms
23ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/102x60:790x435/100x100/webp/photo/2023/08/05/scrnli_8_5_2023_9-55-56-AM-2710503522.png
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 166c3a1c13fa10d5792469c787436c71970c3ae76fab20b15aa7223734f5681c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 06:02:47 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 876945
etag: "6d5954445119f1e5a9108901f2277732d3e17f18"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1394
x-amz-cf-id: nMnw50DjOawNkULnJIp-7GsTQ2oVXG4NxbKw_ZqcO1Zueimy7ef0JQ==
expires: Mon, 05 Aug 2024 06:02:47 GMT

GET
H2 200 iPhone-15-Pro-626606852.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/09/ 800 B
1 KB 28ms
20ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/09/iPhone-15-Pro-626606852.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6c7352ed880d86d53e672b2e5329489bfd5f13126f80b7c513ddc1568b8c6a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 04:29:51 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 623321
etag: "273755a948c01d64fb395070b6c2b9bc1ff8a5b6"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 800
x-amz-cf-id: If93QXIsfm30uktr-824cNHFo5dgk_InNCtTzQBqpuDPPYmSQGNv6Q==
expires: Thu, 08 Aug 2024 04:29:51 GMT

GET
H2 200 cek-IMEI-1241200653.jpg
assets.ayobandung.com/crop/0x240:1200x900/100x100/webp/photo/2023/08/03/ 1 KB
1 KB 38ms
30ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x240:1200x900/100x100/webp/photo/2023/08/03/cek-IMEI-1241200653.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: c5b454d415a3ca49716b4a763ac1182aebb1cd5d78a112aa1c3467aa2c22f00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:36 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273116
etag: "c85d2e3a2954e45eb1fe257d69a1c8d1f645a2b6"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1116
x-amz-cf-id: VN_jNRtzZEfC5zpOwF7wWeMN-cJP3S-QC1QXC35ewSqBFhgkKzN3nw==
expires: Mon, 12 Aug 2024 05:46:36 GMT

GET
H2 200 Screenshot_20230802-233713-160240750.jpg
assets.ayobandung.com/crop/0x348:720x850/100x100/webp/photo/2023/08/02/ 3 KB
3 KB 37ms
29ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x348:720x850/100x100/webp/photo/2023/08/02/Screenshot_20230802-233713-160240750.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 0419b7b5d971d963139b47cefcd8323584fff519531e3b43bc26b6733b04377e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:36 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273116
etag: "2fcad36b19fec389f9b6275a25e7cc9d1d919e08"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 2656
x-amz-cf-id: IgLe7fNWICvRdieJVyDovDbv-gyJOZesITQhrEsykMWoG2qQ3WAI0g==
expires: Mon, 12 Aug 2024 05:46:36 GMT

GET
H2 200 IMG_20230707_113144_190-2177953744.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/ 3 KB
4 KB 42ms
34ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/IMG_20230707_113144_190-2177953744.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: dd5a4b85031a5071a62a3a5971fcdc677ed0784618435df88d26d6c9c94decc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:54:07 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 99865
etag: "daccb467ee4983ae0656caf237a52735cdcb57e2"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 3522
x-amz-cf-id: TKBXyAhn69GKCYYk1YMr7GTna_wngcHuDCp-jGdDyaJ8xeONfmZ_sA==
expires: Wed, 14 Aug 2024 05:54:07 GMT

GET
H2 200 Xiaomi-Redmi-12-3978629696.jpg
assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/ 1 KB
2 KB 43ms
35ms Image
image/webp 18.66.147.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ayobandung.com/crop/0x0:0x0/100x100/webp/photo/2023/08/02/Xiaomi-Redmi-12-3978629696.jpg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-127.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 76d3ff268ef875092a720679d52fbe868082f6fe73566fc608ebf2e37b304555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 05:46:36 GMT
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 273116
etag: "8c6e3c25f03ff20908116185bf254d313ea53a7f"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000
content-length: 1190
x-amz-cf-id: W8q91dndNgAAqc_scSd4iYjd5eWwADKMoPZVKjVKilyknRGtplSbqw==
expires: Mon, 12 Aug 2024 05:46:36 GMT

GET
H2 200 slick.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 40 KB
10 KB 23ms
23ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/slick.min.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: PtPhQZ2tC03LBRhmsDnGFHzLwhm9BeTj
content-encoding: gzip
cf-cache-status: HIT
age: 6594404
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:20 GMT
server: cloudflare
etag: W/"72d9511c2715d0da989e1f5bfe886532"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4746a49bbaf-FRA
expires: Fri, 31 May 2024 01:51:47 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 3 KB
1 KB 19ms
18ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/jquery.sticky-kit.min.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: _R46XJMt70lSsZllk4VyObKGGily7Tb7
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"d61a7b888967697179c82adc5e7fc18d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4748aa9bbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 20 KB
7 KB 21ms
21ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/jquery.magnific-popup.min.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: GBsnVaLFrbJ4GPT9UkT5pwNxViJPJI6o
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"b37d7edf99565d3858eaa1ad80df3cff"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b474baf3bbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 jquery.marquee.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 5 KB
2 KB 16ms
15ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/jquery.marquee.min.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: avqj5Wx.wxou8T3JTsMO5infgbGrfQKu
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"14c4877ae18b2930b3cbd1bf9ad4dff6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b474db25bbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 main.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 4 KB
1 KB 16ms
16ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/main.js?v=1016
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40da1f2bb18419fdeb462e7468c95a3ce82767d881695aaa0800bd567ed53a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: 03wUWfv7ec.ab8D0PsXxs2jW1ErKrles
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 18:25:20 GMT
server: cloudflare
etag: W/"7fc45067021f7c9d42dbedb0ab1f13d4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b474fb4fbbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 share.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 589 B
382 B 18ms
18ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/share.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2214d41b278709c873fdb298e1c176c1a8c2e2f40538d1b242a48e7c871611d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: kFtC2ykTGGp4D8IOgg_ScEulCA5umYx8
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"04bbb0cb75f8655f00d8fa946b39dd29"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4751b80bbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 lazysizes.min.js Show response
static.promediateknologi.id/promedia/news/desktop/js/ 8 KB
4 KB 22ms
22ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/js/lazysizes.min.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: hFwqL_EDPnR2ztYXUWOhkzQzn2.u4zHp
content-encoding: gzip
cf-cache-status: HIT
age: 6594403
x-amz-server-side-encryption: AES256
last-modified: Thu, 06 Apr 2023 17:38:19 GMT
server: cloudflare
etag: W/"45bacd312d5098b4b59f563d8756c15d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b4753bbcbbaf-FRA
expires: Fri, 31 May 2024 01:51:48 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.5.0/ 11 KB
4 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-app.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 13:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3944
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 13:49:55 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.5.0/ 31 KB
31 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-messaging.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:01:25 GMT
x-content-type-options: nosniff
age: 45426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31775
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:01:25 GMT

GET
H2 200 app.js Show response
static.promediateknologi.id/promedia/sw/ 2 KB
1 KB 17ms
17ms Script
application/x-javascript 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/sw/app.js?pro=10
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc4a9e74668f64b2ebde375270c509940d2475b715a2af24f6c1059d26581c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
x-amz-version-id: GdhyoLG95VRicDruGMM4qetiVqX47REJ
content-encoding: gzip
cf-cache-status: HIT
age: 6387003
x-amz-server-side-encryption: AES256
last-modified: Tue, 04 Apr 2023 18:36:20 GMT
server: cloudflare
etag: W/"7aed286540bfef612d3408aadc8303d2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f78b475ac50bbaf-FRA
expires: Sun, 02 Jun 2024 11:28:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 70ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-207405423-45

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2e95698f06c242e349e7b78fc5ef43897c32d883eb0e6b4d871c404e341e5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66547
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 161 KB
52 KB 79ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSF6QXR

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cb436b38331a5aa2a84c4fae0c81757d1fbc7d5343341fa1643569f6337f5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52682
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 836a2b5e56500f86212239009e6fd3483d266301e4d30a41f9a540df727089df

Request headers

Referer
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 692 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5b73140616703573114a1887b9f51f4a62a3ff00914fc3eb64089ddf283f6f3

Request headers

Referer
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bg_footer.svg
static.promediateknologi.id/promedia/news/desktop/images/ 31 KB
31 KB 17ms
17ms Image
application/octet-stream 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.promediateknologi.id/promedia/news/desktop/images/bg_footer.svg
Requested by: Host: static.promediateknologi.id
URL: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: null
cf-cache-status: HIT
age: 6530204
content-length: 32188
last-modified: Thu, 15 Apr 2021 16:17:02 GMT
server: cloudflare
etag: "0dabb1389d4cb5fe7efc4723fa06bf0f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f78b476adf7bbaf-FRA
expires: Fri, 31 May 2024 19:41:48 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:53:10 GMT
x-content-type-options: nosniff
age: 449122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 04:53:10 GMT

GET
H2 200 icons.ttf
static.promediateknologi.id/promedia/news/desktop/fonts/icons/ 11 KB
12 KB 38ms
18ms Font
application/octet-stream 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/fonts/icons/icons.ttf?jemrcm
Requested by: Host: static.promediateknologi.id
URL: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21

Request headers

Referer: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: fk4BBCDxhUCbrxEbigzbG.x8.HXfXfpm
cf-cache-status: HIT
age: 40021
x-amz-server-side-encryption: AES256
content-length: 11480
last-modified: Fri, 28 Jul 2023 13:59:45 GMT
server: cloudflare
etag: "1d8d949452407d5b53666cedb753c381"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f78b476ceac6916-FRA
expires: Wed, 14 Aug 2024 22:31:31 GMT

GET
H2 200 icomoon.ttf
static.promediateknologi.id/promedia/news/desktop/fonts/ 7 KB
7 KB 47ms
28ms Font
application/octet-stream 2606:4700:10::ac43:4a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.promediateknologi.id/promedia/news/desktop/fonts/icomoon.ttf?i7fsrr
Requested by: Host: static.promediateknologi.id
URL: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0

Request headers

Referer: https://static.promediateknologi.id/promedia/news/desktop/css/style.min.css?v=1020
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: PB2eSikZuQlL_ICmtr5iuy.OJOk52.nq
cf-cache-status: HIT
age: 40021
x-amz-server-side-encryption: AES256
content-length: 6712
last-modified: Fri, 28 Jul 2023 13:59:46 GMT
server: cloudflare
etag: "1ea1b32003df3f4a5a29843b3ec0ae1a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f78b476ceae6916-FRA
expires: Wed, 14 Aug 2024 22:31:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 36ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 439395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 07:35:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 44ms
16ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 552600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 00:08:32 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 45ms
18ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:41:52 GMT
x-content-type-options: nosniff
age: 439000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 07:41:52 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 400 KB
127 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1485
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129087
x-xss-protection: 0
server: cafe
etag: 2193028555055074692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 Aug 2024 09:13:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 369 KB
125 KB 94ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8400307307701650&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afe0fab2dd0fbe8050a9d45e963c4153470e3359921723c801935a1ccc9fbb94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128225
x-xss-protection: 0
server: cafe
etag: 15739940414770464913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame ED85 10 KB
5 KB 48ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:27:29 GMT
etag: 12368291122986407432
expires: Wed, 30 Aug 2023 08:27:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RV7X1SN4VM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207405423-45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9c885c46e801609da5ef0eb6bc07cbb6b3562053b033f181081825c4e10eedc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207405423-45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Aug 2023 07:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6849
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 16 Aug 2023 09:44:23 GMT

GET
H2 200 info1.id.1453201.es6.js Show response
jsc.mgid.com/i/n/ 316 KB
95 KB 274ms
274ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee30aaee703343ecf9a302283ef9f853cd00491d76456bafadeabe2e29c10d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: n4oHhAiHRWsC.89hrYfPuyAWGAhOK5Us
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QMX3V4224TR4P7M9
cf-polished: origSize=323531
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Dn3m0ei02JBa0jsERE1tfMqkrjGPEJ193mkuLJvu9fwCVJhPljALpwk5uktTij3RQJNDq8VhPww=
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 08:26:40 GMT
server: cloudflare
etag: W/"f179b19923778463112363042f929a1b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7f78b4789f390a67-AMS
expires: Wed, 16 Aug 2023 12:38:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JDHHDGV2EQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSF6QXR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bc0b8099c90aaa6ae7debc91f26eea7f648716a6c89f5e5a610f666b3979eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 09:38:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XHS8W3S0QP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSF6QXR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

860bf71bfa3a9ed35e0aeb39c2716a863ef0d9f26fd6c63c8f7c5dae76816713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 09:38:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2080578778&gjid=2014810327&cid=32317744.1692178712&tid=UA-207405423-45&_gid=2088948465.1692178712&_r=1&gtm=457e3890&jsscut=1&z=1987912595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=996523648&gjid=1761763710&cid=32317744.1692178712&tid=UA-254876823-46&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=617739210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

46883def377104e3fe00c88dbe7f84f2d26b9f807085320681be7c5b09360b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
81 B 18ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=767834260&gjid=1230273614&cid=32317744.1692178712&tid=UA-254876823-47&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=1576694817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f73d3cdad34a26cda79dbf03f9c86529099c6e73501b0acf459fa0cee84bcefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
81 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=925129685&gjid=1472351696&cid=32317744.1692178712&tid=UA-254876823-48&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=680110044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

360085f2989957e6337124a9d55302cf1d0d23ab5f79ae2d315501bebe891388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1434751601&gjid=71274109&cid=32317744.1692178712&tid=UA-254876823-49&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=923386360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=2113709693&gjid=506686725&cid=32317744.1692178712&tid=UA-254876823-50&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=1261597424

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

43e40ed439ba615729ebcb4a74d3532d8fdac48d7bc14a7fd0b05b364efd1295

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1648669210&gjid=800130981&cid=32317744.1692178712&tid=UA-254876823-51&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=1171340507

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6fa97ebcacc519a3a29d22a90789b8906d09e8ad62d9798316352cafcf97f601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=37479653&gjid=226292978&cid=32317744.1692178712&tid=UA-254876823-52&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=1009847068

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

54757ab2c8c21c465c9303a537ab70cdff2d4a2707dc47d0e836aa9e91da574c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1744999261&gjid=1373093925&cid=32317744.1692178712&tid=UA-254876823-53&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=557180932

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30450909b891d03151300770eb43c4000c7580aba971a96522d65a4194e8bff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1813403308&gjid=1994502685&cid=32317744.1692178712&tid=UA-254876823-54&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=542488529

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

903d6da1378443860867d9748c11958d366e7c451dbdf2a4d28126b7aa1c6055

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=27336559&gjid=360152354&cid=32317744.1692178712&tid=UA-254876823-55&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=1836204527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7d5e759da90a02ca255fa161695146c4bfb3ec2bca076a88ed3f3fb306cbac1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 26ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1837695792&gjid=582519130&cid=32317744.1692178712&tid=UA-208513372-5&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81MSF6QXR&cd2=2023-08-14%2015%3A02%3A59&cd3=&cd4=&cd5=serangan%20siber%2C%20ransomware%2C%20freeport&cd6=9810689&cd7=Arif%20Rahman&cd8=Arif%20Rahman&cd9=13436&cd10=13436&z=921370283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 54ms
17ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-207405423-45&cid=32317744.1692178712&jid=2080578778&gjid=2014810327&_gid=2088948465.1692178712&_u=YEBAAUAAAAAAACAAI~&z=382757669

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RV7X1SN4VM&gtm=45je3890&_p=1873801765&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692178712&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RV7X1SN4VM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JDHHDGV2EQ&gtm=45je3890&_p=1873801765&_gaz=1&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692178712&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=page_view&_fv=1&_ss=1&ep.editor=Arif%20Rahman&ep.editor_id=13436&ep.penulis=Arif%20Rahman&ep.penulis_id=13436&ep.publish_date=2023-08-14%2015%3A02%3A59&ep.source=&ep.article_views=1&ep.id=9810689
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JDHHDGV2EQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 18ms
17ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JDHHDGV2EQ&cid=32317744.1692178712&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JDHHDGV2EQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 56ms
33ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JDHHDGV2EQ&cid=32317744.1692178712&gtm=45je3890&aip=1&z=1265197939

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XHS8W3S0QP&gtm=45je3890&_p=1873801765&_gaz=1&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692178712&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=page_view&_fv=1&_ss=1&ep.editor=Arif%20Rahman&ep.editor_id=13436&ep.penulis=Arif%20Rahman&ep.penulis_id=13436&ep.publish_date=2023-08-14%2015%3A02%3A59&ep.source=&ep.article_views=1&ep.id=9810689
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHS8W3S0QP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 19ms
17ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XHS8W3S0QP&cid=32317744.1692178712&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHS8W3S0QP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XHS8W3S0QP&cid=32317744.1692178712&gtm=45je3890&aip=1&z=382034844

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
417 B 35ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.info1.id&callback=_gfp_s_&client=ca-pub-8400307307701650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8400307307701650&plah=www.info1.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9a92cde9ab513b414b31cf785b55f419589b83d77a4bec7fbf252279e42a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 223D 603 B
218 B 60ms
59ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1692171512&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178712314&bpp=5&bdt=664&idt=374&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-54&cid=32317744.1692178712&jid=1813403308&gjid=1994502685&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=861828179

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 16ms
15ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-92SLT7E0C9&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-55&cid=32317744.1692178712&jid=27336559&gjid=360152354&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=388038408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 20ms
19ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-T2KLLBDG5F&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-208513372-5&cid=32317744.1692178712&jid=1837695792&gjid=582519130&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=1266018568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-46&cid=32317744.1692178712&jid=996523648&gjid=1761763710&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=664376300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 16ms
16ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-N8WLC1BZ4K&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-47&cid=32317744.1692178712&jid=767834260&gjid=1230273614&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=1431777891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 17ms
17ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-LPM4NW1HJ4&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-48&cid=32317744.1692178712&jid=925129685&gjid=1472351696&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=43762289

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 18ms
16ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-7LZKYFGL66&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-49&cid=32317744.1692178712&jid=1434751601&gjid=71274109&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=593778405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-50&cid=32317744.1692178712&jid=2113709693&gjid=506686725&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=1879901479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 20ms
18ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-W7E1KWQ6LS&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-51&cid=32317744.1692178712&jid=1648669210&gjid=800130981&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=133573524

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 17ms
16ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-Q3P54V4MX7&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 23ms
22ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-0CTSMDLJK1&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-254876823-53&cid=32317744.1692178712&jid=1744999261&gjid=1373093925&_gid=2088948465.1692178712&_u=YEDAAUABAAAAACAAI~&z=800460076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 20ms
16ms Script
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-WXW5C8BGR3&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 all_an_white_4.png
advertnative.com/storage/logo/ 3 KB
3 KB 534ms
170ms Image
image/png 139.99.126.164
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advertnative.com/storage/logo/all_an_white_4.png

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.126.164 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip164.ip-139-99-126.net

Software

nginx/1.19.5 /

Resource Hash

23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
strict-transport-security: max-age=15768000
last-modified: Thu, 23 Jan 2020 15:16:52 GMT
server: nginx/1.19.5
etag: "5e29b8e4-a78"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2680
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 905524e0-ed15-485f-bb77-f6d360445341
https://www.info1.id/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.info1.id/905524e0-ed15-485f-bb77-f6d360445341
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 59dbf43e-e4c2-4bed-b63f-84ed9627d5ba
https://www.info1.id/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.info1.id/59dbf43e-e4c2-4bed-b63f-84ed9627d5ba
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 0
43 B 45ms
28ms Image
text/plain 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&cbuster=1692178712808567639886&pvid=189fdb608e79a11911e&implVersion=11&cxurl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&site=881235&scum=%3F0&scuw=%3F0
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f78b47b3a1c0a67-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 627c3b26-2dd0-4f5b-81f4-6f75471578f5
https://www.info1.id/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.info1.id/627c3b26-2dd0-4f5b-81f4-6f75471578f5
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 52ms
36ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 143
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f78b47c2b3a0a67-AMS
expires: Thu, 17 Aug 2023 09:38:32 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
885 B 39ms
24ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:32 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 3163
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f78b47c2b3c0a67-AMS
expires: Thu, 17 Aug 2023 09:38:32 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1453201/ 7 KB
2 KB 64ms
48ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1453201/1?mp4=1&ap=1&w=518&h=507&sz=167x213&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=64dc9919-0b525&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&cbuster=1692178713014662751448&pvid=189fdb608e79a11911e&implVersion=11&cxurl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&scum=%3F0&scuw=%3F0&uniqId=07810&niet=4g&nisd=false&pv=5&lct=1692057600&jsv=es6&pageView=1&dpr=1&ref=&tfre=1364
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa623d1f9fe026bf6b466748be950e2f2ffe81a80d731b2df277ce53491578f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f78b47c7b8c0a67-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOC80MzY5NjQvZDI3M...
s-img.mgid.com/g/16927924/492x277/-/ 17 KB
18 KB 87ms
24ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16927924/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOC80MzY5NjQvZDI3MTc1NDc4NzdhMjVjM2E1MDVkZTdlMmNiZDI4NTgucG5n.webp?v=1692178713-sS4YNowRTMEjm9LqFoyxqRy8JfaykZcBVmW-RLP71UU
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7359d724f547b50bf3cfa084a53b43b2dd4d3785f60a42a0df7450c6437428af

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 09:58:22 GMT
x-mg-request-uuid: dcf276c4-d208-4229-86f1-0581c32cecdc
server: cloudflare
age: 187874
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d397b0a50-AMS
content-length: 17604
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zMTY2MzAvOWU0N...
s-img.mgid.com/g/15314465/492x277/-/ 20 KB
20 KB 91ms
27ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15314465/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zMTY2MzAvOWU0NWM5ODU3M2U0MTFkMDU1NTc1ZGUwNGU0Y2Q1MjEucG5n.webp?v=1692178713-HOPKLlgsweKokvfXguw-psxoMH_SRsiz70kdiYZWuvU
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8e286e3fc1e9daf2c95191f8765aa137f574c3602da3cb30f47f6bcf21ce14

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 14:35:18 GMT
x-mg-request-uuid: 90ec2695-b2a9-4d93-9476-db77554d1529
server: cloudflare
age: 96583
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d397c0a50-AMS
content-length: 20386
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NDY5MjcvZGZlO...
s-img.mgid.com/g/15150902/492x277/-/ 22 KB
22 KB 108ms
45ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/15150902/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS80NDY5MjcvZGZlOGI3M2E1YWY3NjM4YzllMWRlMWNlZWI0ZjMxYzMuanBlZw.webp?v=1692178713-INA3Jp7pZdGMLzMoHBu2wvC6McTDG_uXAjrqkBzB11M
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a914288710154f1bfe050471d3968575b3855bde38371746dd3f10415fe2b08

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 12:16:36 GMT
x-mg-request-uuid: bfc5acc4-cc43-48ae-8b8f-eccabbec5533
server: cloudflare
age: 540109
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d397d0a50-AMS
content-length: 22078
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTExMjYvNmViZ...
s-img.mgid.com/g/14213660/492x277/-/ 16 KB
16 KB 111ms
48ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14213660/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS83MTExMjYvNmViZjhmYjYyY2YyM2YxZmU4Mjc1MTY4OTU2NTBiNDEuanBn.webp?v=1692178713-Iy4IUJCLwINRHUI_O0AUsmIIc9zvFle65Q3uCVODcPE
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9f8642055fe2ec61875b50821d5f8250bad672c5ad31688745943f555b3480

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 10:23:01 GMT
x-mg-request-uuid: 7bd5d1e9-ed0d-4cf9-9915-eee1b5c9fbc2
server: cloudflare
age: 174045
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d397e0a50-AMS
content-length: 16304
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy84MDA4NTAvNjc4Z...
s-img.mgid.com/g/16829240/492x277/-/ 13 KB
13 KB 109ms
46ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16829240/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy84MDA4NTAvNjc4ZTgxMzQxMGZjMTAyMzMxNjg1MGUwZjdmNzc3ZTQuanBn.webp?v=1692178713-AKStBVNoEQ4ZPzRJX_MGBT48Hex5cmekYx9lCpBsfts
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b8761bead6ba26353c0035115247082b42f3bea29e0c9029705fff65a4652c

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 12:03:47 GMT
x-mg-request-uuid: f95012b3-9d2a-46c0-9c91-129b249b87bb
server: cloudflare
age: 1286506
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d397f0a50-AMS
content-length: 13028
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy84MDA4NTAvYTczM...
s-img.mgid.com/g/16778072/492x277/-/ 11 KB
11 KB 110ms
47ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16778072/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy84MDA4NTAvYTczMTQ3OGFkYWE5Y2Y3MzdjODhkNzI0ZjAzNGYxZWQuanBn.webp?v=1692178713-Al5YRs74umFSni9VF2TGjFDHmrEobSxAU3VR0dw6ayU
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4689984a2369dd418795658297eceba1712235c0aad7a7775948d7cf3cab43

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 14:07:42 GMT
x-mg-request-uuid: 6c299e7a-04ff-43f6-9948-da26646d19bb
server: cloudflare
age: 1966956
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7f78b47d39800a50-AMS
content-length: 10788
alt-svc: h3=":443"; ma=86400

GET
H2 200 giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
www.info1.id/tekno/10119810689/ 84 KB
84 KB 10ms
9ms Image
text/html 18.66.97.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-124.fra56.r.cloudfront.net

Software

nginx / PHP/7.3.31

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-powered-by: PHP/7.3.31
age: 2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-amz-cf-id: eg9ZFV61713Vjpq6gnAfYCvQVLqvZleABOeQfPQw9x9wcUVGmSKyYw==
x-xss-protection: 1; mode=block

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 41ms
24ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1692178713101904010556
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7f78b47d0bfd0a67-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0279 0
37 B 34ms
25ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1692178713104493300889
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7f78b47d0bff0a67-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 111 KB
26 KB 58ms
20ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: YTFTV0XWJV0Z9FJJ
age: 3102
etag: W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f78b47d3f621d8c-FRA
x-amz-id-2: H+WZ0fIhdYlqTqdQKeZ9IM+Rk0pkCw7C49wdsh1/X6/914o9ESja/5RyJ6+Qyr8ruo7ICgmj6w8=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 74ms
6ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/n/info1.id.1453201.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=54985
accept-ranges: bytes
content-length: 63913
expires: Thu, 17 Aug 2023 00:54:58 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
399 B 68ms
18ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

766807ce471057577b2973ec6e15400a92968b23d7805612dee4596072c0bb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.info1.id
date: Wed, 16 Aug 2023 09:38:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 276 B
683 B 66ms
17ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

9cbaec6c0e1b054cde3a53a17d1c9e9bd0f572f73293d7d819f9493113b305b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.info1.id
date: Wed, 16 Aug 2023 09:38:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 59ms
58ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

269fe3bbd03e0ebdfa3b2999967d4a504279bb10af00155a745c250dc3520a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11713
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 79ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:38:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2160 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:16:41 GMT
expires: Thu, 15 Aug 2024 09:16:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1AE2 831 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

976c62cd183afe1f774a7d779276a63e2e56cf97af61d357869ee4b9fa838bfb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iVevw5ssxm6blArzfexuSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 531
content-security-policy: script-src 'report-sample' 'nonce-iVevw5ssxm6blArzfexuSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:33 GMT
expires: Wed, 16 Aug 2023 09:38:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2160 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:34:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1AE2 0
0 102ms
101ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=4257848122754471&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2160 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JWmjOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=4257848122754471&bg=!EBOlE0fNAAaiGN5Pghg7ADkAdvg8Wtg_imBqCZgg6YjfvXfpvAB_7WjNfknsSR1ukNfRZZqxWEDDe_MM1OG9BJc-_pZ1pLkz4LkCAAAAdlIAAAAKaAEHCgAsb8K4GwoFsHrqTS7rDS6q4Pe70vl5xVH5i-bXWF2HDIylW5R5_tXTfiE4h2KZAsR52wFCAv66oeDy90EmfG74HW1g5Dtil1BX905GJvNHTDBYK1_G5y9J0GNZpAuiOhhWbCFKaGYa0a9uTtUZuCsdHaJU6Hh3752vyhiHhXEyQIgtTwqi0B2s0gv2vGj4HOBfwgsRbHMpfHlSoAGnMRI2BNK99LAVnP_N4D_ir50LM8H_SGt7E_aOgyfGmdTDlYIDfz3jJ1zyCdj2Pvh79I-IwOFeRGzspC9wfZbkh_uC1HFJcS8QprMLomsjJmCODE-_koyhV5AkATRJhcsPMAeMjxf0SkreDvoTPXUEHl_wLsEAq34hSWsGox1AXl38Z74K9zpEFg90E6CK3L8zIz6Mt0iKYzjd4UL4VcbAxINAOYrLRXgQP_zNi-4_CdQpY21FwZ5HoZmOn9otfyDZcXrDJDn5spS_8IYhBW43LChmrUVRHAuuHiEVm5GHi1pIjiiD5eSvQz5mbRudCsRDbfKTvls_LIIFLBmSQz0G42V8ZWXquSYuWoTccYdPHeCs-9suNSYj5q7VYqky0Bjehwq9oDZLxzJ75CoY-EuW4jV9ly2SRmKjFWZDdPZzIg6KrXE7Oarpjg7Q7vEAl4CYqqvLQYHvzPietpOEgPeLKXhmHqu54hFxhCvkzjjDDSVOii_Z1SOomABNasEw8v3Ixqkk3N3Vjw0I13BgonGRhm_muGwzflMaROyJKkSvi9eO3t0Mxw3kNMWqxLc-Pw2CyfFFUzlfMqZMBO6I1f5op6XYsJY4C_OUOOaVTZqRoNUqE4xHcfic8MIwR128gFgo8hHSIrmYW1A8ZP4vmfOcFsy8_BVuv_XbiJLUL7Fy92MgC0-ooAHAPsHlBNDHXP6dWYOvvyC8BSSxwnfkV7hwVTU-33qtG7PHnZsTi_LgOcs-PmThdYIuRzCvtj_Aei4VHQgWu2acx7byfMmW2Sa38jgm64PMtug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160902/10330/ 348 KB
102 KB 10ms
10ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160902/10330/pwt.js
Requested by: Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a88f8ca4e49204f79e814bfd661ae262450df79820ee2f02fbbdba0514fe7567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: gzip
last-modified: Fri, 26 May 2023 08:01:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=11346
accept-ranges: bytes
content-length: 103585
expires: Wed, 16 Aug 2023 12:47:40 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
67 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44cdaed3e1155b701ce10a6788231df2a18e8bfe4e093abe34c8c57b266da5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68310
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Aug 2023 09:38:34 GMT

GET
H2 404 blocklist.json Show response
propsid.b-cdn.net/json/www.info1.id/ 678 B
1 KB 402ms
402ms XHR
text/html 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://propsid.b-cdn.net/json/www.info1.id/blocklist.json
Requested by: Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Wed, 16 Aug 2023 09:38:35 GMT
content-encoding: gzip
cdn-edgestorageid: 868
cdn-storageserver: SG-515
cdn-cachedat: 08/16/2023 09:38:35
cdn-pullzone: 266288
server: BunnyCDN-SG1-868
cdn-proxyver: 1.04
cdn-requestpullcode: 404
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: no-cache
cdn-requestid: 25f32a8fe1b1a357c5811ec95a070983
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 404
cdn-requestpullsuccess: True

OPTIONS
H2 200 blocklist.json
propsid.b-cdn.net/json/www.info1.id/ Frame 0
0 527ms
175ms Preflight
application/octet-stream 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://propsid.b-cdn.net/json/www.info1.id/blocklist.json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.info1.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-pullzone: 266288
cdn-requestcountrycode: DE
cdn-requestid: d6aadc4ed6c8c2f47ce7628772d1c775
cdn-uid: 022eeb7f-01b5-4a33-8c9d-d5c55b7764e7
content-type: application/octet-stream
date: Wed, 16 Aug 2023 09:38:34 GMT
server: BunnyCDN-SG1-868

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1873801765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ul=en-us&de=UTF-8&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1640666663&gjid=1436252256&cid=32317744.1692178712&tid=UA-237453437-1&_gid=2088948465.1692178712&_r=1&_slc=1&gtm=45He3890n81WP9SX2H&z=1727514141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0e72117263558278201af6ada0a46b14d991419fb5cf480c17fc3152c5cf4a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 16 Aug 2023 07:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6851
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 16 Aug 2023 09:44:23 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eba63bbc9e4407b3255638f452b1934afdddbe6b2214534cbea685cef68f3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
server: cafe
etag: 940 / 19585 / m202308100101 / config-hash: 497042775067235691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP9SX2H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ec86888e936cc293c3a6005663cbaf7d1c5151a791415d62e18126b012865cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86822
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 09:38:34 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-237453437-1&cid=32317744.1692178712&jid=1640666663&gjid=1436252256&_gid=2088948465.1692178712&_u=aEDAAUABAAAAACAAI~&z=359945538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 16 Aug 2023 09:38:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dd400e96bde52e4d7923451217e91c5915ef3695b7318146f10fcefef12dc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 16 Aug 2023 09:38:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 36ms
34ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-237453437-1&cid=32317744.1692178712&jid=1640666663&_u=aEDAAUABAAAAACAAI~&z=174267541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-237453437-1&cid=32317744.1692178712&jid=1640666663&_u=aEDAAUABAAAAACAAI~&z=174267541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2BZPHNQNTD&gtm=45je3890&_p=1873801765&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692178714&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=page_view&_fv=1&_ss=1&ep.content_group=Other%20Group
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BZPHNQNTD&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WHWXDD9CJW&gtm=45je3890&_p=1873801765&_gaz=1&ul=en-us&sr=1600x1200&cid=32317744.1692178712&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&sid=1692178714&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
20ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WHWXDD9CJW&cid=32317744.1692178712&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHWXDD9CJW&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WHWXDD9CJW&cid=32317744.1692178712&gtm=45je3890&aip=1&z=585133114

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45fcdd4e2934a5c57890641745de27492c89bfd769b28d1231dc84e3a5c75726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
server: cafe
etag: 949 / 19585 / m202308100101 / config-hash: 497042775067235691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:34 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e717762e381d544ef0cd2005424bc4067a6026d10dab683bba5891cbd36c07ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
server: cafe
etag: 739 / 19585 / m202308100101 / config-hash: 497042775067235691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:35 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b79e26e6cd4b35152a83887c5ec5983819983cb0166313df90e106994f579ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50870
x-xss-protection: 0
server: cafe
etag: 15243911459251064292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:35 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
28 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: propsid.b-cdn.net
URL: https://propsid.b-cdn.net/gpt/pti/info1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a180a9b9c6725c092b194f298cc3b193df48d229e44ffa47eb538cdbf5cce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
server: cafe
etag: 577 / 19585 / m202308100101 / config-hash: 497042775067235691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:35 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E593 110 KB
40 KB 508ms
507ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc49c6446f503890323c447a71d998fa0731fff7f00663dcce04209ae5ac523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:35 GMT
expires: Wed, 16 Aug 2023 09:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 276 KB
46 KB 932ms
932ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4257848122754471&correlator=1342231921187116&eid=31076398%2C31076802&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=160553881%3A22893689789%2Cinfo1.id%2CInterstitial%2CLeaderboard%2CMR2%2CStickyExpand%2CMultibanner1%2CMultibanner2%2CInimage%2COOP&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5%2C0%2F1%2F6%2C0%2F1%2F7%2C0%2F1%2F7%2C0%2F1%2F8%2C0%2F1%2F9&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x250%7C728x90%2C300x600%2C970x250%7C970x90%7C728x250%7C728x90%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C468x60%7C728x90%2C1x1&ifi=3&didk=1850117061~3095738454~3106253988~1536300197~2519119095~3010507037~3010729300~2908502917~1901343372&sfv=1-0-40&ists=257&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&sc=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&abxe=1&dt=1692178715513&lmt=1692171515&adxs=-9%2C315%2C1035%2C315%2C356%2C1035%2C356%2C401%2C0&adys=-9%2C149%2C180%2C1110%2C2047%2C1137%2C4568%2C1092%2C149&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C0%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&frm=20&vis=1&psz=0x-1%7C1070x0%7C300x0%7C1100x-1%7C518x0%7C300x0%7C518x0%7C728x90%7C1600x7910&msz=0x-1%7C1070x0%7C300x0%7C970x-1%7C518x0%7C300x0%7C518x0%7C468x0%7C1600x0&fws=2%2C0%2C0%2C512%2C0%2C0%2C0%2C4%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C728%2C0&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=true&dlt=1692178711650&idt=801&ppid=2b5dbd4593424029a8cb465b04d32f65props&cust_params=category%3Dtekno&adks=1569351355%2C1272420392%2C3166891858%2C387656988%2C3700514703%2C3496321645%2C488376464%2C4219801127%2C1317296992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4715f03b279deb88098d943548a77cffa0d6542f2edd93537ced623cfa7864fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47374
x-xss-protection: 0
google-lineitem-id: -1,6296043970,6140600588,-1,6140600588,6296043970,6140600588,6296043970,6352736546
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138432102629,138409349436,-1,138409269434,138432102707,138409354407,138432102779,138441205978
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 530ms
530ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96653046fcb4bfe18fb1964800f0103ff7b7a7f3cef1129f1997f1f7158ebca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11368
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4669 6 KB
3 KB 225ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:35 GMT
expires: Thu, 15 Aug 2024 09:38:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 37 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f1127da826eac2c1865978de2f8e3f7923abae3ad9b1fada5037b9252190437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 01:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29756
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13180
x-xss-protection: 0
server: cafe
etag: 2764589781205839791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 Aug 2024 01:22:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E593 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 09:27:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame E593 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame E593 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D8D8 143 B
166 B 10ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame E593 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 097E 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame E593 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E593 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAd5VKCYXP9OOv2OMZHi7s0xgyJU1Yqv0gGW1jlql94VB_xTFxF__mqoniHI0QK63smtNMF8b374O6Woc8pqB5SEA70g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E593 180 KB
57 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 d405e63a5f7e8b51eabf017ab96b7905.js Show response
www.gstatic.com/mysidia/ Frame E593 35 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 20:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:19:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D8D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
22ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:36 GMT
expires: Wed, 16 Aug 2023 09:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5C1 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:35 GMT
expires: Thu, 15 Aug 2024 09:38:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E593 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a80e8d5a9fcb950c18ff20b91f00cd754cdb1b15a821025ada8b14b7415b782d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1z...

170 B
232 B

21ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1zLgCpeAaO3QkWr2UWaWWl410QxfEifXuqdBCXpm3Dfkga9k77bR92cgsWFpkEbLI9uCVaJ5wSN6anfOdz1xlBK1sJN8FS90pa7GxDi0E6qm9E4fg

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEDvVLpaKfYHtLX0-oI42eOc&google_cver=1&google_push=AXcoOmSpWhNMMiQykPT911jRSuwW730sDk-mXbw2AaPxb1zLgCpeAaO3QkWr2UWaWWl410QxfEifXuqdBCXpm3Dfkga9k77bR92cgsWFpkEbLI9uCVaJ5wSN6anfOdz1xlBK1sJN8FS90pa7GxDi0E6qm9E4fg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFsNmj8x8r4T8DNxvX_0Res&google_cver=1&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7wSyjgzf4McuBvVVnP-F7iOnhjwPd8J...

170 B
329 B

20ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7wSyjgzf4McuBvVVnP-F7iOnhjwPd8J6tqPwF6eQJ9vHQOTPfQp9fDtVzIDl8ltQH6226Rw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 16 Aug 2023 09:38:36 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQIaXGpbovdMlAWzJHPrLuMmUjzukgqgcA_79kQfPyJmyNdgswGr_pzW_-576g31KRj31jk90cgTbpJR2T7wSyjgzf4McuBvVVnP-F7iOnhjwPd8J6tqPwF6eQJ9vHQOTPfQp9fDtVzIDl8ltQH6226Rw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 16 Aug 2023 09:38:35 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBJjlGyMSzmDsgCEr-7iVQg&google_cver=1&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXaKxJFKjHYdaedf99...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXa...

170 B
232 B

20ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXaKxJFKjHYdaedf99KffH__VJN-cNtjgdzpTfm17rGNEPIiGEL9hVy_RzKFCK3jkDw_TsaCBuA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 09:38:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmTlfm1mSjKAgx5uJurAmXQpPwgYLR-lOdpL_3ZWJ2OqoVaB_1qkDbTgg3gNxrrEH7HeBLGXjw0MIg2rGXaKxJFKjHYdaedf99KffH__VJN-cNtjgdzpTfm17rGNEPIiGEL9hVy_RzKFCK3jkDw_TsaCBuA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 15 Aug 2023 09:38:36 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 097E 70 B
265 B 173ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIqjw-7LXrjnwD0aoV5TaJU&google_cver=1&google_push=AXcoOmRPq9kQII8r3gsUWBg95FzN8-uTnheh8ySrC_o1eL6VI1DwsUihGH8FM0K_TlJQrxm9oNo4TgPRVEuM8q_OIG43l4c758M0bdR_bLprDHKQZyI7-NNX-Bb1yA-bVfDtCu0jqPunnXtjG3zOhpVSdinWQGw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=50&slotname=2526320597&adk=4060620440&adf=1770059044&pi=t.ma~as.2526320597&w=320&lmt=1692171515&format=320x50&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178715477&bpp=3&bdt=3827&idt=3&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=475&ady=922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ASbvkepp7B&p=https%3A//www.info1.id&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELMQ7gcLRWXbGIquyXor9i0&google_cver=1&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF_VFS__q1dy4dvGsw4Hn_su90wyVf0yTrASxDLI...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF_VFS__q1dy4dvGsw4Hn_su90wyVf0yTrASxDLI0GGsvz9QUhp7FN-S4m7wsrXzrc&google_hm=eS1mQmFjSEVoRTJwR3ZxdnVnRk8zWUhCV0g0RUpLS2pvS35B

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 09:38:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQV4Qvs1j_B-lG44VqwQk0iG5BNxuFODdujCNkOpD6uOahgRb7DPLAhHX2gR1aeQuN06pXPWbSvASaNrAdAkKRnIYF_VFS__q1dy4dvGsw4Hn_su90wyVf0yTrASxDLI0GGsvz9QUhp7FN-S4m7wsrXzrc&google_hm=eS1mQmFjSEVoRTJwR3ZxdnVnRk8zWUhCV0g0RUpLS2pvS35B
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 097E 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 097E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEL5f1BK0HgMV...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5-eJdE1mqyLJmf5WrgxcjhZ1Vk2auqUHXDuO5GVkHHqEBQMAOWvJ8uvng84dpp--xoMOKelfno8yR_VO-mDo3SRAH2KK18yCHkP0sQVt5lgJfi...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

727ms
726ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 16 Aug 2023 09:38:36 GMT
pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 097E 0
130 B 48ms
16ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4pJXbE8KZ0dz5GsZyp98aRgP7E88_5f0cQzXKhi4VlxmPlVYEBPAQCSPTghmDVz5hAk7GlAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 997A 624 B
242 B 52ms
48ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhvzn4gEwAQ&v=APEucNVbva66mzMUAc3x9kfklxCJMd4exRw1LNPpDP2mb1-dPQ9-FBA7Q2FCd80RaIiyinwEarGhSuwx8iqnO88rnhVJMaiHoVqmmGecJi1qOjiruDCOdHGSRoaW_TAZbf_Z_LwDV6eBJCbr1wmxcw5SNltZGNyHA8h_7F8bLVXOe2HcjK6i3Zo

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C5C1 86 KB
29 KB 168ms
164ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5C1 42 B
63 B 108ms
104ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bh_SdHbOkr8vNv8jlIN7Ke_Y35NRBQbR9LO8YrvD6DGIPQUxv0QWdHJY6qqB0PGMsnM1CDrVu6dyZOT2rKRUNe5gX3Bef_k2Sj6YJWvBzLuHRe3wg

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5C1 0
20 B 107ms
104ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13684841717496394660&x=1&ct=76

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame C5C1 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame C5C1 20 KB
8 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5C1 0
0 17ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqCFsmOC2PuVBK4VgOtSi942UxtEbE-tbbbHSEF8HmH2rzhjeawpElxabZNJGmgotylOFXjGmh-5yaOUVJ9-g6eKvvYg
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5C1 180 KB
56 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E593 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 15848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E593
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSUHRG5ncZJ6TJLeg2OMPhPeEsAy28-Gycu67kp-xENvZHhABIJTy4itglYKAgLQHoAH51qWYAcgBAakCC94UsJJQsj6oAwHIA8sEqgTLAk_Q1cfjzAKFM5j3RX6ifpauMwVCH3msSfwN60y...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213825220659752216783%22,%22debug_reporting%22:true,%22destination%22:%22https://hwr.de%22,%22event_report_window%22:%22259...

0
0

65ms
44ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213825220659752216783%22,%22debug_reporting%22:true,%22destination%22:%22https://hwr.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22319384441%22],%224%22:[%2208-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225198962702466500945%22}&andc=true

Protocol

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13825220659752216783","debug_reporting":true,"destination":"https://hwr.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["319384441"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"5198962702466500945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 09:38:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13825220659752216783","debug_reporting":true,"destination":"https://hwr.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["319384441"],"4":["08-16"],"6":["true"]},"priority":"500","source_event_id":"5198962702466500945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame C4F3 38 KB
15 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:34:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 997A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&C=1

43 B
632 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhvzn4gEwAQ&v=APEucNVbva66mzMUAc3x9kfklxCJMd4exRw1LNPpDP2mb1-dPQ9-FBA7Q2FCd80RaIiyinwEarGhSuwx8iqnO88rnhVJMaiHoVqmmGecJi1qOjiruDCOdHGSRoaW_TAZbf_Z_LwDV6eBJCbr1wmxcw5SNltZGNyHA8h_7F8bLVXOe2HcjK6i3Zo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 997A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNyZHNJMB.9lw.Q7LWWyOAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&google_hm=2

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhvzn4gEwAQ&v=APEucNVbva66mzMUAc3x9kfklxCJMd4exRw1LNPpDP2mb1-dPQ9-FBA7Q2FCd80RaIiyinwEarGhSuwx8iqnO88rnhVJMaiHoVqmmGecJi1qOjiruDCOdHGSRoaW_TAZbf_Z_LwDV6eBJCbr1wmxcw5SNltZGNyHA8h_7F8bLVXOe2HcjK6i3Zo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEELE_Wn9XvZ3cZ-HTmOgbsg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 997A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG2M-xhO4fxD-hTKR8hs6V8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG2M-xhO4fxD-hTKR8hs6V8%26google_cver%3D1

43 B
888 B

12ms
11ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG2M-xhO4fxD-hTKR8hs6V8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhvzn4gEwAQ&v=APEucNVbva66mzMUAc3x9kfklxCJMd4exRw1LNPpDP2mb1-dPQ9-FBA7Q2FCd80RaIiyinwEarGhSuwx8iqnO88rnhVJMaiHoVqmmGecJi1qOjiruDCOdHGSRoaW_TAZbf_Z_LwDV6eBJCbr1wmxcw5SNltZGNyHA8h_7F8bLVXOe2HcjK6i3Zo

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
an-x-request-uuid: ac76fdc3-fbe9-4e1e-9016-21fa836d2ee9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
an-x-request-uuid: fab6d795-a15a-4a7d-8485-e156942c717b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG2M-xhO4fxD-hTKR8hs6V8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 997A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
an-x-request-uuid: fd9d57cf-ded5-4e74-b72b-cc0d320a51db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
41ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 16 Aug 2023 09:38:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5C1 0
20 B 104ms
104ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1267670426493&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5C1 0
20 B 102ms
101ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1267670426493&version=m202307240101&ct=76&x=1&cor=13684841717496394000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C5C1 97 KB
38 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyolDqTECFtO21AOttJ3PnduxnkXqg59HLqi17XosjgIjFEEsOAOisXZy9jOkMmVvYQ-Jw5mr8K9kX7izdErtYjfxVozxwHjP4fRo1TimoYC30b_4&cry=1&dbm_d=AKAmf-CojiXSYEsiDNXkX6a_kPjpiqj3KC242bQ9T2F0BoWE0a3ZLG7KYZPPJespxq0m6sQSAwohy4kylpzBxr15BS2NQ0olZwK2Rajhq5VV8aymKh_j-qiIYtgFrG2UrmpTYCq2SI_rLyhJd8sMI_1iBLrLwNmWG4-wEAR-qoqHXkoZNP23nuA7fzdkq4oLK63OznGylZhB5FlB7-KTv_u6bk5ErzRdcUf_0ns8Qfnw4H9BHL6_iY1W0agsRFsV8DBSxy0bCt3rPyUBcQfVC3R-h5o0xCfQFN5XBUGr1N8XHvNYOO-4hpFWgj_v8sx01SwPWKQcDx_ta6FAmb4ja4ex_kA1YzfzCsq_TpfpI85RRdUgkLOn3VTZuRAWXven0i4j8K8YeAaySSgw2uhiqp6YPtZTFzGRkCrX33CnoOntFrNI22fZkvk-kFSW6myMz5-emRI1vgnS7bemNe94alp4wchY7KXSttpwO76qN0x4JVokFe_-6ZcG1qPg9WJpVPEMq_Z0SUkD5iHCGsXco9wV-wcruhaFKZvs25gipLlzErnmZ7apEKb37pqd6IZfl6kZiT77e6p_RrYKbtLxMC1f0lQWgoJkn7GC4y0FoCtoHOL5LBQP450iJ-uOPafIv4dZCVBgzwMB45UJNeZwKybH58VLKXVg4NagLCcM58H7MDpUa0F703MeWUmWFUWTFz36U97Oo7UbwleJV0RtsCB56BKFIsmgPRjbu_1Q0Li05HP8ukNPLlZU7gXQ3e4S-xDyJwR9KUG1DIGlzmnJD4F4Hd_AfJyOqRrapRIF4M43WG4e0N7hezaTFqOMqmZWCAMt9wIKwxRTOerVr_247ELH9hiUxt5UoUVAnZhkCIY_2phTlOQgNCcRQOYr2PclKQIQreXx5qbXaWl5nlda2XqtuYBhquZvIcdZlxF2lHuAy7P3HcZBdK0MU5VqYKJze7gvXGd239PwGLhK2kQFPKRJpCjc_jxIyvtHvHIpCa9K7E-c53_C8gMg6KYQdzrq8V8brizUKWwGZL-FvzNDIDMoVzXMVCjd5mAZb_tBcDaLifssCXcTpph366cgSvS6fwoWubWUPkx9XxEWlWDKYKItJOho4H-r1n7GGTTrGuP6z7VtOHFWwMh2qJ7RBrMppY5sVMDwEiX3cL1a0fYflEN2VHD1Kgo9t8Mw0ov3gdioI76AeOy2goIW4-pNrThVIyXOnlVk2ChB9wUEcueUR1jGvTjw_--HMgjPsfi2RtzrtFlWlOPHyeQOImS8FeuwA97tlIaTbEhyMSTyxeYF2ZeRToBi60EXKSRCvlEc7gYCL8c_uACWXOHRR7chtbR4O2xaTNQkW4Ro_K5ct-rm8XTgpoPMWawAcWZxOP0WEwuRfU2v46qz5iRcTHhV9cy9k159WjZuEpelcd1WKdK933GfkN4wkFAVWVcAQUTNQfRiLh8_wQq5SAvLwgLsflMVd65AG-ZcF1qwzAC93T4xXGWhXkK_HWEGnr0Q81oTGf-fC1s19RpY2-epUzk-rLaAdkb90kRYi3p_lRhwTCUffEP6QdQ1nqtWgRGp64SxBRfKBzTYd5kMynrWtH31_9tWTkDVqPNNG3vmeQdICPJsOyEm8sBbf4247eYWUj17mTZEQJAKz1cphSdW7FhM_pKW4Opc9Lwe2LjDyF2k87zYYGhM5g-eMAelU---4zF5xuIeYjdwQYl7JruS1eiVzOpvlqU7XXQ34S-aDLtc5cdnRbG1juUw1MCYnnIbAi-DP_i3XYWdO-Ua133wvfLaxeGt9N5jspDDzSzcZuIKbyehAC0VBwpq4wtezbl-DYpSp1AlIvFQlTFK2bsgUn5I15bEChJHmwyIME5ca1ciwkS1jAI55hyO0-AsAOcSXrVxWuEJUw2OW2Ofw_HqmRdc5YEm2aiaRL28nbpxie8S8tRIkswV5DRg-LfsRPJ4iJtPd9Ex5sSSd5jQcBuZ57t96Y-qHCKCezNgkByUxqElU4NOkOKgfC9bd7Na2agvPOjDzCDl2fiBNpk6F3P5NQF9duCIz0H7mF4e9htMViq6tDtfAnRNeFrkbN_JknfcSW4VytU66T4bLkoA33aI5pnskUYljPXJRUmo3HzrgF3pUwMiRtjS9HjVYWYECstJ0xjLS2f5TEDzBtDCSB3deB5KimluQdbiN7h2YuhAQBPDSfG9bbmKmNumQyfodmTLtWpF7XTejuefdo--yek1AYNlI365r6FlnHN8OHztGpN4jdroFDH4OFUkYKJoYtnGv4oXtcGtYlswVmnvaOqyWknk9mrILrIy4WXjzPT00DFNZzlXn1f7F7sIpzZxO3u7bo5ifvT1CZP-4ukSR4xRFUpcL0ufmwzncKnqnzaNzQMKxnAvVJ_Qcn4KYf5DkmPIqVkbnIG1URooycEzfepm1n-s5bx_xJpqfjOGmF38xYu7HUeop0qg56NY4AF8_dgp98i9rw5nRbjCrZ2wUorV0cr1XYR7sKLvRsOpfg7HmlkNcIptbQ6HLysUJWFC-4RihwOHWKbijIE9jSSjw7ir_jC99-CQyQK9qXtPTXF-4fJB6IhFOlSX7miO8UKIMDyjg1yQdpngB2rdrWC9Q2jkkyGzZESw0-fBGOugFiZU-5tEeRofVGyeiLHHoFQ9WZQdR8IFTVcKOrGA34uRLtvjqr7IxGo1Ny8v47CCMe2GPtTK-IQfn7aYZoJX5F2LaWMBgj7RrFjTx_pyLIgK7nb-j72yL0ikuiQxEP9RqO2jHG9sTxkkIpul1ZVdevz2S7E7UtHH0x9pqhrWtd8-kzrOuBnsHHOQc659pXxg_Ao4_D8XwYWKXt-vdXcqKMZRHYJLLpfFXnJNrKP8fZoXfW0f_p6Xql4m-06tRAERrsfgY-nxWyXnjZEVESnWAT_DFpu3H3InHDrGFvO9oUnWYQaO7ASaozdgjh0QdBTbS0SRalA1h0DXOgfThmfI4s2JE2hcNOaFi05rOjkgl2NNzjGf2oa4xSWZ_bnIKfKqPP-V2OwVba2D7wX6DyefRr75TZRwWLxdfyXWdpm64un5mPngrxVmsJohoWWJzNpAuHbNU096FY8jabXQuDq6siZZ_-6V-5r8WwPXs3bhgcEOP-kr3lrzTKetj0c6qXrAW5fuesEjv5BektyE8RqsvCvR1njTxrmTYxlv-yeFJ9E31-Quowp4CA93ynTPSyi3cl-pajKsxPw807n390Y-PUCA86H1IoO0FwTFVelKv9h2J6ruU-3hNLX9NW1P0Di5njayB-EKFS4rnJSiHItNYf3w8u3EX5VM_u2FBnsL39MbnD4Xbe7vgJ0N0xGCGgPXbKPIlISdiIcaAJ37glsFH7lz73brMTinyWae0ymLbOa7_hPPt0utG869M0XjvVcO8bGQsXW5pxvCyGe6Z7rggI1BKoE0EeFyhI5wi_OTxWAW9HupI8kM5dblAZXrxGLkUVQbV4MgvOBOpW7ZNyvYm_zMJKVrIGjQGSfTtaI3tbK1sOiFLJQ9sPb7jlh6bxv0YfC6NywA1cJzmanPttH1IosnS73bmc6uXI01dQEvpgsQL9s3Y2glLlFB09Gz0FtNhbP4pIO46_kXCGLy4u0-WT3eSM9e8s3O_O1QuglFdyUz_t04Tx-AUsqfFSew0L5idbE4DPVeslMyYTBGJDFOEPk9X9_18lYz5vOsQsTduJZOH8k41Mqv0sxvMBsToJb4hFl6GCGvM8N_UBFcpoGH3cZu2pdAIrRdS3z3LsNpmx65BK963smJyjTDF-VyGB_rKSsM__H9hBtobfTsrJQMZ0b-TNbqoTaqNb_55C7iGd398HteYqOhv8tvPO8XCqok6Ah0A-GwtqLQ6EKfakCWlP2gidP0U4e9TO_cDejjz2XqCig&cid=CAQSTQBpAlJWxZ_GvtlIbShR8IVsf1BloylxCS5j605K-mHh-pheR1aegYWaIQ9vH4_F_NUwBwx3DFxE6TOAwWcjb1j0bqCtWWDvkyAJnk5TGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.info1.id%2F&ds=l&xdt=1&iif=1&cor=13684841717496394000&adk=3047537735&idt=171&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69c061a71a0203bbebd93dded2283e48ec7674304184ea4b7f0d9b527c70b5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38945
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C5C1 172 KB
61 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Origin: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 05:22:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame C5C1 11 KB
4 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CyolDqTECFtO21AOttJ3PnduxnkXqg59HLqi17XosjgIjFEEsOAOisXZy9jOkMmVvYQ-Jw5mr8K9kX7izdErtYjfxVozxwHjP4fRo1TimoYC30b_4&cry=1&dbm_d=AKAmf-CojiXSYEsiDNXkX6a_kPjpiqj3KC242bQ9T2F0BoWE0a3ZLG7KYZPPJespxq0m6sQSAwohy4kylpzBxr15BS2NQ0olZwK2Rajhq5VV8aymKh_j-qiIYtgFrG2UrmpTYCq2SI_rLyhJd8sMI_1iBLrLwNmWG4-wEAR-qoqHXkoZNP23nuA7fzdkq4oLK63OznGylZhB5FlB7-KTv_u6bk5ErzRdcUf_0ns8Qfnw4H9BHL6_iY1W0agsRFsV8DBSxy0bCt3rPyUBcQfVC3R-h5o0xCfQFN5XBUGr1N8XHvNYOO-4hpFWgj_v8sx01SwPWKQcDx_ta6FAmb4ja4ex_kA1YzfzCsq_TpfpI85RRdUgkLOn3VTZuRAWXven0i4j8K8YeAaySSgw2uhiqp6YPtZTFzGRkCrX33CnoOntFrNI22fZkvk-kFSW6myMz5-emRI1vgnS7bemNe94alp4wchY7KXSttpwO76qN0x4JVokFe_-6ZcG1qPg9WJpVPEMq_Z0SUkD5iHCGsXco9wV-wcruhaFKZvs25gipLlzErnmZ7apEKb37pqd6IZfl6kZiT77e6p_RrYKbtLxMC1f0lQWgoJkn7GC4y0FoCtoHOL5LBQP450iJ-uOPafIv4dZCVBgzwMB45UJNeZwKybH58VLKXVg4NagLCcM58H7MDpUa0F703MeWUmWFUWTFz36U97Oo7UbwleJV0RtsCB56BKFIsmgPRjbu_1Q0Li05HP8ukNPLlZU7gXQ3e4S-xDyJwR9KUG1DIGlzmnJD4F4Hd_AfJyOqRrapRIF4M43WG4e0N7hezaTFqOMqmZWCAMt9wIKwxRTOerVr_247ELH9hiUxt5UoUVAnZhkCIY_2phTlOQgNCcRQOYr2PclKQIQreXx5qbXaWl5nlda2XqtuYBhquZvIcdZlxF2lHuAy7P3HcZBdK0MU5VqYKJze7gvXGd239PwGLhK2kQFPKRJpCjc_jxIyvtHvHIpCa9K7E-c53_C8gMg6KYQdzrq8V8brizUKWwGZL-FvzNDIDMoVzXMVCjd5mAZb_tBcDaLifssCXcTpph366cgSvS6fwoWubWUPkx9XxEWlWDKYKItJOho4H-r1n7GGTTrGuP6z7VtOHFWwMh2qJ7RBrMppY5sVMDwEiX3cL1a0fYflEN2VHD1Kgo9t8Mw0ov3gdioI76AeOy2goIW4-pNrThVIyXOnlVk2ChB9wUEcueUR1jGvTjw_--HMgjPsfi2RtzrtFlWlOPHyeQOImS8FeuwA97tlIaTbEhyMSTyxeYF2ZeRToBi60EXKSRCvlEc7gYCL8c_uACWXOHRR7chtbR4O2xaTNQkW4Ro_K5ct-rm8XTgpoPMWawAcWZxOP0WEwuRfU2v46qz5iRcTHhV9cy9k159WjZuEpelcd1WKdK933GfkN4wkFAVWVcAQUTNQfRiLh8_wQq5SAvLwgLsflMVd65AG-ZcF1qwzAC93T4xXGWhXkK_HWEGnr0Q81oTGf-fC1s19RpY2-epUzk-rLaAdkb90kRYi3p_lRhwTCUffEP6QdQ1nqtWgRGp64SxBRfKBzTYd5kMynrWtH31_9tWTkDVqPNNG3vmeQdICPJsOyEm8sBbf4247eYWUj17mTZEQJAKz1cphSdW7FhM_pKW4Opc9Lwe2LjDyF2k87zYYGhM5g-eMAelU---4zF5xuIeYjdwQYl7JruS1eiVzOpvlqU7XXQ34S-aDLtc5cdnRbG1juUw1MCYnnIbAi-DP_i3XYWdO-Ua133wvfLaxeGt9N5jspDDzSzcZuIKbyehAC0VBwpq4wtezbl-DYpSp1AlIvFQlTFK2bsgUn5I15bEChJHmwyIME5ca1ciwkS1jAI55hyO0-AsAOcSXrVxWuEJUw2OW2Ofw_HqmRdc5YEm2aiaRL28nbpxie8S8tRIkswV5DRg-LfsRPJ4iJtPd9Ex5sSSd5jQcBuZ57t96Y-qHCKCezNgkByUxqElU4NOkOKgfC9bd7Na2agvPOjDzCDl2fiBNpk6F3P5NQF9duCIz0H7mF4e9htMViq6tDtfAnRNeFrkbN_JknfcSW4VytU66T4bLkoA33aI5pnskUYljPXJRUmo3HzrgF3pUwMiRtjS9HjVYWYECstJ0xjLS2f5TEDzBtDCSB3deB5KimluQdbiN7h2YuhAQBPDSfG9bbmKmNumQyfodmTLtWpF7XTejuefdo--yek1AYNlI365r6FlnHN8OHztGpN4jdroFDH4OFUkYKJoYtnGv4oXtcGtYlswVmnvaOqyWknk9mrILrIy4WXjzPT00DFNZzlXn1f7F7sIpzZxO3u7bo5ifvT1CZP-4ukSR4xRFUpcL0ufmwzncKnqnzaNzQMKxnAvVJ_Qcn4KYf5DkmPIqVkbnIG1URooycEzfepm1n-s5bx_xJpqfjOGmF38xYu7HUeop0qg56NY4AF8_dgp98i9rw5nRbjCrZ2wUorV0cr1XYR7sKLvRsOpfg7HmlkNcIptbQ6HLysUJWFC-4RihwOHWKbijIE9jSSjw7ir_jC99-CQyQK9qXtPTXF-4fJB6IhFOlSX7miO8UKIMDyjg1yQdpngB2rdrWC9Q2jkkyGzZESw0-fBGOugFiZU-5tEeRofVGyeiLHHoFQ9WZQdR8IFTVcKOrGA34uRLtvjqr7IxGo1Ny8v47CCMe2GPtTK-IQfn7aYZoJX5F2LaWMBgj7RrFjTx_pyLIgK7nb-j72yL0ikuiQxEP9RqO2jHG9sTxkkIpul1ZVdevz2S7E7UtHH0x9pqhrWtd8-kzrOuBnsHHOQc659pXxg_Ao4_D8XwYWKXt-vdXcqKMZRHYJLLpfFXnJNrKP8fZoXfW0f_p6Xql4m-06tRAERrsfgY-nxWyXnjZEVESnWAT_DFpu3H3InHDrGFvO9oUnWYQaO7ASaozdgjh0QdBTbS0SRalA1h0DXOgfThmfI4s2JE2hcNOaFi05rOjkgl2NNzjGf2oa4xSWZ_bnIKfKqPP-V2OwVba2D7wX6DyefRr75TZRwWLxdfyXWdpm64un5mPngrxVmsJohoWWJzNpAuHbNU096FY8jabXQuDq6siZZ_-6V-5r8WwPXs3bhgcEOP-kr3lrzTKetj0c6qXrAW5fuesEjv5BektyE8RqsvCvR1njTxrmTYxlv-yeFJ9E31-Quowp4CA93ynTPSyi3cl-pajKsxPw807n390Y-PUCA86H1IoO0FwTFVelKv9h2J6ruU-3hNLX9NW1P0Di5njayB-EKFS4rnJSiHItNYf3w8u3EX5VM_u2FBnsL39MbnD4Xbe7vgJ0N0xGCGgPXbKPIlISdiIcaAJ37glsFH7lz73brMTinyWae0ymLbOa7_hPPt0utG869M0XjvVcO8bGQsXW5pxvCyGe6Z7rggI1BKoE0EeFyhI5wi_OTxWAW9HupI8kM5dblAZXrxGLkUVQbV4MgvOBOpW7ZNyvYm_zMJKVrIGjQGSfTtaI3tbK1sOiFLJQ9sPb7jlh6bxv0YfC6NywA1cJzmanPttH1IosnS73bmc6uXI01dQEvpgsQL9s3Y2glLlFB09Gz0FtNhbP4pIO46_kXCGLy4u0-WT3eSM9e8s3O_O1QuglFdyUz_t04Tx-AUsqfFSew0L5idbE4DPVeslMyYTBGJDFOEPk9X9_18lYz5vOsQsTduJZOH8k41Mqv0sxvMBsToJb4hFl6GCGvM8N_UBFcpoGH3cZu2pdAIrRdS3z3LsNpmx65BK963smJyjTDF-VyGB_rKSsM__H9hBtobfTsrJQMZ0b-TNbqoTaqNb_55C7iGd398HteYqOhv8tvPO8XCqok6Ah0A-GwtqLQ6EKfakCWlP2gidP0U4e9TO_cDejjz2XqCig&cid=CAQSTQBpAlJWxZ_GvtlIbShR8IVsf1BloylxCS5j605K-mHh-pheR1aegYWaIQ9vH4_F_NUwBwx3DFxE6TOAwWcjb1j0bqCtWWDvkyAJnk5TGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.info1.id%2F&ds=l&xdt=1&iif=1&cor=13684841717496394000&adk=3047537735&idt=171&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame C5C1 30 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C5C1 41 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 03:20:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6617 1 KB
643 B 11ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C5C1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 389de9c5e02c14d9497242ab32345d79e5937730cc2bf2f85780a948f359e8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE03 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:35 GMT
expires: Thu, 15 Aug 2024 09:38:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16A9 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC7Esrb5pSfN0nDoP4IMOVffIrmwUVqbvS61p2YpPZ0eTGOycg_ZMSFCCPpogcVBU2Cdpzaj_KJY-aGIOdxknby_2Sa2SnbLXDnZ_fW4RY-tg9WyRvqaeZNJ-veY3LYtjZVOBFK5cd5KE0baKwXNWgoMx5L2mpLdWqpapgvjcHglVWd3XnSxgqqJJ57aYR98mjiFaWmHjaTpzPmSNTKkY9feVCzGZpipwKV_74r9iDDQY5rLDVg_hFzLYq0mEbi1i9hRH4OxQn2I_tcs28_97_c3Y-vKkogs5_rNp7_5egGUOVGVcnDwuj7s3BjyLYZU__wgLub6g93do2&sai=AMfl-YSVVPq5CugBGeYSyORonLjFghLQF_NG--10YkcWtY0dztZChr8-hytMQ7mdgLRkySSIXkQN7C07tapLp3abRW4EpLTPo-KiuZCkWIiRbHkoOdiwjoa3LT_LJWIxbYRX_L0IcLIqRqTWPJ9nQv7J3w&sig=Cg0ArKJSzMbjInn3Q4oqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 16A9 146 KB
50 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9996f4b373f0faa259c92cae3599e7db75452da88f5bb41378f974c6c65e687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50865
x-xss-protection: 0
server: cafe
etag: 7072294175330170009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16A9 180 KB
56 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7667 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMvmGmGDOxJYtD15ztxMn5IEyTfc16noZkdn93O29lPVSW3s7A3eUwVYWDQf9MdJM-gfi3I8jjZPkvFrt215XmYJon717bYiat_ltRu_Gjd-jNwAQIjszCd9wRtz_1chPhl0mz33-KPNmKw_t8OMMbFmNEnXP6xOzHNnnexDszIzsDLpdt-uJjpVDf1P5PJ1_ftjC2rBlZHq0uCbxWst94gELVQs4hdTRswN_1636uNQ91cRtaNTfH8FWUC_Phwkt36Ny-lIdwvWej_cPVRxYCgwbOlx7BhDyu65_UweLk39lRSn8uf-3Jt6d1eIHw0iASqQ&sai=AMfl-YTdP2LJYhs45tnzGakY213mVtCZF5l7GQSCVvWKfUuiy7hAb59kQgiSdA3lV716sfp3SH8b-aVjp6cBt9vRT7xUEs3-2eeceO6XEUaevLaZCLzsnjVaFG0Ig-tuM5EUslWalNiVHN06ivRQWOHq7A&sig=Cg0ArKJSzAOft0ERhljeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7667 146 KB
50 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cb72b93c05bc5272264f7037c8a28af042cba5635c041cde38d75e6ed75a8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50864
x-xss-protection: 0
server: cafe
etag: 5548183673741906711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7667 180 KB
56 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 container.html Show response
db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 027E 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:35 GMT
expires: Thu, 15 Aug 2024 09:38:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C599 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJSPrH7zVQJXb62uZQVrqcUHHKTzg4BHMuvqMlLcoLLyr3Aur1RtkjGjM_sj9B-qqTMyvxXvQJXtN39fPrr7af3Z020egg98Gte_Gz37ac3Nm11YvKok42Q-NRXkmicqInUxaYkNT3sYcH526k73IKpKyd9OmH4mdkjKnTZlIuk65bsda3JyouZgnEuhqCE6YqhKM6b_edLKxIm072t_3DCx6sphexyy27JpZewHGNGkf_6hJU_GNzgiwLd8tOUdtv9iULsmAceREs2qwRFNUgMcdOFaxjstEHJAOE0mVOQeCHd9ZXmFlCJNFEciyN7HusMgU7Ynk26Y37aA&sai=AMfl-YSwBAGkUET5-e63zTqkHhf4BidkAQ73hdWrI6_KVGfMBKogCq3juls2P26Yw1UBKukmrKLCRSm7yB_NY2QoWfLA74UUwn5DtbYP3EoKhhVGz75irAaKMBhXigeti4n3TlxVXfcmu3dAQzUZaicirw&sig=Cg0ArKJSzPNN03H6RSoPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C599 146 KB
50 KB 138ms
138ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

637aea4506eea6fce448ff156fba11fcf5e8df8d5d585bb63dda99de31e5c584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50863
x-xss-protection: 0
server: cafe
etag: 16344991708248906773
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C599 180 KB
56 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65EC 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA1UllslbH6iliPUDXncKKqPjcpaDzUJHoupg89W0pWsbvCEnJLqxE4aIezMjZY5amj5FmxoPlJsypXmLj3ZjkrSG8AUSKxjGmIfv-8NbcslFaClsiGIgZLqUyIEkuACXZ1IKKNWT6CGVvUagppgCLtSCzuB9IzoLNiwupqHyZTGlv2z2EdGENzpN1d2qsTg0l_JOOxyioant2xokHftXactnpvnReLlhLrDnREwCi0xhgHU3OYSw4fTbnM4N_p77YRSDtmPmZArj70ipvN4ZWmRiTpg47eZ6FcgflM6KxGbtCOWtLOVc6ClnHTDkryDp2KaeaB6TSrExt8Q&sai=AMfl-YRvctknWclAM2dL43hbpA6hCLHrDAnIz6uz4iJqGhsex2OdU7wdpwd01Ow0h22uZRk7-dL21ikIEjH4ToCouvFUPUVdB24eTOt8PVqV6O-wNJDgahUzewfWZ4hc-p1hswCcaBdYRJSy0r6D8dyhKQ&sig=Cg0ArKJSzP6xHTpZVEKvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 65EC 146 KB
50 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8143035bbd0280c7e8c1eefbdf55ade84410fd483bc9f785be48bcfaa8105a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50869
x-xss-protection: 0
server: cafe
etag: 5036674881639231969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65EC 180 KB
56 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B34B 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3hZD486-yYXf0bEOr6AoRrSIVWoT9illIEZruh4Tmiqj-L1_E-Z-75V1rWhei3q6r9bMH13BynmrkZG6yZs1k4vyRfcPdxtFqOR1GzgNsV2pKmsiDHwvSJt9uWBudYCUoxQobYE4QgRaVb0VybW2PqkOqaWdaLOGHzmEbn2yV1Bl5VX7rb9q0RxAHDjj0ZfPANobr4UiGPyzXPCpb1WhEMDfRB-Av487Glguk595KAfFBF2y3NQxRDPZJVPK1FvTcOPV_PiURrFmD6XbX8IqQxD8ZcNDOdbHJQvPIl4tHidyei8oF3aRzruljEHrKhJqayCrsbKTh-03BSA&sai=AMfl-YRU8_csFoWM9bAAaJGZt9hA1yIHkzpIonTe6jpsQQXxS1BSzIQ9T4oexw3QPxotFED_Qk0XU728CQNe7JGFdEDMIWWeTJnvdtvSy3VvJV9CvadCciFAEE2hWk93v606azYCGr1Uf-k-dtPXSH-5DA&sig=Cg0ArKJSzLFrmRPBiip2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B34B 146 KB
50 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b7529c3c9bbbb7a04c6f110740aee86d9fdcbd9d517480dbb7f549600d2390e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50864
x-xss-protection: 0
server: cafe
etag: 17679866322135827497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B34B 180 KB
56 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC29 0
0 48ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdDReVdyyvhv0bkkF1mD89zUtWOrDiWfMI_tsh92-5eLvaJLume-lT9i57ULa8F2479vVxEHz3Ue5ZROunMb-bApWduLmY1kHECeO6RjztOwkvCZ67uSC-zodGlVsQYYMC2J5sjgRc1u8tVAjH_BmKF8hXyISXvyRNo9i_rti6L0C_189MgbhJEvWGz21EJaAuJ5xPd0qDbg-ibUKC9B5N5MedbZJfCzSUcBsQ0LccRzLpbD0qrS5Miine5qYv9iccAne0YnO472MtlPkWzJMGqVPJCR-ZNglTO64UkruW9_5W4HNCZXlewGjmLb5b52D0pP6EYKo&sai=AMfl-YSqLzlUQMtBaEt2SiUTVS5LsLrI75W-kuUJ8bO-aLQF1eIJkum_ETqaqc8aMEapg--OCv6a3SwNmx6Boir5ic-BlNVCBY8-vqUmjT0Tcx7O9c-7QeOlEVHo4Quw7dlId6YWnn2VdajquKaTt3pmbQ&sig=Cg0ArKJSzEd0j9pPVEauEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DC29 146 KB
50 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f98575ee35bf9b5a0d175865298b7d3c49c57f4ec53ba89d36f0f38da431b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Origin: https://www.info1.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50864
x-xss-protection: 0
server: cafe
etag: 17356824369543334929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC29 180 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H2 200 tag.js Show response
ad.impactify.io/static/ad/ Frame C450 4 KB
2 KB 74ms
33ms Script
application/javascript 2606:4700:10::ac43:14d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.io/static/ad/tag.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea0dcd6669e7992e4318454185c834fab775a914a616a73770c0bcfef18a421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
x-amz-version-id: yGziDaGfFzVGB6W_7lNGGMX71LKrv3Ti
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Aug 2023 12:08:40 GMT
server: cloudflare
x-amz-request-id: J581DD3C82WCKRQE
age: 3493
etag: W/"c6996093ecc4f9ff6ded226a9a75d249"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7f78b492fd4c363e-FRA
x-amz-id-2: D2g750czYS2+/rzQ1dPgR41rZNq0I79h79wFk2kJoZZ5E7NNNq40pjPLXeVqB883x0FR83WRBJ0=

GET
DATA 200
OK truncated
/ Frame C450 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e79460edbb08f563002fea13054c6a68cfa363c556a15551ea5749a74b50861

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6CC2 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 21:08:54 GMT
expires: Wed, 14 Aug 2024 21:08:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6617
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI8Y6xvDMugZ_3mpLkbi5d0&google_cver=1&google_push=AXcoOmSWnVRAeY2LD0olDE7cB8-OV6BLRQT3G_aMqK4I6XDeVsZLxf8juX_Dgx1pX6tU0zZ2CNmeF3kO7AuMknl4bwC9ZgoW_jBR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkyNzQzMTA5MDE2NjM3MTQ5OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECcOESndlRlgsL7qFcWZXZA&google_cver=1

43 B
398 B

54ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECcOESndlRlgsL7qFcWZXZA&google_cver=1
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECcOESndlRlgsL7qFcWZXZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6617
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELMs-2JyVGT7cSDm77O3v2U&google_cver=1&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-4rzEQ8bbtExGB
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-...

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-4rzEQ8bbtExGB

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 09:38:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRw-_97V6Qqx_Hr19fwOo1CfsFYkGfegsHBUBWpIAuhEXh8QQeaCfDOroLd5ExqGo5SjpqeAgblO9nOfc-4rzEQ8bbtExGB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 15 Aug 2023 09:38:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6617
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrfA1_AAFMIH-KkChQf41E&google_cver=1&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhM...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOrfA1_AAFMIH-KkChQf41E&google_cver=1&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhM...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA&google_hm=HKOisGZHurzQW3OJTvyR...

170 B
188 B

22ms
21ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA&google_hm=HKOisGZHurzQW3OJTvyRF6YK

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 16 Aug 2023 09:38:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSbP8n8Xe6aefM75E9oaWy4ZzkyBjuwXorCDUEDa7sMY0kQ8C1QWFgyD1dzgw_wliy932FA8I8bst9tEGdhMzgLxrZMYhxCqA&google_hm=HKOisGZHurzQW3OJTvyRF6YK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 6617 0
125 B 76ms
14ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOL0lnHy9lczNIqzFYjJrhM&google_cver=1&google_push=AXcoOmSt7GYvp1vmJlEiK42qTz1iFJfrKvcCByVwzPf_YINbWRbPnr14RA2YFCPmA0m416JaCW50OV4crJ5HL5XL8IcR2m2T9YXYIxs

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 6617
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDNw-vzw5tLFdGfa7OgakQk&google_cver=1&google_push=AXcoOmQcvNRvDLWV-pitInjrYn2Y9oC5HQ5iN0RRCVm37V7OMhLf8Jc0FsBGnQPIcs9kxANeQmHYie6UbH0...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQcvNRvDLWV-pitInjrYn2Y9oC5HQ5iN0RRCVm37V7OMhLf8Jc0FsBGnQPIcs9kxANeQmHYie6UbH0_TpgFFwyjiAxR94ozGqE
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

17ms
17ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 6617
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPGW_j03drYx...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSJXoHPcxVHfZa_Hjn96vBHEwDb4shjCRZ8btYgDIez9yu2E-AOq0ybR2BPke8_SyXrGjCW2etNmZxxOX66Dl-wF3J6rZBoYCo
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

458ms
458ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Wed, 16 Aug 2023 09:38:37 GMT
pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6617
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJx...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJxCvS7rBBk9YO7ukqDA...

170 B
188 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJxCvS7rBBk9YO7ukqDA16I7QlLubh_RpCgpbwQvnEJNi5rUvApVuyw4hJsyrYFxoBmBCponwt3p9d6mi9dJNAhH0

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
an-x-request-uuid: 19c9d81b-c1cd-41f2-9d5c-9df6aa5f367f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D&google_gid=CAESEK6i-LTNuGy94hD6s8G0W8I&google_cver=1&google_push=AXcoOmShkiLb4zjJxCvS7rBBk9YO7ukqDA16I7QlLubh_RpCgpbwQvnEJNi5rUvApVuyw4hJsyrYFxoBmBCponwt3p9d6mi9dJNAhH0
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6617 0
12 B 15ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2-gltSdmJnhq232WBCBQbWiDlPmS1G-rrQVyoH4PGzrjAS21RDOooV6IixXQ5FqciqFEWZ0TjtQ

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css2
fonts.googleapis.com/ Frame AE03 4 KB
671 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:45:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 0E9B 78 KB
33 KB 158ms
33ms Script
application/javascript 2620:1ec:46::45

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66c86a2c54f6f0e838b14c4d312d360cc0d8eac65520440bf5e03b29d55a0e3d

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Origin: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 18:32:38 GMT
vary: Accept-Encoding
x-azure-ref: 20230816T093836Z-y7xr0xc8c534tcf13kzgg846r400000000cg000000011yq1
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0f427732-001e-008b-4b72-ce18fc000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 0E9B 80 KB
27 KB 71ms
24ms Script
application/x-javascript 23.218.208.187

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 09:38:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Thu, 15 Aug 2024 09:38:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 0E9B 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 0E9B 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E9B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMQS6iHyHi_CQyOAYGE1WbBrRBatuB50jpwVgijQLZQ_Q1gnjvGMRHv9tS9ox4rKJ5SZAx8OvhW2d1tpSb5fA3IcdIBQ
Requested by: Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0E9B 24 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Aug 2024 03:56:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E9B 180 KB
56 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 0E9B
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dd9a2855-b374-4d3b-8044-52d17d2ceca9&bidId=d8d68fa68c6f41cb885c5e6bacb2e43e&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=16264...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d8d68fa68c6f41cb885c5e6bacb2e43e&SNR=1&GV=2&med=10

0
544 B

46ms
45ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d8d68fa68c6f41cb885c5e6bacb2e43e&SNR=1&GV=2&med=10
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED7D14835C1343A69556030CE8D10ED5 Ref B: FRAEDGE1414 Ref C: 2023-08-16T09:38:37Z
x-cdn-traceid: 0.92a12417.1692178717.1844ec50
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 16 Aug 2023 09:38:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0068134E6F844E69931A01300AA9427E Ref B: MIL30EDGE0910 Ref C: 2023-08-16T09:38:36Z
x-cdn-traceid: 0.92a12417.1692178716.1844e960
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d8d68fa68c6f41cb885c5e6bacb2e43e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame AE03 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8576
x-xss-protection: 0
server: cafe
etag: 10593844011591499743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B9A8 624 B
242 B 50ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiPzNDwATAB&v=APEucNXk1mFzpQtpf6CrSXukW97mXb4PkyfgXPUfslne1v-MmWeyUeLClSR6d7TSM7gY43dotn5xkupbNV_T95NsUss_OlWDDFuL4ChrbsKvhvs_hzJ8yhfe7xcvIH_0M4efqmHtkkSR8zLno8iNIPlXL_TcATAvUemS4VaKbjZH6aZkA6cwEE0

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 027E 86 KB
29 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 027E 42 B
63 B 106ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bag88gItiOqTHyzb8rTtLMY8VB7imhQ2B1XXwgumYpIqCyB7BdKZGOdGgricFFyjClNBoYalUdOeIKS_dBBABVSN45eu83XABh3nXGeC6WVez5MEM

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 027E 0
20 B 106ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10671541165487929928&x=1&ct=119

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 027E 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 027E 20 KB
8 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 027E 0
0 25ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpIFsOAgZhbQJSsyXCFY29Kdta7x2GrWItqy98TSB9tF1Jqq3mO2cfxzFkUWeiaSjmqHhC83oDHIN6N1k3N3dzQQ1-RQ
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 027E 180 KB
56 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/346383189655976896/ Frame 34E2 1 KB
767 B 39ms
19ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:36 GMT
expires: Thu, 15 Aug 2024 09:38:36 GMT
last-modified: Thu, 27 Apr 2023 13:48:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5C1 0
0 113ms
60ms Fetch
image/gif 142.250.186.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQCjvhxYOcO2sQhMZ3pgbqYyyeVECHB_1t5CXjvhIFmmgmQoz4G27R_Uq54BQxd28Ijmtf56hkRDVjJ1PRxbuKczWD-hvmsbwlMUlxA8SvZyCSpglbqNeTq9Jtw4ptr-RUZ_Z12L_Fik8IzbnxMKU0wwOCMdBq1s9QEAdA6fuPJCNTfb2BkUCzC6jVCYr5crXubIAL1Zwa3UuVGWPjq7nNhIMvxTeH83-9q7qIbBtRk6Kb58Zhpaa1FPE0gpL-YSAXMW9XnJJszqIAvLQCCbEWxyX_FQnX3_yaGCw4f5lIId6VYLGTKN1EyZcBoedrkjhV5oa8etSYI8zx5BibNOp0v8inIyTBaNFXJ0K4HEIkQUXN72oSEYyfKy7-KAEOKNHiwOEA1otLP5RrFDFdCaw9dCauo_2G4SvtKofCdV9psZP5cQIfgVjMi5TyOyfZH09HeLGwsGhd9JxPr0mvOxNt4qadbzSOwRN8r68KQzeVm2FDbKUr-xCbJDsvuE0iuHk8Xzhd9-4-aHOtddVcpy4-HTjqWrp38n4ORXb5J7gE7NSoAX5ydc2Bira_I3fpbC4LFDgzuTQ2ZrLrWo5UCECZqK2cBF2Y4F6py4Qf9-TpHZlDjnLfdYfW6PrNuMt65HJEs-6LOkreU6LzSJzWf5X8okjDckPukXPhcIo4dlJhnxXvZbGx40FTPY5-CLV_CcAXU87kt3u5N3FtbZvzawFXyfO2_LbDsHXCkyDSzYPg928HBDpZ57PFoy7nwwxePrkwsoa2Wd0fsmuHseL6e3jwoYdEltIojz8QB3baQ7MtRJYYtK9j92ceqVLqjT3tRp0M253eCcUTdnczlHA_Ny1hkCOsibxf6SeV5wK5NjaWuQ_iz3AMjDeKgECo3ul7rG5wPEC4F1mCSYxKIhdR6_MEv11Ihmedlg538fKMcNtpBGNtky9B6-jLTgbXDJvF-r_MSyUw2fu6pMvOIZiPkE_4YZ_GiOnrk2x8e1LqM4pyAO-xxdoisx1-S3UiOR_WSdkuprJSyKerTlqdkpFAd2O4gHbhiRTbNAoXdZFhKyU7pVtt34RWexvt4kC7oZbYsHJatMUQVzLiptNlKF6MVMlv1L409N8cHcIHN7YoVx5XENwNgD_664c1gSHKDFWNCPDR0DaEw393s8p1tyq7DrwqLGr8kTM-2QE0LdsTfcng0qqDHMHHHGD1sFBbCrG0jhjS9BPmEyjH55gFJFLBSPs82kQHdUzSZuGolBxadjlO3cPnW_pOc7RwWTGmNuVOPkGMS3GDJW8RPeCaos4wTzgvheehY_sQL_wWgwt-8tJOQlA39LBWELLt6w&sai=AMfl-YQras8JpfcYp4z-mP8JcW8TbsYe9SqvnyM_HKES6zqu9axFIM-bton8aAodHJlHNtSaNilmRgzz4vwLovQnwT1odhygErBCI6YaQ_UgsMGOpO_t41t3F6S0Hw0dC5GHgbuSjXgC7hx1AQ5o8FbG8m8eO4_uzsZa0XNoWehEXjg205lnbuPUSMMvILNkTZPgHA5vnudhJgEoUWIWLj17MTfXUkmJHY7eawACSwCfajLC51KdrX6LEZaauS1V1-2qzA-aR2NTJ7JaxzIBpXKbSjjy0JsT7HxzKvW1k7ZXhDj9XLqyrYAa_-Y9XIQA&sig=Cg0ArKJSzIdhGxTsKc8hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=359&cbvp=1&cstd=342&cisv=r20230810.25388&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 09:38:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame C5C1 60 B
60 B 91ms
21ms Image
image/gif 85.14.248.91

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030143&extPm=361382407&gdpr_consent=&gdpr=

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 16 Aug 2023 09:38:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 16 Aug 2023 09:38:36 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 16A9 369 KB
125 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6371a2d4bf328a385d4b0581a2fceb43022d97f8bd3da4024bceef2178ed96b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128224
x-xss-protection: 0
server: cafe
etag: 1226722369109292702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:36 GMT

GET
H2 200 screen.js Show response
ad.impactify.media/static/ad/v5-1.9.87/ 241 KB
80 KB 84ms
13ms Script
application/javascript 2a02:6ea0:c700::10

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.impactify.media/static/ad/v5-1.9.87/screen.js?v=v5-1.9.87
Requested by: Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9f5404c69108f183df786f418b13aecc672e66f42e9f33be2062038984e80b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 09:38:36 GMT
x-amz-version-id: cElXV8D3iGug.KjlbaPh6qNM0UqKQP0n
content-encoding: gzip
x-amz-request-id: ADMYR3NQG5W65S3G
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 1307
x-accel-date: 1692177409
x-amz-id-2: 5CY4FV9hj8/xM0iwiGj3qBCmO0Ax4NX28tA6AT2aTKiGM/hMbKmT0hEC2WP6cu7q+TLVt18TjY8=
x-77-nzt: AcO1rw5+gID/GwUAAA
x-accel-expires: @1692181009
last-modified: Thu, 03 Aug 2023 12:08:40 GMT
server: CDN77-Turbo
etag: W/"77d40ebc0f06d44357b3221cd60598f4"
x-77-nzt-ray: 908339303c4f544e1c99dc64aca2da37
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B9A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiPzNDwATAB&v=APEucNXk1mFzpQtpf6CrSXukW97mXb4PkyfgXPUfslne1v-MmWeyUeLClSR6d7TSM7gY43dotn5xkupbNV_T95NsUss_OlWDDFuL4ChrbsKvhvs_hzJ8yhfe7xcvIH_0M4efqmHtkkSR8zLno8iNIPlXL_TcATAvUemS4VaKbjZH6aZkA6cwEE0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B9A8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNyZHNJMB.9lw.Q7LWWyOAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1&google_hm=2

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiPzNDwATAB&v=APEucNXk1mFzpQtpf6CrSXukW97mXb4PkyfgXPUfslne1v-MmWeyUeLClSR6d7TSM7gY43dotn5xkupbNV_T95NsUss_OlWDDFuL4ChrbsKvhvs_hzJ8yhfe7xcvIH_0M4efqmHtkkSR8zLno8iNIPlXL_TcATAvUemS4VaKbjZH6aZkA6cwEE0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOXPs9sdYa5KOWYGYDlLAnU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B9A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHZ2SQUe6qJI8CviTefgOc4&google_cver=1

43 B
841 B

10ms
10ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHZ2SQUe6qJI8CviTefgOc4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiPzNDwATAB&v=APEucNXk1mFzpQtpf6CrSXukW97mXb4PkyfgXPUfslne1v-MmWeyUeLClSR6d7TSM7gY43dotn5xkupbNV_T95NsUss_OlWDDFuL4ChrbsKvhvs_hzJ8yhfe7xcvIH_0M4efqmHtkkSR8zLno8iNIPlXL_TcATAvUemS4VaKbjZH6aZkA6cwEE0

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
an-x-request-uuid: 43d2a44f-7c51-4f5b-ae19-6289631b2861
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHZ2SQUe6qJI8CviTefgOc4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9A8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
an-x-request-uuid: a83f59f7-8dea-46af-9e51-6f957f1036f0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODcyMjEyNzE5ODQzNDExMTY5Mg%3D%3D
x-proxy-origin: 37.58.58.243; 37.58.58.243; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7667 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b978d152a0760860b9a395d27e157cd759c65b9d16ccc14ac3196b5f9408408

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 65EC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 916eb08aa5dc2e4f079809bf62c8b531f00554d21887adf50cb8e2b98aa35baf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C599 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e67bfc700d947ae64c1448fdbfd33265cc781a238e8acc50fc75a173cebdfec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DC29 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6da6237448cb942233acbada908f5b991a7b4c18f67ced25cfa026ddfe2fc49b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B34B 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 246e35d1e57b779eef9b5744218f98a657d9f0af88100f8a5a38ad6becea45c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 16A9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82ada0822108102cf4a8afe853a6f5aeec809ddaee4124bcdb0d002fbd6b5136

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 34E2 113 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 34E2 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 04:01:10 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 7667 369 KB
125 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

112bb681234141e5f854f4ae270f28aba94b759a5857619909ef8ede7181d421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128224
x-xss-protection: 0
server: cafe
etag: 66596132229523247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame B34B 369 KB
125 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a118d9a4f5169f116b5a9422cce317486ebeff56720f673d7b17d8eabc906fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128224
x-xss-protection: 0
server: cafe
etag: 9486403252711047505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 65EC 369 KB
125 KB 180ms
180ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1386b2ab1c9c13cded489bfcac971bbb256faad3a1c932417bdb1d97c12592a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128221
x-xss-protection: 0
server: cafe
etag: 601800162136775834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame C599 369 KB
125 KB 161ms
160ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f4d4226fe6d916332761bda48da30a0559249e3569bb2925c64130eb60ab113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128224
x-xss-protection: 0
server: cafe
etag: 6825642942581905090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame DC29 369 KB
125 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2186101008500724&plah=www.info1.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2186101008500724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

142252e852102a3fd4101068648214523ae9d4939298d76343947c3a1193273f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128222
x-xss-protection: 0
server: cafe
etag: 777253169573504319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 027E 0
20 B 102ms
102ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5477873685501&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 027E 0
20 B 102ms
102ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5477873685501&version=m202307240101&ct=119&x=1&cor=10671541165487930000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 027E 88 KB
37 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBo-CHQKf95CrqDgGXGX9f3-nu-wGubNknCv3BXp1uLDhBKJ43KFd59g821vw0xzBsS9-nNBIhNEmDIaEmhfK2mLtjepB-NY5izee0hPC9tueJ2K03kUBx0NAXCcg1B1s3MKMSmCzpXtYLr7HVWGda10FEgOJsWFNp_AqjPwESdcM3NS0&cry=1&dbm_d=AKAmf-CdmR9x1RQawJSG6cah0rQMitYJ7wofXhFd2B43I5WxErKRqmao1dvc_uDiiRHBxZzE_3cyHXEb4__8iaeA9KkxSiLJgVOkLwa2HaDNqMJFARIYb7ZucHwCpPL_UAYuL4dJA7gIaJ51aIYdh47zH6C672Nr8JW23mUOITcWg3_mBcCc0nDqH17rAsxNwLnVmiZox0dPBljJCCLbVjEGZdNOTa0TVdjHuhhJEZC1VU_xbzOGsy0KkT3XCUPy_fEDOIi20fxJWjBlzmNT8YuPuLittQqnL6Isi4kmmAwej0pMcmo0ReFx5r8qTr_oFgsKRQhAC_PBr-3ts_4sGeqaSqnESprGjLYWfQTZJho2g2-6kDR0B0vU7NTU0tsFGMXeDZ-A-9irHuP4R_JmcVagh-W3hdx8SGWdgbACXWhXajLKLJN4IRueMaBkP38tkRRXKlAE8HKnibLWY9aWM1jaWKdxa3DwHYpYgHSsb3AD5DtKoEr4hsk1URN3DH-pOCtfoOJH-IlhOJy2XFJ9XgUSRfF5gzoz9M4n4QdFPuWjoC8A4uqLFMXy2gQsJlg6xE1gA_WdP52j2gJDVjHxwWcdK6PajNXUCATIKgHcrdro2y2xKQcDXGU1Mt_xp5M8tg2D901u70sWL_BDWUbDMM7H9YdQ57fZ8UlRGjQz3vgi79qD3n257tiGp0kERYYq7tmfIaMKx5SGTeg64J1Aa3BeHqgYHlZyfzci7eE0cJKhFJKnbS8OJRi6y2YWKDH0PcIWFSt4kSmiCxfIPlEBeeJEAPLwSEn4PiGcTtJBE7wU6BRmto5il77nc5MXLw39tMHf2ub-V5fnPs36eZyJW0uVI-2riw9jMOXg75OOBEVd8SF2I50pEjHdOTdCKAXGArazaAE3wSeeV3E6xtkie1Z3d4jcQROuliGG0dRwMkpE0KSRymrgrpt6vna5_yfsBBE_Z1g1qCKIZ2cT7VXkVFdGH9XiMkqRjuE-7fKih861e80M4Q0aHI9pkO-WVmqchQqZQBXFj7OBRSIcRflkizgYkTOQTtICJjXYUCoVJeXTclGxfgNdYaJ5QcwXtYr0Nbzv0ADvUO9w3flIe5Tyfr2wDC0NkD26L3eZgLjMc2jakUgTodsrknRnvZplVrfgLeQEM8j-hvkK7kwWij9Rti0RfrDCK1iZAEEadqW6hwv0rY_9qnm_ncb7dSqaXezO9SPgDeF2JwRRNRUr5Ed5MT4_MnfP31PpsgKdG12oR70eI25ZE5b8TqqLj9jA3Q-5VmL6CoQxuiULKI7ZDWX9elZu7v8rjORX1FVx4he5dclTGo4tEL3DO6V7R_gFWGTkPtzk3GSNlXdjm5gxFlhtjSEbK3XtDQ1SWCOKC8IUx7qOLh7Fq2FBnFexrri-HYu-qNmTU96J58o5QRRWRnCZfw-2eHhnN1ZWsnrjBdjf6yPktTvbiDkUhlsysy5XcHpP9uQ9PmMlHzKVIQ-4FIFFiRNd3qTganGwrm31EkpKFEUtLFhcwESwjWWUqD5OpHPZcD_BDOgvq_9tUsmsOhhk3SDkh07ODjooXW-0O1nwWgg0pmh4IIfVjH9B3aPTAUXMr4z9Pnc4QDH0xipdh3XSFYFLL_q7GF-3QRLrbP6odAOtSmzUpCbmyMsuo_WjHPo5L1ZHAMmFcNyoBiP7PuQmitVryskqX9IUuluBSr51wY5lzA0959XHxYptBMm--2WFkZIIkVZjPpxI3R0pC75v7xAAZGFcfWGI3Tgdgc6nYX_LAoDDgXUshDbH2ruxXS9YCHWxleMBaKvgJyD_xOcXJmJTNa2cqMGW8tkb-dJdIiyLU7XvORG5TWZe8mCKMmaa3JKkdnyefrWYckcl69RbD0rHZ9OO9iuNAaDkK6AmwpB5-eNJXe3hZPTAclyDXDjiIbu9xT6H2A7Vmp34uoO2RE042H_4SuwQmeMyEZaIB8MBM9sd6jDzdyoOBPQst9JXdvkdCPFCJBE9ko-xk6iey2XhvH3pdsjmevWnGQA9btGzmRSeMvtVsdJNFASFcf0F542AuAx1b29io7GAcVWecwkeAhdBWrmhCHfZtLq9AEIH0BVVd2DTNb6LSk8Pp5OBGnpAZEyiUPkiQJHxms4PIAiivY2kYJ-fjy1w0JrnpLYlofARe_UzjQd27nXduvuEuEOtWvgEemDKWziKbpL4j3a7ihF8-QtN7-7RScIs6ywlVO0ivxgC5PqleWRjl7J3RlBaE8mRyOpBC6CvT35PEAK_VDs4sdPUXt44CXnzYukqbdPq7FBM3Ay0IHbxxjGqn2vCBvX-cJEHHy4VhenQ6BsGE95-NGFnYoLLMhVHrCorMCvxDNlNzTeJ0DsDrtRrQfRhSnqutslKd11vNEIvINGL0_s8iCVSBSoMk2dDzhEUZTNY9qHhzFLGOkEvEY0YAXJQY96miTJjo20y4xJ2UTP2X-u7OWN0scDp2f4ieFQfCpWchjizuxSTUDstIB6fmwvF8mUr4egtfk4hK0o5AhJwSy-JJgTyl_Akf0TUghYAcAcm_FmOPVZDg7fBt07nTBR7Vle1Yh-AETYGJG7sEK7A_eb0RK0icV_ihKUgyCjSgUo59NyGjz_5AMkbhhs_J4KfIAtGHTbHYXj9yYVV1GSHfjuRZ2lYHteTtAhPZJhu_sUGgXQ9LV5GS2TJgh-3g-WUtWJvKlD2oPA7L0HAK_mez1w1675HtRrb4YCmR8XBeYBIG4hQMvg7u57XhBuW5Dj4WCcgstnH51cQnFns7sPUDubEEct_H5VSavbRQZ8-j-mWnA6VuyeijOcJZ_lep7jRTxF_P7_OnZ9n84KmZ-KYzpS8KJMT29NvuVD1LiIP7qkIgi8Sn95XJAAnC4zzaDzPOc9zDEwG_r0TI6IuQ0woGCMpjBGPOgkRGLpG6nyFoC8jFGiltJLuq336J6z4OVO1SXyxOFswSP-YZjdPmHkomHrr3h_GvxQVg8T122J2fxdDEiy9cPnQUCsgMcyKB68C7ybI5TGQhvlBWoqwyo-d7YXOIMedFOlBED99IwmCeNT8hDCDSr4aF06ldCvroTBsm_19z65-jlWt2vzgwIC-llogQUwogSsmSMytEXVLiFj6h9qIj3odvXLj1t7Tp8J0E0XWXHmHlvoKB1u1ztSJjpaaFYJWpyJZwfe1Sa9Lhsm_B6qjtTLnknS8GuOJxFBgFzGlctt415cgoHj0VbkkKojPvy56IpWrYAD-x5KL5yMuQpzTMUib59b9nVe_YKz1WTxE67eNBKW1ls5CLQrF30h4zBzW3e4hK4FLdfPhHeVJ-fDzyQTEd-4xFaK2XnJr5wd7BipeR7frvh5ARMPV9ALjVfhRX-dlHMRf-ZT8iq6YttsClTBy8mQz-UoN9i5B9tVaq3nOjFFaHHdnXRe2AGpu0oo8fcUSq8Pcxsl6cUVoexwab8-fgkWEgP8jGE82xaqPKBqGfPyHOaMcq9sVDSOsJt4SIgTQ13muXjIl7JI_NCBCR8YrN5m5JQtT262A5ZWvGRWFYJ1JCtFYsNx0ffOGCoFL1Zw2zhKT3nq-60gtEjsR2Q6HQ0zaVKlyPjK4mRdqzmuniCuoi__Zbl-xVnrYoSL7_TYuZRfRzx_BfVzzEmqb0-5Zicwla5Fkl2y6bJDG5qLgta2x7xbBzZEZ40TNewhkC4fzrqEhmVmi1sHkQFEzx7gEHx8W__ZxepKwWSRf_7lX8O5o9BsmY0us5BsM83uxBsKvmBuq3QHZC0aohgtg8CW6Td-XCuColTXIFPdAKN4zX6fCg_XwH630rx5jQmIUo3FMfjZ5FIMT4-5ZQpy61G6r0tPHbJXz3u0SLOgyYta6sFoJrNCpbjCHcefQS9e63f32zB5CwGQiNuj1bj3zlubjIZzjH1wNgtxipUZNAf9rXkHbffbrrvtjgepAj-45e1Adyjx5PbJFDYejlD8fIAHIbnqMQQpGDcr1mKiZlJpbD5HCHSsHf8RHBp7GFgLTtQ&cid=CAQSTQBpAlJWf-um0AK8b8_YzbUDuhrs2uX1DPsouFTAm36Exagou9F6zG0sCPZJWwpDJj92zZMm1P75oHKOvT8q0ti8NX9h0y6ufaXm_nR5GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.info1.id%2F&ds=l&xdt=1&iif=1&cor=10671541165487930000&adk=943508955&idt=126&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe7d9760a5045d82ae0528b24cca3b12afa113aa4f45a646860de34602fda66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37717
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 0E9B 28 KB
28 KB 17ms
17ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8108962845122_11XMZ96Q289WFXN61H&pid=21.2&c=16&roil=0&roit=0.1074&roir=1&roib=0.8926&w=379&h=198&qlt=90
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e57f111ad62749c678dce320c872bc26699c23319fc809c2d5bbe496a4d69b4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1692178717.1844ed57
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 28693
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 0E9B 0
646 B 62ms
15ms Script
text/html 185.89.210.20

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&e=wqT_3QLeBOheAgAAAwDWAAUBCJyy8qYGEPSfrILOoP6WHRgAKjYJQOP-YcckoT8R_h6yjx2hoD8ZAAAAwMzM9D8h_g0SACkRJNAxAAAA4FG4rj8wnLOaBDi1AUC1XkjjA1C6iYq2AVjx0j9gAGjcAXia9AWAAQGKAQNVU0SSAQEG8IuYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAouBNeoCkwFodHRwczovL3d3dy5pbmZvMS5pZC90ZWtuby8xMDExOTgxMDY4OS9naWxpcmFuLXNla3Rvci10YW1iYW5nLWZyZWVwb3J0LWRpaGFqYXItaGFja2VyLXNlcmFuZwEw8LBpYmVyLXJhbnNvbXdhcmUtYnVhdC1zaXN0ZW0tZ2FuZ2d1YW4tYmVya2VwYW5qYW5nYW6AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFvJu0tselrtMxwAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF6-kc-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5r0BdIHDQkRKAEmCNoHBgFegBgA4AcA6gcCCADwB6OHA4oIAhAAlQgAAIA_mAgBwAjwBg..&s=73fca84824c5c5b8c40eab8dc4ce3aba7e42c9fe&bdref=https%3A%2F%2Fwww.info1.id%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.info1.id%2F,https%3A%2F%2Fdb6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fdb6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
an-x-request-uuid: 796e3ac0-90fa-4d86-a009-a1d7edf33507
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.243; 37.58.58.243; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CC2 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:34:23 GMT

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 327 B
461 B 341ms
9ms XHR
text/plain 2606:4700::6810:7b60

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.87/screen.js?v=v5-1.9.87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7b60 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

25a033c36abab544d94690a883825f67c5782cab3e41a4e34fcbe047fb6e3d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7f78b498de0318c5-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 loader.json Show response
dvr.impactify.media/64AD7A91D2091-UID.info1.id/ 4 KB
2 KB 379ms
46ms XHR
application/json 2a02:6ea0:c700::11

General

Check archive.org

Show headers Download Go to

Full URL: https://dvr.impactify.media/64AD7A91D2091-UID.info1.id/loader.json?v=v5-1.9.87
Requested by: Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.87/screen.js?v=v5-1.9.87
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ebcd7712536c71c87291b5e390c1742ef284fb399be65bd0a9b30a0a6b8aaf5d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.info1.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-amz-request-id: 1GTX04V25RV9CPYV
x-amz-server-side-encryption: AES256
x-cache: MISS
x-77-cache: MISS
x-amz-id-2: Jj6vMEoGpEVUxV87WRtfND8ppSDzrM5nAkbF7uzRBs8NhrgQ0m0N/PfZxTu2+rbRS+7LEgCwbSA=
x-77-nzt: AcO1ryfVzySh
last-modified: Thu, 13 Jul 2023 19:01:06 GMT
server: CDN77-Turbo
etag: W/"885c90c080873a1316b0a2bafd07ea0c"
x-77-nzt-ray: 25b02131f00b3ed21d99dc641ae26a22
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-language: en
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: public, max-age=300

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 16A9 12 B
53 B 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.info1.id&callback=_gfp_s_&client=ca-pub-2186101008500724&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FB5 0
16 B 257ms
244ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=3279755405&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178716824&bpp=3&bdt=312&idt=426&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=8223377&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=527224211&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076839%2C31076875%2C31077148%2C44799569&oid=2&pvsid=1066548811513919&tmod=1267509387&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.w1lx77gyrlvx&fsb=1&dtd=455

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16A9 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E593 42 B
64 B 116ms
116ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFoFDxuFh-oEHPjcw6Hw1TnxMAdLMXclBBT6_80wiz_YTZZyYq2GjAU2HUfnxGu-X38qIuNdjg8na4v8eVlZqe3B1JPm4Ep01WjgyZXUZJ_IOKgFKbJp08fPy34brYA6vau6vSa4MdG-y2&sai=AMfl-YTFCn5dnFzcTB0JTjbuE25cqVTjjZwzEfz61SiVuUUK7JE1sEjTmlh2QWktqBzYPqkOyAPhomjuS4OObIfbOq7td1oeS1LmEm91sVg9LQsAsrao5wlVWUQxSLE&sig=Cg0ArKJSzJOSHOoAUfBCEAE&cid=CAQSOwBpAlJWmIAp2JKYi5iYcem1UQja9SRqX-g9gR8sfRraljm-RTSxFb1wQ5Wr_aC1A-QptRGojPRnFPHnGAE&id=lidar2&mcvt=1084&p=0,0,50,320&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4060620440&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692178715497&rpt=694&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D97 436 B
235 B 192ms
181ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=90&slotname=4993351895&adk=130625548&adf=3173046724&pi=t.ma~as.4993351895&w=728&lmt=1692171517&format=728x90&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178716828&bpp=1&bdt=315&idt=474&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=8223377&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=169&biw=1600&bih=1200&isw=728&ish=90&ifk=527224211&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076839%2C31076875%2C31077148%2C44799569&oid=2&pvsid=1066548811513919&tmod=1267509387&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.h17f2nitbfyh&fsb=1&dtd=490

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2a71ff6e2220fda4d1d402034f0e2cf8497cf03bb423d904810d203ee818959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5C1 0
0 46ms
45ms Fetch
image/gif 142.250.186.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQCjvhxYOcO2sQhMZ3pgbqYyyeVECHB_1t5CXjvhIFmmgmQoz4G27R_Uq54BQxd28Ijmtf56hkRDVjJ1PRxbuKczWD-hvmsbwlMUlxA8SvZyCSpglbqNeTq9Jtw4ptr-RUZ_Z12L_Fik8IzbnxMKU0wwOCMdBq1s9QEAdA6fuPJCNTfb2BkUCzC6jVCYr5crXubIAL1Zwa3UuVGWPjq7nNhIMvxTeH83-9q7qIbBtRk6Kb58Zhpaa1FPE0gpL-YSAXMW9XnJJszqIAvLQCCbEWxyX_FQnX3_yaGCw4f5lIId6VYLGTKN1EyZcBoedrkjhV5oa8etSYI8zx5BibNOp0v8inIyTBaNFXJ0K4HEIkQUXN72oSEYyfKy7-KAEOKNHiwOEA1otLP5RrFDFdCaw9dCauo_2G4SvtKofCdV9psZP5cQIfgVjMi5TyOyfZH09HeLGwsGhd9JxPr0mvOxNt4qadbzSOwRN8r68KQzeVm2FDbKUr-xCbJDsvuE0iuHk8Xzhd9-4-aHOtddVcpy4-HTjqWrp38n4ORXb5J7gE7NSoAX5ydc2Bira_I3fpbC4LFDgzuTQ2ZrLrWo5UCECZqK2cBF2Y4F6py4Qf9-TpHZlDjnLfdYfW6PrNuMt65HJEs-6LOkreU6LzSJzWf5X8okjDckPukXPhcIo4dlJhnxXvZbGx40FTPY5-CLV_CcAXU87kt3u5N3FtbZvzawFXyfO2_LbDsHXCkyDSzYPg928HBDpZ57PFoy7nwwxePrkwsoa2Wd0fsmuHseL6e3jwoYdEltIojz8QB3baQ7MtRJYYtK9j92ceqVLqjT3tRp0M253eCcUTdnczlHA_Ny1hkCOsibxf6SeV5wK5NjaWuQ_iz3AMjDeKgECo3ul7rG5wPEC4F1mCSYxKIhdR6_MEv11Ihmedlg538fKMcNtpBGNtky9B6-jLTgbXDJvF-r_MSyUw2fu6pMvOIZiPkE_4YZ_GiOnrk2x8e1LqM4pyAO-xxdoisx1-S3UiOR_WSdkuprJSyKerTlqdkpFAd2O4gHbhiRTbNAoXdZFhKyU7pVtt34RWexvt4kC7oZbYsHJatMUQVzLiptNlKF6MVMlv1L409N8cHcIHN7YoVx5XENwNgD_664c1gSHKDFWNCPDR0DaEw393s8p1tyq7DrwqLGr8kTM-2QE0LdsTfcng0qqDHMHHHGD1sFBbCrG0jhjS9BPmEyjH55gFJFLBSPs82kQHdUzSZuGolBxadjlO3cPnW_pOc7RwWTGmNuVOPkGMS3GDJW8RPeCaos4wTzgvheehY_sQL_wWgwt-8tJOQlA39LBWELLt6w&sai=AMfl-YQras8JpfcYp4z-mP8JcW8TbsYe9SqvnyM_HKES6zqu9axFIM-bton8aAodHJlHNtSaNilmRgzz4vwLovQnwT1odhygErBCI6YaQ_UgsMGOpO_t41t3F6S0Hw0dC5GHgbuSjXgC7hx1AQ5o8FbG8m8eO4_uzsZa0XNoWehEXjg205lnbuPUSMMvILNkTZPgHA5vnudhJgEoUWIWLj17MTfXUkmJHY7eawACSwCfajLC51KdrX6LEZaauS1V1-2qzA-aR2NTJ7JaxzIBpXKbSjjy0JsT7HxzKvW1k7ZXhDj9XLqyrYAa_-Y9XIQA&sig=Cg0ArKJSzIdhGxTsKc8hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=886&vt=11&dtpt=527&dett=3&cstd=342&cisv=r20230810.25388&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 027E 111 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Origin: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 027E 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBo-CHQKf95CrqDgGXGX9f3-nu-wGubNknCv3BXp1uLDhBKJ43KFd59g821vw0xzBsS9-nNBIhNEmDIaEmhfK2mLtjepB-NY5izee0hPC9tueJ2K03kUBx0NAXCcg1B1s3MKMSmCzpXtYLr7HVWGda10FEgOJsWFNp_AqjPwESdcM3NS0&cry=1&dbm_d=AKAmf-CdmR9x1RQawJSG6cah0rQMitYJ7wofXhFd2B43I5WxErKRqmao1dvc_uDiiRHBxZzE_3cyHXEb4__8iaeA9KkxSiLJgVOkLwa2HaDNqMJFARIYb7ZucHwCpPL_UAYuL4dJA7gIaJ51aIYdh47zH6C672Nr8JW23mUOITcWg3_mBcCc0nDqH17rAsxNwLnVmiZox0dPBljJCCLbVjEGZdNOTa0TVdjHuhhJEZC1VU_xbzOGsy0KkT3XCUPy_fEDOIi20fxJWjBlzmNT8YuPuLittQqnL6Isi4kmmAwej0pMcmo0ReFx5r8qTr_oFgsKRQhAC_PBr-3ts_4sGeqaSqnESprGjLYWfQTZJho2g2-6kDR0B0vU7NTU0tsFGMXeDZ-A-9irHuP4R_JmcVagh-W3hdx8SGWdgbACXWhXajLKLJN4IRueMaBkP38tkRRXKlAE8HKnibLWY9aWM1jaWKdxa3DwHYpYgHSsb3AD5DtKoEr4hsk1URN3DH-pOCtfoOJH-IlhOJy2XFJ9XgUSRfF5gzoz9M4n4QdFPuWjoC8A4uqLFMXy2gQsJlg6xE1gA_WdP52j2gJDVjHxwWcdK6PajNXUCATIKgHcrdro2y2xKQcDXGU1Mt_xp5M8tg2D901u70sWL_BDWUbDMM7H9YdQ57fZ8UlRGjQz3vgi79qD3n257tiGp0kERYYq7tmfIaMKx5SGTeg64J1Aa3BeHqgYHlZyfzci7eE0cJKhFJKnbS8OJRi6y2YWKDH0PcIWFSt4kSmiCxfIPlEBeeJEAPLwSEn4PiGcTtJBE7wU6BRmto5il77nc5MXLw39tMHf2ub-V5fnPs36eZyJW0uVI-2riw9jMOXg75OOBEVd8SF2I50pEjHdOTdCKAXGArazaAE3wSeeV3E6xtkie1Z3d4jcQROuliGG0dRwMkpE0KSRymrgrpt6vna5_yfsBBE_Z1g1qCKIZ2cT7VXkVFdGH9XiMkqRjuE-7fKih861e80M4Q0aHI9pkO-WVmqchQqZQBXFj7OBRSIcRflkizgYkTOQTtICJjXYUCoVJeXTclGxfgNdYaJ5QcwXtYr0Nbzv0ADvUO9w3flIe5Tyfr2wDC0NkD26L3eZgLjMc2jakUgTodsrknRnvZplVrfgLeQEM8j-hvkK7kwWij9Rti0RfrDCK1iZAEEadqW6hwv0rY_9qnm_ncb7dSqaXezO9SPgDeF2JwRRNRUr5Ed5MT4_MnfP31PpsgKdG12oR70eI25ZE5b8TqqLj9jA3Q-5VmL6CoQxuiULKI7ZDWX9elZu7v8rjORX1FVx4he5dclTGo4tEL3DO6V7R_gFWGTkPtzk3GSNlXdjm5gxFlhtjSEbK3XtDQ1SWCOKC8IUx7qOLh7Fq2FBnFexrri-HYu-qNmTU96J58o5QRRWRnCZfw-2eHhnN1ZWsnrjBdjf6yPktTvbiDkUhlsysy5XcHpP9uQ9PmMlHzKVIQ-4FIFFiRNd3qTganGwrm31EkpKFEUtLFhcwESwjWWUqD5OpHPZcD_BDOgvq_9tUsmsOhhk3SDkh07ODjooXW-0O1nwWgg0pmh4IIfVjH9B3aPTAUXMr4z9Pnc4QDH0xipdh3XSFYFLL_q7GF-3QRLrbP6odAOtSmzUpCbmyMsuo_WjHPo5L1ZHAMmFcNyoBiP7PuQmitVryskqX9IUuluBSr51wY5lzA0959XHxYptBMm--2WFkZIIkVZjPpxI3R0pC75v7xAAZGFcfWGI3Tgdgc6nYX_LAoDDgXUshDbH2ruxXS9YCHWxleMBaKvgJyD_xOcXJmJTNa2cqMGW8tkb-dJdIiyLU7XvORG5TWZe8mCKMmaa3JKkdnyefrWYckcl69RbD0rHZ9OO9iuNAaDkK6AmwpB5-eNJXe3hZPTAclyDXDjiIbu9xT6H2A7Vmp34uoO2RE042H_4SuwQmeMyEZaIB8MBM9sd6jDzdyoOBPQst9JXdvkdCPFCJBE9ko-xk6iey2XhvH3pdsjmevWnGQA9btGzmRSeMvtVsdJNFASFcf0F542AuAx1b29io7GAcVWecwkeAhdBWrmhCHfZtLq9AEIH0BVVd2DTNb6LSk8Pp5OBGnpAZEyiUPkiQJHxms4PIAiivY2kYJ-fjy1w0JrnpLYlofARe_UzjQd27nXduvuEuEOtWvgEemDKWziKbpL4j3a7ihF8-QtN7-7RScIs6ywlVO0ivxgC5PqleWRjl7J3RlBaE8mRyOpBC6CvT35PEAK_VDs4sdPUXt44CXnzYukqbdPq7FBM3Ay0IHbxxjGqn2vCBvX-cJEHHy4VhenQ6BsGE95-NGFnYoLLMhVHrCorMCvxDNlNzTeJ0DsDrtRrQfRhSnqutslKd11vNEIvINGL0_s8iCVSBSoMk2dDzhEUZTNY9qHhzFLGOkEvEY0YAXJQY96miTJjo20y4xJ2UTP2X-u7OWN0scDp2f4ieFQfCpWchjizuxSTUDstIB6fmwvF8mUr4egtfk4hK0o5AhJwSy-JJgTyl_Akf0TUghYAcAcm_FmOPVZDg7fBt07nTBR7Vle1Yh-AETYGJG7sEK7A_eb0RK0icV_ihKUgyCjSgUo59NyGjz_5AMkbhhs_J4KfIAtGHTbHYXj9yYVV1GSHfjuRZ2lYHteTtAhPZJhu_sUGgXQ9LV5GS2TJgh-3g-WUtWJvKlD2oPA7L0HAK_mez1w1675HtRrb4YCmR8XBeYBIG4hQMvg7u57XhBuW5Dj4WCcgstnH51cQnFns7sPUDubEEct_H5VSavbRQZ8-j-mWnA6VuyeijOcJZ_lep7jRTxF_P7_OnZ9n84KmZ-KYzpS8KJMT29NvuVD1LiIP7qkIgi8Sn95XJAAnC4zzaDzPOc9zDEwG_r0TI6IuQ0woGCMpjBGPOgkRGLpG6nyFoC8jFGiltJLuq336J6z4OVO1SXyxOFswSP-YZjdPmHkomHrr3h_GvxQVg8T122J2fxdDEiy9cPnQUCsgMcyKB68C7ybI5TGQhvlBWoqwyo-d7YXOIMedFOlBED99IwmCeNT8hDCDSr4aF06ldCvroTBsm_19z65-jlWt2vzgwIC-llogQUwogSsmSMytEXVLiFj6h9qIj3odvXLj1t7Tp8J0E0XWXHmHlvoKB1u1ztSJjpaaFYJWpyJZwfe1Sa9Lhsm_B6qjtTLnknS8GuOJxFBgFzGlctt415cgoHj0VbkkKojPvy56IpWrYAD-x5KL5yMuQpzTMUib59b9nVe_YKz1WTxE67eNBKW1ls5CLQrF30h4zBzW3e4hK4FLdfPhHeVJ-fDzyQTEd-4xFaK2XnJr5wd7BipeR7frvh5ARMPV9ALjVfhRX-dlHMRf-ZT8iq6YttsClTBy8mQz-UoN9i5B9tVaq3nOjFFaHHdnXRe2AGpu0oo8fcUSq8Pcxsl6cUVoexwab8-fgkWEgP8jGE82xaqPKBqGfPyHOaMcq9sVDSOsJt4SIgTQ13muXjIl7JI_NCBCR8YrN5m5JQtT262A5ZWvGRWFYJ1JCtFYsNx0ffOGCoFL1Zw2zhKT3nq-60gtEjsR2Q6HQ0zaVKlyPjK4mRdqzmuniCuoi__Zbl-xVnrYoSL7_TYuZRfRzx_BfVzzEmqb0-5Zicwla5Fkl2y6bJDG5qLgta2x7xbBzZEZ40TNewhkC4fzrqEhmVmi1sHkQFEzx7gEHx8W__ZxepKwWSRf_7lX8O5o9BsmY0us5BsM83uxBsKvmBuq3QHZC0aohgtg8CW6Td-XCuColTXIFPdAKN4zX6fCg_XwH630rx5jQmIUo3FMfjZ5FIMT4-5ZQpy61G6r0tPHbJXz3u0SLOgyYta6sFoJrNCpbjCHcefQS9e63f32zB5CwGQiNuj1bj3zlubjIZzjH1wNgtxipUZNAf9rXkHbffbrrvtjgepAj-45e1Adyjx5PbJFDYejlD8fIAHIbnqMQQpGDcr1mKiZlJpbD5HCHSsHf8RHBp7GFgLTtQ&cid=CAQSTQBpAlJWf-um0AK8b8_YzbUDuhrs2uX1DPsouFTAm36Exagou9F6zG0sCPZJWwpDJj92zZMm1P75oHKOvT8q0ti8NX9h0y6ufaXm_nR5GAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.info1.id%2F&ds=l&xdt=1&iif=1&cor=10671541165487930000&adk=943508955&idt=126&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 027E 30 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 02:41:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 027E 41 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 03:20:51 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7667 12 B
53 B 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7667 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90F3 0
16 B 247ms
237ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=3279755404&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717024&bpp=4&bdt=500&idt=326&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.9z70gntzimfa&fsb=1&dtd=353

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E6B5 1 KB
644 B 16ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AEAF 1 KB
644 B 15ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 027E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7a0b5159c6d30c6dd75fd78217698d1cab2ca04e24ca904b3a4e39f89e0458d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2EE 102 KB
40 KB 487ms
481ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9f44bdfc78d8ae7f41eecc31873f66d73c5ef0e5f52e4d75c0a5a2594206be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40637
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 0E9B 0
696 B 16ms
15ms Ping
text/html 185.89.210.20

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&e=wqT_3QLiB-jiAwAAAwDWAAUBCJyy8qYGEPSfrILOoP6WHRgAKjYJQOP-YcckoT8R_h6yjx2hoD8ZAAAAwMzM9D8h_g0SACkRJNAxAAAA4FG4rj8wnLOaBDi1AUC1XkjjA1C6iYq2AVjx0j9gAGjcAXia9AWAAQGKAQNVU0SSAQEG8IuYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAouBNeoCkwFodHRwczovL3d3dy5pbmZvMS5pZC90ZWtuby8xMDExOTgxMDY4OS9naWxpcmFuLXNla3Rvci10YW1iYW5nLWZyZWVwb3J0LWRpaGFqYXItaGFja2VyLXNlcmFuZwEw8ElpYmVyLXJhbnNvbXdhcmUtYnVhdC1zaXN0ZW0tZ2FuZ2d1YW4tYmVya2VwYW5qYW5nYW6AAwCIAwGQAwCYAwmgAwGqA4MDCpkCaB2p8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMGRkOGUzYy01MTUyLTRmMTQtYmQwZi1lYmU4ODRlZGZiZWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBhjloAuHJ0eXBlPW51cmwmdGFnSWQ9ODgyMTE0OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjEwMjYxMDQwMDM5MDA5MDc0MCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemt3TWpjMk1EUTJPRGcyTXpBak1qTXpNRGd5TnpJeE1qTXlOalE0Tmc9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAW8m7S2x6Wu0zHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXr6Rz6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAea9AXSBw0JLiYADNoHBggJL3QHAOoHAggA8AejhwOKCAIQAJUIAACAP5gIAcAI8AY.&s=7d222b2097ee0ca390af0333cafa4d6c26ab3750&type=nv&nvt=5&jm=1003&px=0&py=0&bw=379&bh=198&sid=3658075841663209054&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=8821148&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
an-x-request-uuid: 2b45bb67-3907-4dbb-8d76-401dbbba3bf5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.243; 37.58.58.243; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B34B 12 B
53 B 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B34B 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31CE 0
16 B 247ms
244ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417936&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717041&bpp=3&bdt=477&idt=498&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=248365015&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=336&ish=280&ifk=2328354670&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077148%2C44799568&oid=2&pvsid=2931421315950464&tmod=677962373&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7344v9fh840j&btvi=1&fsb=1&dtd=526

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C599 12 B
53 B 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C599 0
20 B 103ms
101ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49C5 0
16 B 235ms
234ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417942&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717079&bpp=3&bdt=534&idt=496&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1302533990&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3914621714&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076876%2C31077148%2C44799580&oid=2&pvsid=939394294714835&tmod=366698208&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vo6zffaq9z6x&btvi=1&fsb=1&dtd=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 65EC 12 B
53 B 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 65EC 0
20 B 102ms
101ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A61 0
16 B 198ms
198ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417943&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717057&bpp=3&bdt=503&idt=550&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.a6kfwbo1i1xc&btvi=1&fsb=1&dtd=575

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DC29 12 B
53 B 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC29 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADFC 0
16 B 203ms
202ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&adk=1812271804&adf=2751417937&lmt=1692171517&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717146&bpp=4&bdt=571&idt=515&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1999083557&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=728&ish=90&ifk=4214105617&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076875%2C31077148%2C44796700%2C44799578&oid=2&pvsid=2368382861799147&tmod=1856178442&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.7y4kdj22dzgs&fsb=1&dtd=541

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 38EF 37 KB
16 KB 558ms
557ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=250&slotname=6042391179&adk=3106419642&adf=776186312&pi=t.ma~as.6042391179&w=300&fwrn=3&lmt=1692171517&format=300x250&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717083&bpp=1&bdt=538&idt=626&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1302533990&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=2156&biw=1600&bih=1200&isw=300&ish=250&ifk=3914621714&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076876%2C31077148%2C44799580&oid=2&pvsid=939394294714835&tmod=366698208&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.x3u8ee2jxlmd&btvi=2&fsb=1&dtd=631

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15867
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10C2 111 KB
40 KB 475ms
475ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=280&slotname=1960828592&adk=2612915540&adf=776186319&pi=t.ma~as.1960828592&w=336&fwrn=3&lmt=1692171517&format=336x280&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717060&bpp=1&bdt=506&idt=674&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1846&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.g22coaocw70c&btvi=2&fsb=1&dtd=681

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e57f857af905eef60b0e392833811c012a2260fc1d0b3f07e1dbeefa107b659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40947
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JDHHDGV2EQ&gtm=45je3890&_p=1873801765&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692178712&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=info1&ep.editor=Arif%20Rahman&ep.editor_id=13436&ep.penulis=Arif%20Rahman&ep.penulis_id=13436&ep.publish_date=2023-08-14%2015%3A02%3A59&ep.source=&ep.article_views=1&ep.id=9810689&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JDHHDGV2EQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 34E2 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:44:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 34E2 7 KB
6 KB 53ms
53ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fedd41cb3f3a94d171ab879ab8fe83ad84c6a4ed060d3a00ec7e1dc9f92f861f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5763
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame B825 38 KB
0 695ms
694ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=90&slotname=4993351895&adk=130625548&adf=776186317&pi=t.ma~as.4993351895&w=728&lmt=1692171517&format=728x90&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717150&bpp=1&bdt=576&idt=606&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1999083557&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1156&biw=1600&bih=1200&isw=728&ish=90&ifk=4214105617&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076875%2C31077148%2C44796700%2C44799578&oid=2&pvsid=2368382861799147&tmod=1856178442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xktn2j2aca7k&fsb=1&dtd=615

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XHS8W3S0QP&gtm=45je3890&_p=1873801765&cid=32317744.1692178712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692178712&sct=1&seg=0&dl=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&dt=Giliran%20Sektor%20Tambang%2C%20Freeport%20Dihajar%20Hacker%2C%20Serangan%20Siber%20Ransomware%20Buat%20Sistem%20Gangguan%20Berkepanjangan%20-%20Info%201&en=promedia&ep.editor=Arif%20Rahman&ep.editor_id=13436&ep.penulis=Arif%20Rahman&ep.penulis_id=13436&ep.publish_date=2023-08-14%2015%3A02%3A59&ep.source=&ep.article_views=1&ep.id=9810689&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHS8W3S0QP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.info1.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E6B5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39q...

43 B
432 B

185ms
168ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f78b49c0eca1cab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1225
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBaGWJETH00ipue12Tg0BSC_LAlk341cwa0fSw7l3vXgM-I1fg720hQlboxEiYifpHaIPBo514TCY7-kbNttnTGOWJ39qX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f78b49aabc91cab-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6B5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGDQIuw4ATABvcul_7z-Rp8&google_cver=1&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgooO6vxhuF_tVUuM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgoo...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgooO6vxhuF_tVUuM

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 09:38:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801A8F0AE1CB419A8C908D68BA61F4D0&google_push=AXcoOmRvlQkop1Yk_Ebsh0Mz1SaLhiqKrvpBYHhM9cso71Hy1KwF497Ly_-eGeMKS6wyKT2OUWDRGYonK_cIgooO6vxhuF_tVUuM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 15 Aug 2023 09:38:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6B5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaD...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU3MTY1NTEzMjg4NDY2NzAzNg&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzY...

170 B
188 B

22ms
21ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU3MTY1NTEzMjg4NDY2NzAzNg&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQaBK9ZqNci05JCJnXXTVs

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU3MTY1NTEzMjg4NDY2NzAzNg&google_push=AXcoOmReNykZIstqGCAemLMBWSflY4lnPE1_NDPgEHoq-zrcO00PaWEg6DKc1oDIN2k-dG0eZaDEzYQaBK9ZqNci05JCJnXXTVs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6B5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5A...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5...

170 B
188 B

17ms
14ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd5pJh4

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmRkYoegWPgGsuVJuuigKe5sgTyCelJOnL86OYKVqud2zlr5yIJGnvw0wCPlVgTT-BqyBtVADQVvH2SIoN5Ay3IWzd5pJh4
access-control-allow-origin: *
date: Wed, 16 Aug 2023 09:38:38 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E6B5 0
45 B 145ms
13ms Image
text/plain 89.149.192.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAONSfsWSKMs7k5YD_2JwJw&google_cver=1&google_push=AXcoOmRUYEnQGimXF_zKNkLQEVEytdZshpWuBbuvAt3qEm0l1KNaWSVWqlX5U-eJvfcte-VBhSAElFZzOnTw8TgijRGuBJMryUQ
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.197 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame E6B5 0
38 B 13ms
11ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF4ItWbUBR3-SjNeCpZ6XLo&google_cver=1&google_push=AXcoOmRvGIGBlLgCcVG3t9ifItmy07r-IyhwQ_9kdr_OWxD_P6YQxBUBbvfI4KReqUR7UnbnTHoH9jJm_95vJIJFKYg7pTZ1TmqctQ

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame E6B5 43 B
146 B 197ms
7ms Image
image/gif 3.67.123.166

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMP3-dOm2ESJcP4gRsbN7zs&google_cver=1&google_push=AXcoOmSuCY5xPlPXU8tbbwlyidtLXC4fghFDLvRbtKsuOxJz_weDR4b3us7uJ1-vY2LZSvhmahDrpm8dOEfq7pG-Eo2ai1ZzKmsLIQ
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E6B5 0
12 B 17ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8OpvsZd87cPy1FmZJFxBKNvsCF8Ufn7_wDXBqf9yR53kBFuj4gKW2osaAqv2MQtoR0Ms8OTY

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOFk7HzgxVUJ3dL0O4lHdH0&google_cver=1&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y87AoVjKRbigNXCy8s4CHw2&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmBEGcoHyDCpLCSB3...

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y87AoVjKRbigNXCy8s4CHw2&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmBEGcoHyDCpLCSB3pB5_JlgCyOtxGceMbin96tyg9oETKPVeDxIZ7ZX7s

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 16 Aug 2023 09:38:37 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Y87AoVjKRbigNXCy8s4CHw2&google_push=AXcoOmQFsKL1DbwMVAVuCzPhDbY9afc1sZE2I2PvUMse5279nAnx8V4jp8oAQS8LvGZIX7yf3A2MJ_txuChY1jmBEGcoHyDCpLCSB3pB5_JlgCyOtxGceMbin96tyg9oETKPVeDxIZ7ZX7s
x-host: tde-deliveryengine-production-6ffbf575ff-jkf28
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame AEAF 43 B
145 B 194ms
8ms Image
image/gif 3.67.123.166

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGyjmvoUk8rKwF5UPVr_xCA&google_cver=1&google_push=AXcoOmTtGYRZHAuhxPqGLYVfD09KcbJ1HyPQZMe-osgVPwnlV_ZrYBed5x5jSrRluNKLLUgRD6_CtcN0JncvvgmJuFnfjvnN0XlEtEHx62475Zg1A0-u9Vx6uaVyVbuCb3_oR9O6gNnz9p8
Requested by: Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJc2j1LlIlXNvXgU0HpiKeE&google_cver=1&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaEx...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJc2j1LlIlXNvXgU0HpiKeE&google_cver=1&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQa...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5M...

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5MVCiQIOsLGF2y5CniASPgkCimQ5C3qKaAgSM-OGt8

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTg15HvqWtUuEeHzLBIlY3rEQqdm6BCckNRMZ5D6fgh2zRaCX0kSjjwJH36P_--H49aH8DUdizwcQYAH0aEMQRQaExjCWJ5i5MVCiQIOsLGF2y5CniASPgkCimQ5C3qKaAgSM-OGt8
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEImQ8C4q1oUJX912J_WiRPY&google_cver=1&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwNjgwMjYxNTEzMTk5MDgxOA&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcx...

170 B
188 B

20ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwNjgwMjYxNTEzMTk5MDgxOA&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHhl2qBAVhDrDa6vpSbGPXKZIU7_04ypOIS-PMNZDzdrBqAHw4jLhF0DiW0T2BxVB0

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwNjgwMjYxNTEzMTk5MDgxOA&google_push=AXcoOmTLsmGz3v7dA6f4lB45b2zSU79V3jjvD495TLI6hDeiKqrIXkOzIxnFupEggUIEk2mydMoPcxHhl2qBAVhDrDa6vpSbGPXKZIU7_04ypOIS-PMNZDzdrBqAHw4jLhF0DiW0T2BxVB0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jxryGJ9IQoKy-BcOpDM0bw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jxryGJ9IQoKy-BcOpDM0bw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaivoxnBypxvjWLhye_0XGiF9BYR1fZVNTJgqVvO2zWMK67qEGdxdo31GV0NyKqNnLEDzj--drilODW_1rfy86mSzvk07IqlMl_TkJJYSLKkDAOaxiSY-j86cKKyJkhFYDbTtkN3U

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jxryGJ9IQoKy-BcOpDM0bw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQaivoxnBypxvjWLhye_0XGiF9BYR1fZVNTJgqVvO2zWMK67qEGdxdo31GV0NyKqNnLEDzj--drilODW_1rfy86mSzvk07IqlMl_TkJJYSLKkDAOaxiSY-j86cKKyJkhFYDbTtkN3U
date: Wed, 16 Aug 2023 09:38:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENMJw4v3xn2VWXYWYGZD9NM&google_cver=1&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVzSGV8F6dlTCiBh7AKfWybU_DCI0sEKUga2OLF...

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVzSGV8F6dlTCiBh7AKfWybU_DCI0sEKUga2OLF9OVctvHfSxd_mpBrxDRHkA

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmScMoSyELnrhYskfHhJ5sWwrxWQTKQnhtYlA5mkGEZ5W20sY9yN3RrOkTmTTO7Ymjf0RQGJaHsEDYVzSGV8F6dlTCiBh7AKfWybU_DCI0sEKUga2OLF9OVctvHfSxd_mpBrxDRHkA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEAF
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEwCTM5dwsRTcqBJySf8SV8&google_cver=1&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnq...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gn...

170 B
188 B

25ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam6LpKmCPF7mFgkf8BN29YkUp6ALQZfQwClEFwfnbIDcSDLQ_A

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jVeMDAYrQtuXDonEh4f7hQ&google_push=AXcoOmSy7YIKGbeFg6aXMiVOWSnY2IONdmN9dPPCdtuoOUcqeATNb1rD-2sGQFnjK6i1d_I8lfw33fC0-wrO8gnqcETlam6LpKmCPF7mFgkf8BN29YkUp6ALQZfQwClEFwfnbIDcSDLQ_A
access-control-allow-origin: *
date: Wed, 16 Aug 2023 09:38:38 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AEAF 0
12 B 18ms
18ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lu3P8ua7HHPxLjfKXWVIseCHu18l4T8z5Uwo97yBuYgPOfHqBNRtY4aqq4d9n5lH2Juqbb

Requested by

Host: db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
URL: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 34E2 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 300x600_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 34E2 71 KB
18 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d98032ab7de57cfdf9caf819e68bf05251ea4a16fb64013fe1f769008c0d9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18419
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 10:06:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:39:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7145822662340933983/ Frame 6BED 258 KB
57 KB 11ms
8ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7145822662340933983/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba2d553f6cacddf80604dfed8ac1e0525ffec8fcc2ced0c9ee13ce88c710e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 326940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 58186
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 14:49:37 GMT
expires: Sun, 11 Aug 2024 14:49:37 GMT
last-modified: Thu, 27 Jul 2023 13:17:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 027E 0
0 58ms
56ms Fetch
image/gif 142.250.186.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPxAyTee-aWizqKfY2EvYE8CMMw55Zxsr1k0nu2kj86m_CqauF93ihEuiPgIr6-1arHgVb3vISOM9TIZUiBK-Jny64-yNopJNCN8ZbVVcoXmUCxYhLCCErBVdIc9fifdI5XRC7qX4lvQI3b3CLQjUYeI4M1bqxjY8PAiszlDngpDMAHdhUzhshzmf0uOpdmSzib5NJOK2cJZtDr3OlvJ2FLjqkPfOT84yHR0RhIHE63KZelTHf4cOcS55oaO-pf8ufWj1m8kGEsCW6-QjzcQlboup-Mj4mTvJ9fdAhHuJKQHhQHe16sO9P-iQ8ai6wgV_8y1oA3ExPFGrSierVNKD3P98htGFw_ajJ4DTht5rMNXzHIxtikSTX3d55WEXgjxNDbhBHomJRFz2KMtnOLqOUhI-vL9BpR2mlFjIUYZrgatt9vBb5Uf2ZYDKS0ASRXAXmzr9NHcNjmizQyyo_jVReH0A0v6qQ-eezmwA6qqF7cW7fLsTIm3hpIRU2dI9p-HpYzWD2Ezeu-BAl1dFayy2vhPQYpL5coKgCLFL1RJm9Fkt3HcmISUY7M2XCfDp2nwHHWj4qRbmOBZGAZp71MM5gOqrs1oDP3yjMYm4_BOtl02L4CERRGLOBHThwl3hkXlSHShH2et7kdMqIdkISu05tQHeG7iMmg2G0D1QpMs6btmEwFpxkgcUnt_8es2rbmBg4eC2c84Nw4t0I_I60QMgjwI1kt-zmqQw9g0WrxyZ2H7gK5kXDt65W2Rpb0GQ2UV0bCrzFACxxgztKD9W5aPsE-5JaVWFQHlLyuN4-_rz9JJ6N4xYUnDvpNuLjFnb7ecbhBxpIW6_YKlyelJo1vWM3uSu7RuzNOuzzo4w_qxi3gSWjTwPSqsCwnqPmZGojxE2giW2dEi1mwtJc37_wJlHoq3UMm0ZNqxKXutpUES_Exc882vgBOt0dFXiBAxC54CBDLi2WF2i-4CuQy_BVyL7JCBwzM_5pVGkO4tD76MZGdkuuAefmO0bYVdOZTA-kesUwBwstbhXvNWwAyepGZUdMVQuBtHE5byjj_tT2bF7MEPSyEdCh2kaBKvj2sgDbdHXaERmWph8uHsBrRKKwc80RqyNGzOJ8ZaVC5GROWKTUJl7HjccGdzWW5agHn9c06wnFPrhBpi-QeHuOkBl7I65VCc-A_Nm28uUlyFCoqvH5riAbtk3vC_se6WwNYHnU3AOka3zuLRAFOWt0RENJ7CcKmm809Y8soTYCfIL0HaVPY1OraAELWcFRIcn1qSE7sR42TU1OnQ&sai=AMfl-YQjG_-QYm9IBA6DE-smQVMewrDELvPPd5atoBB04SEk1skFztANyS8l57NZAyRZHK6yuGVz2cbvfm3RcAZLxZTClO25MBPDBdywhKk9pOzu1KBUfjM6sXYSlLN-PnGMQofPGhm7kjrnWT7LiINZMC7EkZcRbvyYEs9q_bKVVuDyR4HcSJ6729inQHin-GlhEcpVVVLkFH-Nnb4ki1kC2FaNacNVddA0ieRps91t2nI2zaPXO6YFN2JLeP27NIZ3rTVwietVEnwVDTM3mlxjXYrpLvYCBWs4x0wt2TZz2f1ae9G-QG4q3j4k3phf&sig=Cg0ArKJSzNfBUiczqJg8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=550&cbvp=1&cstd=547&cisv=r20230810.25178&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 16 Aug 2023 09:38:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:37 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E8FA 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 21:08:54 GMT
expires: Wed, 14 Aug 2024 21:08:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16A9 0
0 62ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9DVgXZppAP92sb2o495Cf4zh2_QiBSBD0vuxPRuhMjRh0MOoNvSQCl2dvZaVI_r0lLiZNS38_WjcdJej2hsneNgFdOgR1KUTx7lkD1YzUTQfaV3zo2NlB_M7WWL64nYoCTdjP_28OSn59GkPASbDDjSjNra35mbBhCBvmqme_YBJvqElwYqB0S1Ii7tQ9N9KOd3JbG-_fMK0VY5adF5aaEB05AbZWzcnNkv7qpFcrMl1Pi6ye9V6puMHZFNcSEUSGI0yNu0cUj2544gXDMFbfNaAl-Y7NSeD6MdBX8Fy0MwTDZLwH_czks72Umoy7LO3TOb8bCHnmMtfN4ws&sai=AMfl-YSNvILzNwGxgIC_8U3lfPP6OUP8X-p6ldzI0D3iDNIBwmY_f8O4NFXcTIwRraPGicuF7vLROQsMvotZZHe2tshlReLWXmMBBlxTGI10AdSCk1vaaTNRvQCqFFEJ4-SopQtq6jW5XtOI_9NPgJnscw&sig=Cg0ArKJSzBqqOy4cuJnKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 16A9 15 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0594ada36e5af8314a3cac04eb22bc414fb1ef585ead38caf94fbb74c221a0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11766
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B34B 0
0 55ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttLChdUwldzqOj3tUGL6-iXh8bcpw7ovCPoLTDlMo8OD3ZU2P3NmtRn3zAJsHNb6NPBvpgP7dIlrmHc6F9E5rlcqcs4wFxd1qjOFpksY-CMuwoGmbmOD1kp-B9JPMmVelc0u0YIDNi97qOv75xyyNLqPvSZ7cahCijlk9SlPMBWp1boA80NBzjVHEJ0d3ca0TIc3Xj4dZsFLkcs6AhuxJGRE06y7qr1NWGUcFcwManIMrDa29V8rr28vVlH822r8ejm030mU0SvJ8xJRqKAj5aoMB6qFnomzqPR5grbga74ghOk1O42QMczcHxr2RFzKs43FQBaSmLwakA9vtj&sai=AMfl-YT7VVCD0e8GRCS7bJalm3buCsCDWA9rj3SRFN6CFbjTWgdR0OYgOYuUxYQBJlVbDMBJHL6oyvakRicizoeY7Bkzot24vGPmwedsKIV5ujLYj_dt9mWNqnktPhHiVDoa7a6BQDeh-L6UYCBt6oWoGQ&sig=Cg0ArKJSzFEJE9Ev7cT0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B34B 15 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d788b9685a631f7702b6d70cf4dba0d3b1767fa4a90944a79a13c5090f666821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11826
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6BED 32 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7145822662340933983/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7145822662340933983/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 06:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 06:58:00 GMT

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame 81E3 38 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:34:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 16A9 17 KB
6 KB 59ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B34B 17 KB
6 KB 100ms
95ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.info1.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js Show response
pagead2.googlesyndication.com/bg/ Frame E8FA 38 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/8-ZmOU9oT98dzwhVxdRhvR2EKDTIqAFN6aCn3enqCsE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 08:34:23 GMT

GET
H3 200 13504237085193252135
tpc.googlesyndication.com/daca_images/simgad/ Frame F2EE 81 KB
81 KB 14ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13504237085193252135

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2e5e04029e2c26976f167da57398fce84075488f9411d35d5cdee0f0ce9636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 14:43:22 GMT
x-content-type-options: nosniff
age: 413716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82496
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:05:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 14:43:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame F2EE 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F2EE 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F2EE 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F2EE 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA3nvESuJjxBoraih-8-PXNHdWGlGreAuq7MeVx9e4dSmdlxnViQtGL2SQvPaVXGpoitBRRtlBY8WtXlaroRM6WJS7wA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2EE 180 KB
56 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame F2EE 35 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14283
x-xss-protection: 0
server: cafe
etag: 10830060499921058150
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 14:40:52 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 34E2 6 KB
2 KB 14ms
11ms XHR
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:39:17 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 34E2 5 KB
2 KB 15ms
12ms XHR
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:40:03 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 34E2 2 KB
1 KB 16ms
13ms XHR
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:44:15 GMT

GET
H3 200 NH_D_EU_Coffee-European_300x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 34E2 164 KB
164 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Coffee-European_300x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a047fabbe3c567120e9c89b8bec91792899ee0f3cff5dcc5190ea80f3d9c5964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:35:46 GMT
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168077
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 08:49:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:50:46 GMT

GET
H2 200 redir.html
p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1DBD 247 B
867 B 84ms
17ms Document
text/html 142.250.185.99

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-04bUcYGsr3RcMeUVo8LheA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C67F 1 KB
646 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 027E 0
0 46ms
45ms Fetch
image/gif 142.250.186.130

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPxAyTee-aWizqKfY2EvYE8CMMw55Zxsr1k0nu2kj86m_CqauF93ihEuiPgIr6-1arHgVb3vISOM9TIZUiBK-Jny64-yNopJNCN8ZbVVcoXmUCxYhLCCErBVdIc9fifdI5XRC7qX4lvQI3b3CLQjUYeI4M1bqxjY8PAiszlDngpDMAHdhUzhshzmf0uOpdmSzib5NJOK2cJZtDr3OlvJ2FLjqkPfOT84yHR0RhIHE63KZelTHf4cOcS55oaO-pf8ufWj1m8kGEsCW6-QjzcQlboup-Mj4mTvJ9fdAhHuJKQHhQHe16sO9P-iQ8ai6wgV_8y1oA3ExPFGrSierVNKD3P98htGFw_ajJ4DTht5rMNXzHIxtikSTX3d55WEXgjxNDbhBHomJRFz2KMtnOLqOUhI-vL9BpR2mlFjIUYZrgatt9vBb5Uf2ZYDKS0ASRXAXmzr9NHcNjmizQyyo_jVReH0A0v6qQ-eezmwA6qqF7cW7fLsTIm3hpIRU2dI9p-HpYzWD2Ezeu-BAl1dFayy2vhPQYpL5coKgCLFL1RJm9Fkt3HcmISUY7M2XCfDp2nwHHWj4qRbmOBZGAZp71MM5gOqrs1oDP3yjMYm4_BOtl02L4CERRGLOBHThwl3hkXlSHShH2et7kdMqIdkISu05tQHeG7iMmg2G0D1QpMs6btmEwFpxkgcUnt_8es2rbmBg4eC2c84Nw4t0I_I60QMgjwI1kt-zmqQw9g0WrxyZ2H7gK5kXDt65W2Rpb0GQ2UV0bCrzFACxxgztKD9W5aPsE-5JaVWFQHlLyuN4-_rz9JJ6N4xYUnDvpNuLjFnb7ecbhBxpIW6_YKlyelJo1vWM3uSu7RuzNOuzzo4w_qxi3gSWjTwPSqsCwnqPmZGojxE2giW2dEi1mwtJc37_wJlHoq3UMm0ZNqxKXutpUES_Exc882vgBOt0dFXiBAxC54CBDLi2WF2i-4CuQy_BVyL7JCBwzM_5pVGkO4tD76MZGdkuuAefmO0bYVdOZTA-kesUwBwstbhXvNWwAyepGZUdMVQuBtHE5byjj_tT2bF7MEPSyEdCh2kaBKvj2sgDbdHXaERmWph8uHsBrRKKwc80RqyNGzOJ8ZaVC5GROWKTUJl7HjccGdzWW5agHn9c06wnFPrhBpi-QeHuOkBl7I65VCc-A_Nm28uUlyFCoqvH5riAbtk3vC_se6WwNYHnU3AOka3zuLRAFOWt0RENJ7CcKmm809Y8soTYCfIL0HaVPY1OraAELWcFRIcn1qSE7sR42TU1OnQ&sai=AMfl-YQjG_-QYm9IBA6DE-smQVMewrDELvPPd5atoBB04SEk1skFztANyS8l57NZAyRZHK6yuGVz2cbvfm3RcAZLxZTClO25MBPDBdywhKk9pOzu1KBUfjM6sXYSlLN-PnGMQofPGhm7kjrnWT7LiINZMC7EkZcRbvyYEs9q_bKVVuDyR4HcSJ6729inQHin-GlhEcpVVVLkFH-Nnb4ki1kC2FaNacNVddA0ieRps91t2nI2zaPXO6YFN2JLeP27NIZ3rTVwietVEnwVDTM3mlxjXYrpLvYCBWs4x0wt2TZz2f1ae9G-QG4q3j4k3phf&sig=Cg0ArKJSzNfBUiczqJg8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=813&vt=11&dtpt=263&dett=3&cstd=547&cisv=r20230810.25178&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.info1.id
URL: https://www.info1.id/tekno/10119810689/giliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 34E2 50 KB
50 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=cDcGAHkho0&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:33:37 GMT
x-content-type-options: nosniff
age: 301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:48:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CC2 0
22 B 109ms
108ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS9f_HJncZIfSF5uw9u8P74a1wAkAAAAAOAHgBAI&bg=!JiWlJXHNAAaiGN5Pghg7ADkAdvg8WtvjZiInA8cVSADii_H5CqUn--k_YOMjlHqH0WOKVXi8Tkyn_bVu4DSu2_-xvsHc6TyTz7YCAAACwVIAAAAMaAEHmQMCW2qjn_QXsrYYYxLYkhYyE_3-LAyDxMS8FyPfKFsvTNnXX61vySofAj2Jtjh9VLbOkgCEkSIt7ZF3B0irlu-hUY_j6Gr8OrnVGAu6_cwVH18-NMeTmABEpnUfRFcqIyeUB4bL3mYXqyMzfz9vMYLxguYDR3AQD7PBxIdlTpKCOkZwYN6lLP9Bb6P4QvqGPYAg_B0mPThwj1Sii_Q1GLqM2fxfDKsr7OliMUOnL-55yAYVhMePwphaMZsaQTXhFCHO2hNJpkD1k_EApckA0ozH9SYdH7U_PPbS4T5mPhS7MIA10l_U-Kw-AFlHmPsNRsqYgtX55W167fVDqdknWmxJvhueahbzI4wCC1y-bgbRL24gKybDxbA2INe8h3UUabujcJmNd6AsNjkWbTvK4OIR4M51NiHiiXQBaGvmHajKpA4rD0EU5PW49K3GascuXeW8EgztjUsLcII2ycNW8F26pfvsk9SDMB_QRKZJi4kTVzMWSNawTY-njGzUPeFUKF9eMnoXrLytnHhoI3JjXg94xvm12s5zuXZp6BecfFB6w-M_EtMixVP2etaN1cKyj5-_hguAf8emj9IhSVxgeF0tJecwKoUKbGZP5eNhToKQl3WjD2NcyMISDPzolK4dpmJtYQDlMpeY9RriNsXBN7ZE1AFzC5uw-OaCMl7P0f5XIQdAGMbEuqqhTJ69PZOyH6YDaFMzMoos942_v9g3CTYjePdU4klpnfNNrHsVcQhTiBL2kcwMdief6SofHavd4RrNUZhINAyRyySqsjReHo_Q5NpFzvm0e2b1nJle0Xr-TZEEvdC3cUKElTUVES3qDerAkZDlNR3k9QUy7gtLgiVOKziFz8PKKoHwJWcZGw7aVUDEHq1N_FamY2DdGAXC8aMNYCS7pxbMmJVo6cmYTLQmDDlK51uEnycE2CddH-QQCSnfv-ugj_RS6RzfrETa4FK1H2X6Ly0cBGaCT0aP9x99jo3tNtqW91zqdy1d7p_H5XHHuKgMZCoRlTBTa8eUgGkXbkA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3191 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:16:41 GMT
expires: Thu, 15 Aug 2024 09:16:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 5D90 831 B
555 B 20ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kVynNvoLIN8zhzKseqQkjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-kVynNvoLIN8zhzKseqQkjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
expires: Wed, 16 Aug 2023 09:38:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 10C2 6 KB
706 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=280&slotname=1960828592&adk=2612915540&adf=776186319&pi=t.ma~as.1960828592&w=336&fwrn=3&lmt=1692171517&format=336x280&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717060&bpp=1&bdt=506&idt=674&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1846&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.g22coaocw70c&btvi=2&fsb=1&dtd=681

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 16 Aug 2023 09:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 08:39:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Aug 2023 09:38:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 10C2 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 10C2 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 10C2 0
0

GET
H3 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 10C2 20 KB
0 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 10C2 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKIbvV5ePXKsacmYPoJwSIGQRnw7fTVLFljLrC1hbnF4nnxeTNW14fF2pVWB37goTOLN3kIQPwULhHx-aRBG-SV2CKMg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=280&slotname=1960828592&adk=2612915540&adf=776186319&pi=t.ma~as.1960828592&w=336&fwrn=3&lmt=1692171517&format=336x280&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717060&bpp=1&bdt=506&idt=674&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1766739858&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=1846&biw=1600&bih=1200&isw=336&ish=280&ifk=1461870372&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076469%2C31077148&oid=2&pvsid=3570259087943087&tmod=1855267162&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.g22coaocw70c&btvi=2&fsb=1&dtd=681
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10C2 0
0

GET d405e63a5f7e8b51eabf017ab96b7905.js
www.gstatic.com/mysidia/ Frame 10C2 0
0

GET
DATA 200
OK truncated
/ Frame F2EE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e747e49d689abbfed5f69956b4a8fe829bc52d97bbfbb6ac1f94b995f1fd5712

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5G.png
s0.2mdn.net/sadbundle/7145822662340933983/ Frame 6BED 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7145822662340933983/5G.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7145822662340933983/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 13:50:35 GMT
x-content-type-options: nosniff
age: 503283
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35856
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 13:17:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Aug 2024 13:50:35 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C67F 35 B
465 B 50ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOpYaXwFdzN5HImEjXFA_So&google_cver=1&google_push=AXcoOmRnaNbJYxXQLKhXdXmD_xg4eVdG95pYkz8UDJho4hIr1hnFpZE_qsAnF6oYwPXayU7w1daZBvosMfS6T67cndM3JJhz9rkxod9gpC_3-a0aRRtMNH7Ircgq5LWbPEK8mKVklqONPS5KPkByTtYvEri38C0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C67F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cver=1&google_push=AXcoOmSu7pGhLETwlBor1Y3SmwjR_WDaDGqhK2tm5IM92IF...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cver=1&google_push=AXcoOmSu7pGhLETwlBor1Y3SmwjR_WDaDGqhK2tm5IM92IFPk4R1Toaef2yseaI0V8bRtZgDv5zrTgcsQqVkRU0M9FZZRWph-buOjS3oWesNQ4edmUP3V4Y-0D2CuFsZy6neY7SVMRqE39RCfGXierxqx4EXmA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 16 Aug 2023 09:38:38 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTlFYWxrTDkxUXdjWjY1&google_gid=CAESEBd9wp5RGsVVZoHE-q3Tmbs&google_cver=1&google_push=AXcoOmSu7pGhLETwlBor1Y3SmwjR_WDaDGqhK2tm5IM92IFPk4R1Toaef2yseaI0V8bRtZgDv5zrTgcsQqVkRU0M9FZZRWph-buOjS3oWesNQ4edmUP3V4Y-0D2CuFsZy6neY7SVMRqE39RCfGXierxqx4EXmA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET i.match
a.tribalfusion.com/ Frame C67F 0
0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C67F 70 B
264 B 37ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHmOopoSHfKxb0dDgy4z2FU&google_cver=1&google_push=AXcoOmSokqzvAVs4TS23aoxGBsSKwgrrawZpZny9JT9rB-PHk4z41gJ7Dnkht_ZbL9sqW8f9Y-n-ClKCSkIRnqvTo-fs5htvbrs-oxAcUwEDpIqqxMmyEabfsCP0mf0KGCstxTT_aGQUZSiKTt0cKErMW3592AY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame C67F 43 B
145 B 10ms
9ms Image
image/gif 3.67.123.166

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGyjmvoUk8rKwF5UPVr_xCA&google_cver=1&google_push=AXcoOmQy-7i3w33EkVBEUo8wp8-dc_IayrIjN9gFk-3iQFSWKLAjpCOCftuzNZuAWJ2TPtdsVFNhNYOpVjK_7pnrdVqGR_nR5dpNO7arJqmceycHA_2fcQBN2JbYBIjq3pc3UUsSNiTxawz6Bg1SRfKkWsCHEQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=600&slotname=7420666426&adk=2924918721&adf=3173046723&pi=t.ma~as.7420666426&w=300&fwrn=3&lmt=1692171517&format=300x600&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717028&bpp=2&bdt=505&idt=434&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178717&ga_hid=2029690043&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=289&biw=1600&bih=1200&isw=300&ish=600&ifk=2572994178&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076875%2C31076877%2C31077148%2C44785292%2C44799568&oid=2&pvsid=148243387931888&tmod=369491993&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.6p9pwiherztw&fsb=1&dtd=439
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.123.166 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET

pixel
cm.g.doubleclick.net/ Frame C67F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECZCVa3w8FV1f0jC-focZNM&google_cver=1&google_push=AXcoOmQIAqFzKaZPWQ_uWN1-ExC-PXOZnY9TkegRzfgd3R6iF8uzTjq5_F4sugmwU-ZlLv5G9uHFDhan7ujI5iszQryUNHa...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIAqFzKaZPWQ_uWN1-ExC-PXOZnY9TkegRzfgd3R6iF8uzTjq5_F4sugmwU-ZlLv5G9uHFDhan7ujI5iszQryUNHaOGpmotGY1ZTaEBGie1cv4BfHNRMKcjZx-ePZkk...

0
0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C67F 43 B
363 B 54ms
14ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ6lAcrDoGpaEJwM-IjPl_MjmgXfZ2ui72v2KBDOHphF0-93oYS6efOp3sJUThYG83Y2Qgo7al4kxqVQCYtkl5ee0_YctzISpDwK0fv7_FuGwSv_cB5HuvCcj5cIyBqA_uxRTzzKQ_BN9OqBSC8y4Yctyc&google_gid=CAESEBAqfq1AIpP5iX1XmDq_QkU&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Aug 2023 09:38:38 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 171300
expires: Wed, 16 Aug 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C67F 0
12 B 16ms
14ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQgUorprNWHY7I1unzxR3X1DpAp5JaJBOCmN_Tjdokdn59-lcfcK0n3CVclmB9XeWITSf2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 09:38:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 871D 13 KB
0 9ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:16:41 GMT
expires: Thu, 15 Aug 2024 09:16:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 4821 831 B
0 19ms
18ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YiTEe-iNM38itnCYoympsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.info1.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 530
content-security-policy: script-src 'report-sample' 'nonce-YiTEe-iNM38itnCYoympsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
expires: Wed, 16 Aug 2023 09:38:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 38EF 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=250&slotname=6042391179&adk=3106419642&adf=776186312&pi=t.ma~as.6042391179&w=300&fwrn=3&lmt=1692171517&format=300x250&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717083&bpp=1&bdt=538&idt=626&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1302533990&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=2156&biw=1600&bih=1200&isw=300&ish=250&ifk=3914621714&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076876%2C31077148%2C44799580&oid=2&pvsid=939394294714835&tmod=366698208&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.x3u8ee2jxlmd&btvi=2&fsb=1&dtd=631

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 07:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 07:25:18 GMT

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 38EF 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38EF 0
0

GET
H2 200 iframe.html
p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1DBD 5 KB
0 18ms
15ms Document
text/html 142.250.185.99

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-WYaKghPY7bFoiC5_tUq-xg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame C5C1 0
0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/8421198855188639087/ Frame 10C2 57 KB
57 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8421198855188639087/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 05:23:33 GMT
x-content-type-options: nosniff
age: 447305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58362
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:29:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 05:23:33 GMT

GET
DATA 200
OK truncated
/ Frame 10C2 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f7ba5d05f5869ca839b4bfd24e628539264df5dd1575074afd805be776d4f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dr
as.ad4m.at/ad/ Frame 6408 0
0 67ms
33ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jct6gfv9gbra3g31ra8fesg9mwvfc7b7c63at6ye7j9rcc0wamkk22bxjc0g2ay0b7m9yggpbyne5v4hq56y2sb4x135byn7phjzm5mw8nd4jpc66pdsey3txfenawspja19m13kgfeskhvtj9q193c5yg30btc9cb4fz9075vd1rr60zhg6rt84qdpgyb3sjdcemp1djrrgstbqcjp8z3bpstzenh9eck8z9qn4k9xp3rbq8h2jpsgbw5v5brer8a86zrwzbgt9eg66yd4exfp6anrxdn23pw0zzdhmq5ewjnsbmta72axax0zxj3jd374w1wkch5p3vs8ad9x8vhsh5qdzg7asttypv2m66yaaghw0eazkg1mn8ydt9jk33k1nb3ftez88ejx9raw6kmr52gssa69egw9x4j7drc6y69q7jy1kq0ny43mnehrz3r4x4tc9kg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuEhpHZncZOykMf6a2OMPkfmr0AqQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi0yMTg2MTAxMDA4NTAwNzI0yAEJqQJgXAMe80qyPqgDAcgDAqoEwgJP0KJj1tD5XFFZcWckY50IKX1akY9gY_QpClgRwegyhKm3uKoK9_AgH09qD3nCiYlYByox1VJhUWyW3Y45PrfdjzMLTMWicTkgbUkivM4-suhOtDwjBnpxr-NZ3BSDgHlslRNuTWi3jXMXwXaEqHzoJSyIT14xMz6iAdzdH8bQ8I3I-XtokjfJHPKlWNewu9hSn1YACk3GIpGa94zp_NdWZf6RfJ7tkhTOjPl4JosdNBmD-8DcVyTg3o3JNoQ5TcUjPwE2wut01R8_FcwTWrPMdmSBN_MEZQaf8xuiu36FtbEnYTaisCAOMg5VUOvLEcDaInbL2n2YajFqDKo9_jSHY-XUgkx46GaNOPRNzIpr_Xxd6523suIXux2vuBoQQHrUhnGqPZJabgcgj9mu73vtFCIL9NogxhCbR9HnLpkIWb0wgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1p-HVn61-ADRJAyZbVou0Qi0pE4g%26client%3Dca-pub-2186101008500724%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f78b49e8e753a74-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 09:38:38 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DBAA 1 KB
0 9ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 04EA 1 KB
0 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Thu, 17 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame B825 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame B825 0
0

GET l
www.google.com/ads/measurement/ Frame B825 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B825 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 5D90 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB5Lm2T0Mzxarfe0pQ28eqA&google_cver=1&google_push=AXcoOmR1sqC69Gsqf2krlGHxz7PW9jOx67ADgvVNhycb2g4_Li2qNtqrl4S78Z-9hET0aMrL9q0feplLVrJue9a1ledqnwOYBjUQum7QLRa3VsPtkE2ipsmhsRSpsczgeT8kO3idFx3VjDRgqMWtrTya30gkCcGA

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d405e63a5f7e8b51eabf017ab96b7905.js?tag=mysidia_one_click_handler_one_afma_2019

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEMVSCTP-fJpu6c7rENJuujE&google_cver=1&google_push=AXcoOmQc9IdoxhugU9a9KDvRVWWD-9OCsH3Se6T7CSM7SVea3exfr7t_onFLIPZK867PTFWJnRdLOKMrfVaelz6E6GUKbI4MrgEkQ5JEYUxfMCKHcmeJ7-0dvFcskJUlfcjDALbU0T7j_LNTMzErL-efA7p-DMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQc9IdoxhugU9a9KDvRVWWD-9OCsH3Se6T7CSM7SVea3exfr7t_onFLIPZK867PTFWJnRdLOKMrfVaelz6E6GUKbI4MrgEkQ5JEYUxfMCKHcmeJ7-0dvFcskJUlfcjDALbU0T7j_LNTMzErL-efA7p-DMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQIAqFzKaZPWQ_uWN1-ExC-PXOZnY9TkegRzfgd3R6iF8uzTjq5_F4sugmwU-ZlLv5G9uHFDhan7ujI5iszQryUNHaOGpmotGY1ZTaEBGie1cv4BfHNRMKcjZx-ePZkkWYdKy7LJRkMBwwqmyDKEAFp9w&google_hm=eS1mQmFjSEVoRTJwR3ZxdnVnRk8zWUhCV0g0RUpLS2pvS35B

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1267670426493&version=m202307240101&ct=76&x=1&cor=13684841717496394000

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrun4yR2DZ5ynePiIJJFSYrcSvHzd8R-_kBuugX51uzJXCwF9BQezeb3oJTF9s58d487h_2TApySSHU6q3jjzEi67BfA

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=1066548811513919&rc=

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 14:03:00	Name: __cf_bm Value: GdIQ8AlyeiwZvXCMQlm6U7tAL6424iIgSqcv_9tpQ5E-1692178712-0-Acz5V/YQv79ATphjBH/RIL9NQEAyvsK0GhIaZFwFo0VY+uzAEbz1EXEnx7f9Cn2K+oUDxsv3E1ttzlwLRM7O4bU=
.info1.id/	1970-01-20 14:04:25	Name: _gid Value: GA1.2.2088948465.1692178712
.info1.id/	1970-01-20 14:02:58	Name: _gat_gtag_UA_207405423_45 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-46 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-47 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-48 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-49 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-50 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-51 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-52 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-53 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-54 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-254876823-55 Value: 1
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-208513372-5 Value: 1
.info1.id/	1970-01-20 23:38:58	Name: _ga_RV7X1SN4VM Value: GS1.1.1692178712.1.0.1692178712.0.0.0
.info1.id/	1970-01-20 23:38:58	Name: _ga_JDHHDGV2EQ Value: GS1.1.1692178712.1.0.1692178712.60.0.0
.info1.id/	1970-01-20 23:38:58	Name: _ga_XHS8W3S0QP Value: GS1.1.1692178712.1.0.1692178712.60.0.0
.info1.id/	1970-01-20 14:46:10	Name: cProps Value: 2b5dbd45-9342-4029-a8cb-465b04d32f65
.info1.id/	1970-01-20 23:24:34	Name: __gads Value: ID=786eb90d54c8caaa-228324a151de0010:T=1692178712:RT=1692178712:S=ALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg
.info1.id/	1970-01-20 23:24:34	Name: __gpi Value: UID=00000c60ca1de8a4:T=1692178712:RT=1692178712:S=ALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ
www.info1.id/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1453201%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221692178713085%22%7D%7D
www.info1.id/	1970-01-20 14:46:10	Name: _pbjs_userid_consent_data Value: 3524755945110770
.info1.id/	1970-01-20 14:02:58	Name: _gat_UA-237453437-1 Value: 1
.info1.id/	1970-01-20 23:38:58	Name: _ga Value: GA1.1.32317744.1692178712
.info1.id/	1970-01-20 23:38:58	Name: _ga_WHWXDD9CJW Value: GS1.2.1692178714.1.0.1692178714.60.0.0
.doubleclick.net/	1970-01-20 14:03:02	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 23:34:39	Name: wfivefivec Value: a9EalkL91QwcZ65
.mathtag.com/	1970-01-20 14:46:10	Name: mt_mop Value: 4:1692178716
.simpli.fi/	1970-01-20 22:50:01	Name: suid Value: 801A8F0AE1CB419A8C908D68BA61F4D0
.w55c.net/	1970-01-20 14:46:10	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 22:48:56	Name: A3 Value: d=AQABBByZ3GQCEFA4ou-fO_A7--fyFI8WyFMFEgEBAQHq3WTmZAAAAAAA_eMAAA&S=AQAAAgIXfCz2AFrAsGkxmjc3ah8
.adnxs.com/	1970-01-20 16:12:34	Name: uuid2 Value: 8722127198434111692
.casalemedia.com/	1970-01-20 22:48:34	Name: CMID Value: ZNyZHNJMB.9lw.Q7LWWyOAAA
.casalemedia.com/	1970-01-20 16:12:34	Name: CMPS Value: 2153
.casalemedia.com/	1970-01-20 16:12:34	Name: CMPRO Value: 2153
.adnxs.com/	1970-01-20 16:12:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJfho's!]tbPl1M>e)ZlrFUfJ+tGXxpSSkw]pP?0?eOt=m@Po.vP:c9-eOyx6UX=heV3If)y3KL9D3I?+Z[B=SX
.doubleclick.net/	1970-01-20 18:22:10	Name: APC Value: AfxxVi7qovpljRo2CAAqZ6QTOj7DPtueMjXPnNXbHkqAmCVaFKK2yA
.doubleclick.net/	1970-01-20 23:24:34	Name: IDE Value: AHWqTUlfs_hoJ9k8Zj4_x4TTBW1Rp6B0SKoAS_pLxihmPjGkvVZtU8YeZ5tt78_zO8A
.googleadservices.com/	1970-01-20 16:12:34	Name: ar_debug Value: 1
.info1.id/	1970-01-20 23:38:58	Name: _ga_2BZPHNQNTD Value: GS1.1.1692178714.1.0.1692178716.0.0.0
.lijit.com/	1970-01-20 22:48:34	Name: ljt_reader Value: HKOisGZHurzQW3OJTvyRF6YK
.turn.com/	1970-01-20 18:22:10	Name: uid Value: 8927431090166371499
.bing.com/	1970-01-20 23:24:34	Name: MUID Value: 144A6370978F6C193C52701F96F86D0E
m.exactag.com/	1970-01-20 16:12:34	Name: exactag_new_gk Value: 68c5cf1a36f24e0c8023bc773dd20def%7C15.10.2023%2009%3A38%3A36
m.exactag.com/	1970-01-20 18:22:10	Name: exactag_new_uk Value: a1c497904cd54e9f8707d6d970b8a587%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1c8800057b44422f9310e803

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-92SLT7E0C9&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-T2KLLBDG5F&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-N8WLC1BZ4K&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-LPM4NW1HJ4&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-7LZKYFGL66&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-Q3P54V4MX7&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-W7E1KWQ6LS&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-0CTSMDLJK1&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-WXW5C8BGR3&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1692171512&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178712314&bpp=5&bdt=664&idt=374&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6918331169150&frm=20&pv=2&ga_vid=32317744.1692178712&ga_sid=1692178713&ga_hid=1873801765&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44798878%2C31076874%2C31077148%2C44785295%2C44799579&oid=2&pvsid=4257848122754471&tmod=1387007369&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=418 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://propsid.b-cdn.net/json/www.info1.id/blocklist.json Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2186101008500724&output=html&h=90&slotname=4993351895&adk=130625548&adf=776186317&pi=t.ma~as.4993351895&w=728&lmt=1692171517&format=728x90&url=https%3A%2F%2Fwww.info1.id%2Ftekno%2F10119810689%2Fgiliran-sektor-tambang-freeport-dihajar-hacker-serangan-siber-ransomware-buat-sistem-gangguan-berkepanjangan&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692178717150&bpp=1&bdt=576&idt=606&shv=r20230810&mjsv=m202308100101&ptt=9&saldr=aa&cookie=ID%3D786eb90d54c8caaa-228324a151de0010%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_Mb6OMUt-ugGNGJylkwT6m-ZKX3oYg&gpic=UID%3D00000c60ca1de8a4%3AT%3D1692178712%3ART%3D1692178712%3AS%3DALNI_MbjNJsUhVt_MgRrnn8HRj8EVxexaQ&prev_fmts=0x0&nras=1&correlator=6918331169150&frm=23&ife=4&pv=1&ga_vid=32317744.1692178712&ga_sid=1692178718&ga_hid=1999083557&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1156&biw=1600&bih=1200&isw=728&ish=90&ifk=4214105617&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076875%2C31077148%2C44796700%2C44799578&oid=2&pvsid=2368382861799147&tmod=1856178442&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.xktn2j2aca7k&fsb=1&dtd=615 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jct6gfv9gbra3g31ra8fesg9mwvfc7b7c63at6ye7j9rcc0wamkk22bxjc0g2ay0b7m9yggpbyne5v4hq56y2sb4x135byn7phjzm5mw8nd4jpc66pdsey3txfenawspja19m13kgfeskhvtj9q193c5yg30btc9cb4fz9075vd1rr60zhg6rt84qdpgyb3sjdcemp1djrrgstbqcjp8z3bpstzenh9eck8z9qn4k9xp3rbq8h2jpsgbw5v5brer8a86zrwzbgt9eg66yd4exfp6anrxdn23pw0zzdhmq5ewjnsbmta72axax0zxj3jd374w1wkch5p3vs8ad9x8vhsh5qdzg7asttypv2m66yaaghw0eazkg1mn8ydt9jk33k1nb3ftez88ejx9raw6kmr52gssa69egw9x4j7drc6y69q7jy1kq0ny43mnehrz3r4x4tc9kg0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuEhpHZncZOykMf6a2OMPkfmr0AqQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi0yMTg2MTAxMDA4NTAwNzI0yAEJqQJgXAMe80qyPqgDAcgDAqoEwgJP0KJj1tD5XFFZcWckY50IKX1akY9gY_QpClgRwegyhKm3uKoK9_AgH09qD3nCiYlYByox1VJhUWyW3Y45PrfdjzMLTMWicTkgbUkivM4-suhOtDwjBnpxr-NZ3BSDgHlslRNuTWi3jXMXwXaEqHzoJSyIT14xMz6iAdzdH8bQ8I3I-XtokjfJHPKlWNewu9hSn1YACk3GIpGa94zp_NdWZf6RfJ7tkhTOjPl4JosdNBmD-8DcVyTg3o3JNoQ5TcUjPwE2wut01R8_FcwTWrPMdmSBN_MEZQaf8xuiu36FtbEnYTaisCAOMg5VUOvLEcDaInbL2n2YajFqDKo9_jSHY-XUgkx46GaNOPRNzIpr_Xxd6523suIXux2vuBoQQHrUhnGqPZJabgcgj9mu73vtFCIL9NogxhCbR9HnLpkIWb0wgAbch66vkMWU2nKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1p-HVn61-ADRJAyZbVou0Qi0pE4g%26client%3Dca-pub-2186101008500724%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.impactify.io
ad.impactify.media
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
adsdk.microsoft.com
advertnative.com
ams3-ib.adnxs.com
ap.lijit.com
as.ad4m.at
assets.ayobandung.com
c.mgid.com
c1.adform.net
cdn.adnxs.com
cdn.id5-sync.com
cdn.mgid.com
click.advertnative.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
d5p.de17a.com
db6625cf7bbc1b3eb316bff2de4e2cf3.safeframe.googlesyndication.com
dis.criteo.com
dsum-sec.casalemedia.com
dvr.impactify.media
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
m.exactag.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
p4-fd3ouyfrj7hlk-rbwfotpb66q6ng7u-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
propsid.b-cdn.net
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s-img.mgid.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
static.promediateknologi.id
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.bing.com
www.cloudflare.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.info1.id
x.bidswitch.net
a.tribalfusion.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
139.99.126.163
139.99.126.164
142.250.185.98
142.250.185.99
142.250.186.130
162.19.138.117
162.19.138.119
172.217.16.194
178.250.1.9
18.66.147.127
18.66.97.124
185.29.134.248
185.80.39.216
185.89.210.20
198.47.127.19
2.16.97.41
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.166
216.52.2.86
23.218.208.187
23.32.184.192
2400:52e0:1500::868:1
2606:4700:10::6816:3456
2606:4700:10::ac43:14d9
2606:4700:10::ac43:4a1
2606:4700:1::6813:854e
2606:4700:1::6813:874e
2606:4700:20::681a:bd1
2606:4700::6810:7b60
2606:4700::6812:19ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:46::45
2a00:1450:4001:801::2001
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c1b::9c
2a02:26f0:3500:1b::1724:a392
2a02:6ea0:c700::10
2a02:6ea0:c700::11
2a05:d018:d29:3602:f10a:ace:7b5b:36c
3.122.199.127
3.67.123.166
3.71.149.231
35.190.0.66
35.204.158.49
37.157.3.26
37.252.173.215
51.89.9.252
52.223.40.198
52.48.194.69
85.14.248.91
89.149.192.197
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019ddfe24f5f1fbc84c2eb85d249e814a937d26780d00885d08887f5e54d4c19
0419b7b5d971d963139b47cefcd8323584fff519531e3b43bc26b6733b04377e
0594ada36e5af8314a3cac04eb22bc414fb1ef585ead38caf94fbb74c221a0f0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2d553f6cacddf80604dfed8ac1e0525ffec8fcc2ced0c9ee13ce88c710e23
0cc49c6446f503890323c447a71d998fa0731fff7f00663dcce04209ae5ac523
0d98032ab7de57cfdf9caf819e68bf05251ea4a16fb64013fe1f769008c0d9ca
0e72117263558278201af6ada0a46b14d991419fb5cf480c17fc3152c5cf4a28
0eecc2c8302610b82bccf87de9385ea404b0256f1f57e5d78fe50644ee8ea942
112bb681234141e5f854f4ae270f28aba94b759a5857619909ef8ede7181d421
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13792a604d6e3b0a7a21d6e19a9bc9e0def8ed2bc550f3e16ada494266caffbc
142252e852102a3fd4101068648214523ae9d4939298d76343947c3a1193273f
1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166c3a1c13fa10d5792469c787436c71970c3ae76fab20b15aa7223734f5681c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da
1cb436b38331a5aa2a84c4fae0c81757d1fbc7d5343341fa1643569f6337f5f4
1cb72b93c05bc5272264f7037c8a28af042cba5635c041cde38d75e6ed75a8e3
1dd400e96bde52e4d7923451217e91c5915ef3695b7318146f10fcefef12dc2c
1e79460edbb08f563002fea13054c6a68cfa363c556a15551ea5749a74b50861
2214d41b278709c873fdb298e1c176c1a8c2e2f40538d1b242a48e7c871611d2
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
246e35d1e57b779eef9b5744218f98a657d9f0af88100f8a5a38ad6becea45c6
25a033c36abab544d94690a883825f67c5782cab3e41a4e34fcbe047fb6e3d33
269fe3bbd03e0ebdfa3b2999967d4a504279bb10af00155a745c250dc3520a8c
2a914288710154f1bfe050471d3968575b3855bde38371746dd3f10415fe2b08
2b2e5e04029e2c26976f167da57398fce84075488f9411d35d5cdee0f0ce9636
2b8e286e3fc1e9daf2c95191f8765aa137f574c3602da3cb30f47f6bcf21ce14
2b978d152a0760860b9a395d27e157cd759c65b9d16ccc14ac3196b5f9408408
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ea0dcd6669e7992e4318454185c834fab775a914a616a73770c0bcfef18a421
2f8ba1471495a908a379e67a451274c23a739bdde5628b5ecdc014cdcc55f342
2f98575ee35bf9b5a0d175865298b7d3c49c57f4ec53ba89d36f0f38da431b4b
30450909b891d03151300770eb43c4000c7580aba971a96522d65a4194e8bff8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
360085f2989957e6337124a9d55302cf1d0d23ab5f79ae2d315501bebe891388
389de9c5e02c14d9497242ab32345d79e5937730cc2bf2f85780a948f359e8a1
3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3ae3ba0c844398f7da7ec12bd61798ab8d663f765d1d76c3f3008848b7ccbe2f
3b79e26e6cd4b35152a83887c5ec5983819983cb0166313df90e106994f579ee
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3f4d4226fe6d916332761bda48da30a0559249e3569bb2925c64130eb60ab113
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
40da1f2bb18419fdeb462e7468c95a3ce82767d881695aaa0800bd567ed53a00
42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0
43e40ed439ba615729ebcb4a74d3532d8fdac48d7bc14a7fd0b05b364efd1295
44cdaed3e1155b701ce10a6788231df2a18e8bfe4e093abe34c8c57b266da5ab
45184ea47e05d3bba4aaa0895510a212c59d5596d5295fba864d8fa38b6e7cdc
4585090af603e95d99e19f677d1e32965a9173b7134bbcc87ccb1c5a90d52d9b
45fcdd4e2934a5c57890641745de27492c89bfd769b28d1231dc84e3a5c75726
46883def377104e3fe00c88dbe7f84f2d26b9f807085320681be7c5b09360b24
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4715f03b279deb88098d943548a77cffa0d6542f2edd93537ced623cfa7864fc
477642a0dd052718497ee32627dd2f556552f95da59c3b7262841e6ffdd6aa7c
47d270a3ba9cd557c13244cf6daf21497620e487030e2965b07b2ac021244c99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492e54b880aa40b9f579b97e2642450853c0ead2bd7971accf23429bd7996b5f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
4ec86888e936cc293c3a6005663cbaf7d1c5151a791415d62e18126b012865cb
4f7ba5d05f5869ca839b4bfd24e628539264df5dd1575074afd805be776d4f97
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a8c3340c14164c9d4d4db55f2e96d7dd6a32c44bf1780b3c72e7d64bacbba5
54757ab2c8c21c465c9303a537ab70cdff2d4a2707dc47d0e836aa9e91da574c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
56b6f83fe11492bdd74cc2cc7ee312e633efd92ea05a7666634923c79593d5aa
5b7529c3c9bbbb7a04c6f110740aee86d9fdcbd9d517480dbb7f549600d2390e
5bc0b8099c90aaa6ae7debc91f26eea7f648716a6c89f5e5a610f666b3979eb4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6318049ecaa1666391c0f632b6f8cb30a82ac28ec401389ad07f1acd2980eb62
6371a2d4bf328a385d4b0581a2fceb43022d97f8bd3da4024bceef2178ed96b4
637aea4506eea6fce448ff156fba11fcf5e8df8d5d585bb63dda99de31e5c584
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66c86a2c54f6f0e838b14c4d312d360cc0d8eac65520440bf5e03b29d55a0e3d
68da0fe7748968135aec80da08285e354d7b5320e99d3ba04b609f04714ffa5e
69c061a71a0203bbebd93dded2283e48ec7674304184ea4b7f0d9b527c70b5f4
6a3c62a15117683b1cfff63b0d8e355aa63e6eec50b176c501d8ae34726c10e4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7352ed880d86d53e672b2e5329489bfd5f13126f80b7c513ddc1568b8c6a8a
6d0f564ebb75232c439b514469c064c436a3b6b8c1e1c88cdf5e30fa54106a00
6da6237448cb942233acbada908f5b991a7b4c18f67ced25cfa026ddfe2fc49b
6eba63bbc9e4407b3255638f452b1934afdddbe6b2214534cbea685cef68f3b3
6fa97ebcacc519a3a29d22a90789b8906d09e8ad62d9798316352cafcf97f601
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7359d724f547b50bf3cfa084a53b43b2dd4d3785f60a42a0df7450c6437428af
766807ce471057577b2973ec6e15400a92968b23d7805612dee4596072c0bb29
76d3ff268ef875092a720679d52fbe868082f6fe73566fc608ebf2e37b304555
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7d5e759da90a02ca255fa161695146c4bfb3ec2bca076a88ed3f3fb306cbac1a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e57f857af905eef60b0e392833811c012a2260fc1d0b3f07e1dbeefa107b659
82ada0822108102cf4a8afe853a6f5aeec809ddaee4124bcdb0d002fbd6b5136
836a2b5e56500f86212239009e6fd3483d266301e4d30a41f9a540df727089df
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860bf71bfa3a9ed35e0aeb39c2716a863ef0d9f26fd6c63c8f7c5dae76816713
86fec9a12e70c4ba6b85ea02bca08dae81364ce99acb53a943ae97c68ee381b9
87407928d52cd1701b5ba9ae1b212b35ad72f0781d6f06ecdf1674c253db2736
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903d6da1378443860867d9748c11958d366e7c451dbdf2a4d28126b7aa1c6055
916eb08aa5dc2e4f079809bf62c8b531f00554d21887adf50cb8e2b98aa35baf
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96653046fcb4bfe18fb1964800f0103ff7b7a7f3cef1129f1997f1f7158ebca0
976c62cd183afe1f774a7d779276a63e2e56cf97af61d357869ee4b9fa838bfb
99d911527c8d296b302e015ef8caf943c4279194b0314cb34160143d0ea03ad0
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a802495cc0abf22d2e0930d83bb8ae0ed90c7267216b26eb75a3fab8f5fa588
9a9a92cde9ab513b414b31cf785b55f419589b83d77a4bec7fbf252279e42a88
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4689984a2369dd418795658297eceba1712235c0aad7a7775948d7cf3cab43
9cbaec6c0e1b054cde3a53a17d1c9e9bd0f572f73293d7d819f9493113b305b0
9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850
9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855
9e9f44bdfc78d8ae7f41eecc31873f66d73c5ef0e5f52e4d75c0a5a2594206be
9f1127da826eac2c1865978de2f8e3f7923abae3ad9b1fada5037b9252190437
9f5404c69108f183df786f418b13aecc672e66f42e9f33be2062038984e80b28
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a047fabbe3c567120e9c89b8bec91792899ee0f3cff5dcc5190ea80f3d9c5964
a118d9a4f5169f116b5a9422cce317486ebeff56720f673d7b17d8eabc906fe1
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a80e8d5a9fcb950c18ff20b91f00cd754cdb1b15a821025ada8b14b7415b782d
a8143035bbd0280c7e8c1eefbdf55ade84410fd483bc9f785be48bcfaa8105a1
a88f8ca4e49204f79e814bfd661ae262450df79820ee2f02fbbdba0514fe7567
a9996f4b373f0faa259c92cae3599e7db75452da88f5bb41378f974c6c65e687
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa3e933328fd69daf80300e4488e09caa57f378114c108123ade2a1c880d3245
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acd14f2f9ffd37e06a13065dc6df993edccfc881bbb382b50cb496bcda3a695a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0fab2dd0fbe8050a9d45e963c4153470e3359921723c801935a1ccc9fbb94
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5b73140616703573114a1887b9f51f4a62a3ff00914fc3eb64089ddf283f6f3
ba15f88cae41ec49784f3576f2aff002bf57f3e7f724ed0318a1d61ccb186279
ba91812ed0b4adc6eca0b0fb9d60e475af39572c661fa4b77bd5b9a7b4e9a317
bdf67619053e1e6630c9a7be82530e329439a77d5e3c207546a7c0854ede824a
be78c013ce34ebaed199aa255c73604ee16ebc1c8025ad3a264c4fb08eabdd84
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c3a180a9b9c6725c092b194f298cc3b193df48d229e44ffa47eb538cdbf5cce0
c5b454d415a3ca49716b4a763ac1182aebb1cd5d78a112aa1c3467aa2c22f00a
cdc4a9e74668f64b2ebde375270c509940d2475b715a2af24f6c1059d26581c4
cf15dca06a0eafa36ddbe5746801ca7e812235fac7a2b643ff85771545ca12ce
d2e95698f06c242e349e7b78fc5ef43897c32d883eb0e6b4d871c404e341e5fa
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d788b9685a631f7702b6d70cf4dba0d3b1767fa4a90944a79a13c5090f666821
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd001c813f9fd1dc873f29199b6bd375b9853f4bfe19f24dacd3b773e4c4d842
dd5a4b85031a5071a62a3a5971fcdc677ed0784618435df88d26d6c9c94decc7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1386b2ab1c9c13cded489bfcac971bbb256faad3a1c932417bdb1d97c12592a
e1b8761bead6ba26353c0035115247082b42f3bea29e0c9029705fff65a4652c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f111ad62749c678dce320c872bc26699c23319fc809c2d5bbe496a4d69b4a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67bfc700d947ae64c1448fdbfd33265cc781a238e8acc50fc75a173cebdfec1
e717762e381d544ef0cd2005424bc4067a6026d10dab683bba5891cbd36c07ca
e747e49d689abbfed5f69956b4a8fe829bc52d97bbfbb6ac1f94b995f1fd5712
e90f6b678b2f030caab438c18a9682c81b824f5b829cf9e436065c11bf293193
e9c885c46e801609da5ef0eb6bc07cbb6b3562053b033f181081825c4e10eedc
ebcd7712536c71c87291b5e390c1742ef284fb399be65bd0a9b30a0a6b8aaf5d
ecb7f3b16c404d2907442c985a3dca8c86f5680be31998c3217ccb3a0efa6b04
ee30aaee703343ecf9a302283ef9f853cd00491d76456bafadeabe2e29c10d4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a71ff6e2220fda4d1d402034f0e2cf8497cf03bb423d904810d203ee818959
f3e666394f684fdf1dcf0855c5d461bd1d842834c8a8014de9a0a7dde9ea0ac1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f62504abbb867b0d53b4d90d746313621819f2c5d39ceab4695ac2b0ef8cf223
f73d3cdad34a26cda79dbf03f9c86529099c6e73501b0acf459fa0cee84bcefc
f7a0b5159c6d30c6dd75fd78217698d1cab2ca04e24ca904b3a4e39f89e0458d
faa623d1f9fe026bf6b466748be950e2f2ffe81a80d731b2df277ce53491578f
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fe7d9760a5045d82ae0528b24cca3b12afa113aa4f45a646860de34602fda66b
fe9f8642055fe2ec61875b50821d5f8250bad672c5ad31688745943f555b3480
fedd41cb3f3a94d171ab879ab8fe83ad84c6a4ed060d3a00ec7e1dc9f92f861f

www.info1.id Open in urlscan Pro 18.66.97.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

390 Requests

87 %HTTPS

50 %IPv6

48 Domains

74 Subdomains

55 IPs

8 Countries

5465 kBTransfer

14347 kBSize

46 Cookies

7 Outgoing links

Redirected requests

390 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.info1.id Open in urlscan Pro
18.66.97.124 Public Scan

Screenshot
Live screenshot

Full Image

390
Requests

87 %
HTTPS

50 %
IPv6

48
Domains

74
Subdomains

55
IPs

8
Countries

5465 kB
Transfer

14347 kB
Size

46
Cookies

390 HTTP transactions
14 data transactions