www.jakartadaily.id Open in urlscan Pro
18.66.97.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Submission: On March 11 via manual (March 11th 2022, 9:51:22 pm UTC) from US — Scanned from DE

Summary HTTP 290 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 19 domains to perform 290 HTTP transactions. The main IP is 18.66.97.10, located in United States and belongs to AMAZON-02, US. The main domain is www.jakartadaily.id.
TLS certificate: Issued by Amazon on September 21st 2021. Valid for: a year.

This is the only time www.jakartadaily.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
33	108.138.7.54 108.138.7.54	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	139.99.126.163 139.99.126.163	16276 (OVH) (OVH)
12	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b4::7ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
14	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.48 108.138.17.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	108.157.4.99 108.157.4.99	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f13:57e... 2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	139.99.126.164 139.99.126.164	16276 (OVH) (OVH)
3 53	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
28	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
8	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	119.63.197.150 119.63.197.150	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
290	34

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

www.jakartadaily.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 108.138.7.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-54.fra56.r.cloudfront.net

assets.promediateknologi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.163 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: tinong247.vn

click.advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b4::7ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-48.fra56.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-99.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f (Boardman, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.99.126.164 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip164.ip-139-99-126.net

advertnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.150 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

id.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122	1 MB
42	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 310	337 KB
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422	683 KB
33	promediateknologi.com assets.promediateknologi.com — Cisco Umbrella Rank: 66948	320 KB
26	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
12	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	73 KB
12	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	594 B
12	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8333 c.mgid.com — Cisco Umbrella Rank: 6428 cdn.mgid.com — Cisco Umbrella Rank: 10514 servicer.mgid.com — Cisco Umbrella Rank: 8449 s-img.mgid.com — Cisco Umbrella Rank: 7801 cm.mgid.com — Cisco Umbrella Rank: 2218	163 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	383 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	139 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
5	popin.cc api.popin.cc — Cisco Umbrella Rank: 22177 id.popin.cc — Cisco Umbrella Rank: 53305 r.popin.cc — Cisco Umbrella Rank: 24801	102 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6833 certify.alexametrics.com — Cisco Umbrella Rank: 3792	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	77 KB
2	advertnative.com click.advertnative.com — Cisco Umbrella Rank: 41785 advertnative.com — Cisco Umbrella Rank: 37002	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	419 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	fout.jp js.rfp.fout.jp — Cisco Umbrella Rank: 41366	16 KB
1	jakartadaily.id www.jakartadaily.id	11 KB
290	19

	Domain	Requested by
53	tpc.googlesyndication.com	3 redirects f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com www.jakartadaily.id tpc.googlesyndication.com
33	assets.promediateknologi.com	www.jakartadaily.id assets.promediateknologi.com
28	static.criteo.net	ads.eu.criteo.com
26	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.jakartadaily.id
18	stats.g.doubleclick.net	www.google-analytics.com
15	pagead2.googlesyndication.com	www.jakartadaily.id pagead2.googlesyndication.com tpc.googlesyndication.com f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com www.googletagservices.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.jakartadaily.id
11	www.google.com	3 redirects f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
11	f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
11	www.googletagservices.com	www.jakartadaily.id f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
8	csm.eu.criteo.net	ads.eu.criteo.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
6	fonts.googleapis.com	www.jakartadaily.id f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	www.jakartadaily.id f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
4	cat.fr.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
4	s-img.mgid.com	www.jakartadaily.id
3	static.doubleclick.net	f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
3	rtb.fr.eu.criteo.com	www.jakartadaily.id
3	api.popin.cc	www.jakartadaily.id api.popin.cc
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	www.jakartadaily.id
2	www.googletagmanager.com	www.jakartadaily.id
2	jsc.mgid.com	www.jakartadaily.id jsc.mgid.com
1	r.popin.cc	www.jakartadaily.id
1	id.popin.cc	api.popin.cc
1	rtb.nl.eu.criteo.com	www.jakartadaily.id
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	advertnative.com	www.jakartadaily.id
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.jakartadaily.id
1	certify.alexametrics.com	www.jakartadaily.id
1	adservice.google.com	securepubads.g.doubleclick.net
1	certify-js.alexametrics.com	www.jakartadaily.id
1	js.rfp.fout.jp	www.jakartadaily.id
1	click.advertnative.com	www.jakartadaily.id
1	www.jakartadaily.id
290	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
api.whatsapp.com
advertnative.com
widgets.mgid.com
www.mgid.com
www.promediateknologi.com

Subject Issuer	Validity	Valid
jakartadaily.id Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
promediateknologi.com Amazon	`2021-04-19` - `2022-05-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
click.advertnative.com R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.rfp.fout.jp DigiCert SHA2 Secure Server CA	`2021-06-20` - `2022-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
advertnative.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Frame ID: CF2C298C7054DCD1CCB8FB9CF71F624E
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: E2BFF1D39AF5DE957814D7EF7D644EFE
Requests: 1 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ADFF68FABDD434D0F38D801213213D5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1647035471&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647035471551&bpp=2&bdt=178&idt=288&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=320059503726&frm=20&pv=2&ga_vid=1927111635.1647035472&ga_sid=1647035472&ga_hid=732247263&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065567%2C31062931&oid=2&pvsid=3310887415951843&pem=201&tmod=1949855300&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299
Frame ID: 477005CE02AB0963B61B0DA0D191FCF0
Requests: 1 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 066D5D9C12D55964946938A6B914B32A
Requests: 15 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FD7830D545AE5B27652AC29746EEB44
Requests: 15 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9AA38B41E49E90577F2C29B6F3316B1
Requests: 9 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74E0D6CB3F420A7819A26CB463B7FDFB
Requests: 10 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9966411709B93A4E20D62DE93005F58E
Requests: 10 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBD4521BBC3BDECD63E78D73228F89FC
Requests: 14 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D94DB78A4D92E3E218CB7D0EBDCF3397
Requests: 8 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3ABEC332C14463F4D8A42B5AA83EF500
Requests: 9 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA58E847E09E7284ECC5CFA9348DFB00
Requests: 8 HTTP requests in this frame

Frame: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 90818D32A46268DDD4541C82E032896C
Requests: 13 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1647035472561678288932
Frame ID: C364398D3F458BC3DDA2E2269728C358
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html
Frame ID: 1065E93D179F415B095A178A64EAE7D4
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVUKd_YXAAfoA22s-fe_cZOmdT8EyQ&u=%7CatVqgFSvHDRDcGwKAzJz%2BDkPyLp9bP%2FacilyMkVdGTU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJeweAb1R2zHblRiT3nqWjEB-4tJksIXmAW5OTLa746p82NVa6TOUNbgPy6ZTOmdu6oV_Y7PpGeGDHj5pN0Y2ahvEK4WZh22AOE6n8iZJaPLpnOwJxqNcPq4CWYhGKfD2awVhxlutrfGa4chcT9n2MxRDEqA50hkNq1I-oHAFyEwXTnp4_s_SNtQGOxVPiuWG8_tmMVN_HlatupMSvpF9aXNSQ6zmEnJBeSsdMMFAPplaW0T-Oicszr8EZdXNTnV7RWPAFWR_1wocI5Z-dFYPylLlO2hcoOe6eeKyV9vdHDj0uU_fUi2ukewLHYRtPdR3PQXoI5f48qH2KNQam3fs5uLatEyisRid4PYuUeUnkStrYK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR8QT8QrYtXiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_QNlsKwhGtFjagipwiq1rMl1k8LuO8gPzgCoRocibQn4sbtFf8bFcTeQzvfhYcI99KW8ZW9ou1PsBuLf2k5QCG7iR_HvTUjLF1TvnxoqEDGIsrASOSQfpKC3HOgD4J9hQu88fCNbVCINrGaGc8o9BDXPZ_0X1tgKwxSsS4I2h_KK5al03XE1MefGByVGAsz1b8LauVZkn6Q7k1RjZP_QGuxzjZ6QAAqLYZXe1D9cFEQ8zrwVhUaRvAAhx5Cxa2pHEr2K54xKk81ZzaWLFVxg9muVbshlCvlDYZzSkFVWU1xnvfILh38LA-LnHYFIuYzfKAzcOwlJfd5MlP67J0shELa5_Q6Dx0JwPKhUnJNglM1qOKMjPTyv1q8XO-olEn7qgkNgheQsMlSzPyd2Msuvjl8x4Ay2fZPq5dj-0SHiUy4grswWHi7PpNYxpsID9mB_I1DePRZ2yGuFNCKUpKDOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VfTA8z1uH-adBDqIGdEjmhxdqKw%26client%3Dca-pub-5127716841867747%26adurl%3D
Frame ID: AB5F75B2321F01839B9A5BE72F573D8C
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVYKd_YXAAfoAxu5raE0lFfzJ9QFKA&u=%7CatVqgFSvHDSbFsKp0ODBejfHusPJBqHJzgfYRaVRXKI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl4wNY3zsDEngtW5efL54FfH9FJdOVuMPRAc8hs53JU9WNVSMfpN6krF8xbQ_G3JhebD87QxzFtSJLHi9nxdHrdxhyymg15gYWepXRIdux84c7-vW68Ck8YKBXRYfO9172sLv73n1lsxG1VQDNhPOxzjEM96I7npntrGhFIabFyToGlLyqvH2yW3gtkVkMbzhGz5U8V_Ovxhhe-UKe9BP15aSJbq-SVi5HR87WvRKtVJLgTKdBZC9OG07DrjQiF1CbbXAOIO4swToTVZOeB8OlNfsOXkKgiJWL6pvRFt_Rb7S1pKX93QqR5yy9liwBcn4cz5FD2nM4Us5Pmm_CPjwk0D4GQ8FJtMPW98kPfxnDY9Wt9zoSv4U3JBU-THaH70jce&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFqkJT8QrYtbiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTeAk_QB20E48TMgcaOE4-qdgAtZPQdn2OmEfJQx4ZjAY2ahgvoxfbGQmV82xJskme4Ac8AeJSUborJ7XTEdDddMP5nwb9EAUjJX-xeruu9irLrEYDKQO2IQl3IRhEhBrvJHpymfZoAI-uU9yi8nBYQT6lqn70MEjpkc3QjCweuTIdGOFYh3z5ucB8JHe7Z-N8K8tqAVkvAFewPXyMYJRccEN43ak6z58RqD7OuYpDmz3wCXBAdgATRTDRPy4YRrRfrki37j7wWkyZ8ScMn8insUG5NiXV2EYHgSI6p6-zdeLMOFSHMNdvV1C_NfmUF4UDyvEE_i387VqnXk-pUDEmH6cnx5BkzWPvhoP4hCUA0ww6u20dRCYReKM1kjyW2H4mNQ8gMU0wRb-zOYDETx5Dt_xss7beLZ_GMZb8o4OWKTTuaszQvEgTFxg2rqn1oZvJmVaelxhNM_W52GEzoF5mY4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3sbrKzXuLYU1BJlv5-YIavsrgT-A%26client%3Dca-pub-5127716841867747%26adurl%3D
Frame ID: 22185B5FAC091B1E8C0055306809AC56
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVgKd_YXAAfoAwe6vNW9yLTM3gXvrA&u=%7CatVqgFSvHDRbT8jrAgUX7cmHc8II4MZg8SqcecOtNjA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJewT4l4AQkI39Ousol5PVutr0GdLJNhdQ5Qt-e_AxCoRyABr1QXirQEO6Ce_L9fRj_RHYXWs3KKRGOHsmVSj78EWqGC7TLrfSkLtJG7n3QuTKsxMRYlGPY5KIZYuc4oJrKAL5n0R48fDE2gXdjaMNiEQ_D79Ckgjgyxph7mOPu0HK5Z0fyz-RJae0c3OY0dp3fFgYwg6otBLQev3UzPYtTGiBM2lbs_h_X26nvZC-jqeOO4RcIyUn7ZJiMUxQVFAeMle1rAHFhAnKF1KkOzzs5fo6Z75ue1JqBBRVMXBXnkYCSpAvw7BFIXvo-3-7duWvpTj7b87aE0domqjEQ0iy0H_jH8c_9g6kl_ESBShGh-Ch3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH_HET8QrYtjiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_Qr5kaSNFeTmUAmfxamozTV__WLnkSawTnsD7jVqICGSVWLdtR1A-tZwHXpbHXf63jwXQjztvBDlWesO395nytOXc2dmmwLHkwbJukKS_emSv7kJ_NmcZUWaUW4LojEge3nukfBNPYaatMTLs4Neubdg8E6fttZz7_-VwUzPufPHdjfMS5MTE78etPCSLKQzQ4bMecIL9HpZP5aRnxWq3BCjXJxEN2f1kQ-4czGWtNC-OyAfw-S3eqKXInrzFzWx16aGJ8RBnBPkd3OxtZvP_c7d22OTscqy81WmsAlB3BUWfL43SztKM6zCYg0RvcITVXwN7kZhPnPkC8uR42m0uw3vn53cWORj5f6Brf7g3L_dgm_F8rqwqUe6OPGF87WBC7WYaIFRORalVSvZLb4NSrtvm5MH2JPfoIAfjnKlBphy750nxq1VdnGRhHNgJe5sfcN6BF81bd3QEpOt6vcOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13KyJD30azd57btt08sxZI0XDqrQ%26client%3Dca-pub-5127716841867747%26adurl%3D
Frame ID: C871D79699FC3803CFDD5E3DC037EA9C
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVkKd_YXAAfoA_EArZ0EfEY2KotLww&u=%7CatVqgFSvHDTI43q5%2B75cWN0JuV6QcyQswlJHgucVLMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl41xPG0QE7tErjAATjX_jeGuqNPLeFOuXww2aWdZMsHblkDjQauJoYNOSvxm9IOsjRQLyU3Jay_QSZM1shhFr4HCdRrc9GAH9vjnFnPK4RwjlTPoXbhOLt9Jt6w8YnsxitN0xYEv3WenLC3spI5PxYvugjN1lTfNeamx5xM7GsjcckBkJZisE9QhmJ8EchP1HsDG-KlFiLdgCV5mOFrpWVuPbpElS8zmS8EigulcT1Dgf14ef_-Qjpmnsq69N5X4HYihhl9_RLMUUdXRVe39BrPfE1sUFB9bh5GKQ75CeYwv6i0HEzBO8EhmmDa5R9UrfkXGJLsqEfVvi4pij7uBXMe1-CfHd_Y4CoKmDZgrWd1-2i7zXAQkhcUj8_1q5BIf64&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8iB7T8QrYtniLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgToAk_QTXUR1pj7P2x__A5_liunrVcBSbp5Fr4Wj7pTSDNdjhTsmJ49yEBIs0rA1BXN3pM6vVLSZl7U9b9LMaoO96Y7ZJhpmZFRzRbaiKIA6NS76W2fukilxmxw4R1cr--VfnK_8VHZu-2BS2hdd5Hx0t6-fkaA7mG77FcqvKbRuLlOCvBZtwhhnIsgKNvUbZa59R_1dLnxqjJOsO8LaNg_ZRxBzO8ayVoEzSq8e0rV7FrGety9oBEkTgSAYEhQ6CAwwZyWx3SszsFzXK0XkpPAt8uDJdtoJOuj_4nRUYMGh8XBVxXq-Z7hsihFIzcgkGAcB46QbcKntY7VOEJNMfveNbrd8d0ob1IbAogF7FKG5GCtzFepiJkfCL7DSNAfwY3QrnKpVSzZkWHe_OsLzPtUTFSeIHztzCAGE4D-z3TNY1lXREcOnbxiMW0PQhgYcz1CTAmLkt57rStLHXqcnX25g8sPAcanmT9RXeAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1diEBA0kX8665VyM8DY5KXPBPzHw%26client%3Dca-pub-5127716841867747%26adurl%3D
Frame ID: CBAC13105C465CE104AF0AE7FBAD6AD2
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html
Frame ID: 4A18E54EDECCDBD1FBB2B448F4E399CA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 01CB87DC17E1E03D5C495BAFF03349F6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6EBE6770D16A6034D907AA2A94B7A102
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: FFA67FB1FE3E0FD7896E09A6DFACFDF8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: 379C465CF13AEC4A86019F1AE7EBD32C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2AB7A585C3D9E5E3EA7719481550401C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: 248D84FCC6F43ECF64F01ECB04622BCD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: DB153D471B26815981C7208B8ABF18FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Indonesian Influencer Indra Kenz Officially Detained for Binomo Fraud Case - Jakarta Daily

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

290
Requests

98 %
HTTPS

61 %
IPv6

19
Domains

39
Subdomains

34
IPs

7
Countries

3401 kB
Transfer

7312 kB
Size

36
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/JakartaDailyFB

Search URL Search Domain Scan URL

URL: https://twitter.com/jakartadaily_id

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jakartadaily_id/

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Search URL Search Domain Scan URL

URL: https://advertnative.com/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.jakartadaily.id&utm_medium=referral&utm_campaign=widgets&utm_content=1212591

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739835/i/57545575/0/pp/1/1?h=e1rkbluESR8EManp0uBchALHVeGW0Gy3MEg81q5M-uSSUmYC4HpR-BB0_VxQO6Ac&rid=5e1d830c-a185-11ec-804b-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739875/i/57545575/0/pp/2/1?h=e1rkbluESR8EManp0uBchH4iZeKR8SFegx7Ik8reT3LCiaSa17Nb_-cESLtV66tN&rid=5e1d830c-a185-11ec-804b-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739857/i/57545575/0/pp/3/1?h=e1rkbluESR8EManp0uBchLorDOEZyRTTUL0hhGKkU1eQNcQa5wCJ73hT3sCv5kju&rid=5e1d830c-a185-11ec-804b-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11739864/i/57545575/0/pp/4/1?h=e1rkbluESR8EManp0uBchMHCn-7iyxTelUaW8WJfjFJVzgIQM1USABy68ltznv3L&rid=5e1d830c-a185-11ec-804b-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://www.promediateknologi.com/
Title: ProMedia Teknologi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 191

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 193

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 195

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 266

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 278

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 288

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

290 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case Show response
www.jakartadaily.id/lifestyle/pr-1622767320/ 72 KB
11 KB 895ms
865ms Document
text/html 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

nginx / PHP/7.3.31

Resource Hash

df704fb6d7071326232c9b23e97f4bac7747a1c37c7749d0a925ccfc0ef2a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 11 Mar 2022 21:51:11 GMT
server: nginx
x-powered-by: PHP/7.3.31
cache-control: no-cache, private
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: VhvlYVNB2Zn2Af8kFjYu3r-6PF7DqkiUA-2MTp4LDu3mF-H_VhSv4w==

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57bbaf73a7225679e0ad7cd598c788c5531e070de1ab4411cea5898e448017af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 21:35:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 style.min.css
assets.promediateknologi.com/promedia/en-news/desktop/css/ 60 KB
14 KB 47ms
23ms Stylesheet
text/css 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/css/style.min.css?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0df032d58291a1bae4451d9bea4d904d6f16d7cc9e14b6b6e25e9507f5098447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:23:03 GMT
content-encoding: gzip
age: 48488
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 02:52:14 GMT
server: nginx
etag: W/"bee6419284c4e40285598025aff2f6f8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: pziALb.X51.OXjcDURsVthCihpJx7bte
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: text/css
x-amz-cf-id: xze8l059t0xGutDETVzaa5z26UORJd7b-PVbRzNYWRu8SAWOhOjZdg==
expires: Sat, 11 Mar 2023 08:23:03 GMT

GET
H2 200 custom.min.css
assets.promediateknologi.com/promedia/network/162/desktop/css/ 7 KB
2 KB 47ms
24ms Stylesheet
text/css 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/network/162/desktop/css/custom.min.css?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5800d9df874a9bd5f39924a5c0eda6053b20c0940d9b01328ca04328f7d2a130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:48 GMT
content-encoding: gzip
age: 26963
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 02 Nov 2021 05:44:44 GMT
server: nginx
etag: W/"8ad74fe942325c91314a16e9834853d0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: NGVIBPUNY6tvPhrYA9WfpGEiuZH3dAl2
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: text/css
x-amz-cf-id: 7G6y6XJR-VpBuZc4UWPO700vjFeTkFIErAJ7GAEfHK__s-lQ7wNRJA==
expires: Sat, 11 Mar 2023 14:21:48 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 95 KB
34 KB 41ms
17ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/jquery-1.12.0.min.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:48 GMT
content-encoding: gzip
age: 26963
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:33 GMT
server: nginx
etag: W/"b2f71c943f2f14613bc100fc3ec59db2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: iJfEHFMBMMQmM4toPGejhqZJRBmgSacF
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: afaeD9FXyJNXUFUhcld3iqq6ux3w5lbBHDjJUFIU1RlGYa-MxVDYBQ==
expires: Sat, 11 Mar 2023 14:21:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee95844d1142db0076b04a802dd0784aa3243704b2ca5f22d7b5f9fd6e643042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27718
x-xss-protection: 0
server: sffe
etag: "1156 / 815 of 1000 / last-modified: 1647000461"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 59ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

977257b795b7ddf199f35302823f3ec50279cc9d0a7f525f804af3c62f9827f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jakartadaily.id/
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54762
x-xss-protection: 0
server: cafe
etag: 9851948167417621418
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 logo.jpg
assets.promediateknologi.com/promedia/network/162/desktop/images/ 17 KB
17 KB 18ms
11ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/promedia/network/162/desktop/images/logo.jpg?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 45fea3d07ac063218ccba9f040db167bf979a8b4cb097e287d4c1b229794da7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:23:04 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 48487
x-cache: Hit from cloudfront
content-length: 17368
last-modified: Thu, 25 Nov 2021 10:10:30 GMT
server: nginx
etag: "d60d105359371072142c486e4f8b43d0"
access-control-allow-methods: GET, OPTION
x-amz-version-id: hHdLjTvov4iZWJzrbJI1BN2TcJeBWYYi
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: XJCLym0XWf2VD8D9YeAGR7-WdX-ViWO4KvjNCjtWibVes6PXZPMWdQ==
expires: Sat, 11 Mar 2023 08:23:04 GMT

GET
H2 200 3572550353.jpg
assets.promediateknologi.com/crop/0x0:0x0/x/photo/2022/02/17/ 72 KB
73 KB 1235ms
1228ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/x/photo/2022/02/17/3572550353.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 43a18abd021bbfa07c6eaabda2779b46a7ebc64abce60bde1ef84ba673586eb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "eac5c47c9bf93d8f72518eb111178726ecd30c6b"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 73955
x-amz-cf-id: i05J_089inJWxu1j23W18ZdHCTkI6wIvjhne3IqhFo6fyHwA41SMNA==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 / Show response
click.advertnative.com/loading/ 4 KB
5 KB 549ms
205ms Script
application/javascript 139.99.126.163
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://click.advertnative.com/loading/?handle=11967

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.99.126.163 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

tinong247.vn

Software

nginx/1.18.0 / PHP/7.2.24

Resource Hash

80e36e33159acbfada1e6c674d92f93e1d74ca920e610e1a18ef142727dae8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.2.24
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 jakartadaily.id.1212591.js Show response
jsc.mgid.com/j/a/ 2 KB
1 KB 53ms
21ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.js
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a8517fc3c6d5644cdeab2b6bc74d1189d5dd81c66a4726b500a52a144c83cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4650
last-modified: Thu, 03 Mar 2022 14:03:42 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PNM6DFZ6Z3VKPN58
x-amz-id-2: 570/o0WH43b/2i2djxgbrnS5ICNHex06+LoQU4ctAAFxgtHJPCHOj6hcRbYFRSKYJGXDA97WoEw=
cf-bgj: minify
server: cloudflare
etag: W/"bce13ff2ad504996c0d68ef6a96839ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ea78290dac19b37-FRA
expires: Sat, 12 Mar 2022 00:51:11 GMT

GET
H2 200 877109932.jpeg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/09/ 4 KB
4 KB 952ms
945ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/09/877109932.jpeg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 172882d5a20c196baf58b880cc6b5738b3ab6873c6d9cc40c1aed133387add35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "2ab1a395488c9aaa96b94e8f7b5bf088fa47fea9"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4030
x-amz-cf-id: sGFV_fmMHmLmI8LbrmoEJ3pcbVJPpYvCl2THhRL9jEISrimnmHzUhg==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 939328552.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/07/ 6 KB
6 KB 6424ms
6417ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/07/939328552.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 241c01dfc1093b17ed1917cf7dd3467d71d05c78fd25395a080c9ed61235f10d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:17 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "da6511f369553f79a9f71334b99870632f54077d"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 5687
x-amz-cf-id: Z3Xu3evTcpSp4IKhKUxvSwgDxs_YMy94-4T1IrB2cFs7Gln0vdVwOg==
expires: Sat, 11 Mar 2023 21:51:17 GMT

GET
H2 200 4135211341.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/04/ 4 KB
4 KB 6240ms
6233ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/04/4135211341.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 15c7fc754bf6e848a2f3ef252b7e8028396ce83576bebaf577567ffdaecf79be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:17 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "db27c4681f55926d4171ca3c3d49109217413a15"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3780
x-amz-cf-id: HXcqihvuh2-P8bVbY566mGyOQLAbeZT05aCXeFn1QjDu3zmMtr7q4A==
expires: Sat, 11 Mar 2023 21:51:17 GMT

GET
H2 200 939638675.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/03/ 4 KB
4 KB 1643ms
1637ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/03/939638675.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3dd82cc65f43c6486b5addb55a6f78be56e93c44423a88fa8de9372f5e7714b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "398e2e6bedb6dc27fe3a808dfb28d056def44856"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3598
x-amz-cf-id: V1Nkza8oqLTCxRw1XCZSi-ehYphUKxnTZ7Zs1czvDlUc6fFBmzN4cA==
expires: Sat, 11 Mar 2023 21:51:13 GMT

GET
H2 200 3205438028.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/01/ 3 KB
3 KB 869ms
862ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/03/01/3205438028.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 33a2bc5bcb6704606e1369c473fafc072c6d8875278955bb4a847553f1eca306

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "ee3d4a97c2eeb1e825928913c16df9389043c40b"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3162
x-amz-cf-id: CsGfAp0j1KERhypllV48pmjVIv0JahOyLgtBJbVdYXUigAK0OGm8HA==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 3572550353.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/ 4 KB
4 KB 952ms
946ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/3572550353.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 101e7099d24cd8231adec207260393eb4d49c92ac92dea66260002a5e8882107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "44dfd8166b041de6ae558b699661242c77462a06"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3903
x-amz-cf-id: oZ649_8Ih3e0r2eMgJWpBIosCzrFbA4et802duOwTv0jM63bsfMF2w==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 2065333471.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/28/ 4 KB
4 KB 1234ms
1228ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/28/2065333471.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4dbe09ec6efde29125d423af71847b0d9560025aeb3c81d02131641d63cf1a26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "f723502f223ff17c48f7c3e5fbdf0393e8107015"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3781
x-amz-cf-id: YQuSLZr94eeHZ7QM_xcFdIK3TW-bKTb9dhIjRJ_6ExGvNjLoDFf_-g==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 1728874669.jpeg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/22/ 3 KB
4 KB 977ms
971ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/22/1728874669.jpeg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e76d31525f3b16f946d3f0188e62b5e97da4b6f06569616fe502d47bfee75e44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "5c65f9131553ffda8add843953fd2524bd653879"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3562
x-amz-cf-id: SM4E87FLM-APHnKX_QQwC_CoNWa4ux3mfuYOW2Ll-Khb3vM6yfOrbw==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 528327392.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/21/ 4 KB
4 KB 989ms
984ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/21/528327392.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c658f20651c3a6a332b13ef3a91abbb6bbbaa1926236a6591ca701f986eb3505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "826233f45d6055b0d6b6c4543b06c23e0508c82d"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4100
x-amz-cf-id: 4W_hjCAuleTqSMPSToNp0xlycSEi8zhcVgAWHEK7lMwt5DL_KkbjZg==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 323714562.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 4 KB
4 KB 897ms
891ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/323714562.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 184d7b69a4ae85335f5d821663de528937724fbf1be05c414d3c7b0ff81e9eee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "def2c98417c0eaf2f6f97539363396cd29e62748"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4002
x-amz-cf-id: 4umQjcXULmjplaafTl6Tbt2hbvCEewm9ab0ai7OvPCxtSr_Lv6YY1w==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 1700430050.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/ 5 KB
5 KB 1048ms
1042ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/1700430050.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5a62250ead86dfaf0b8bc63b79aae8933ce6ed88c781ff1aab3c7b100045df9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "07039772de63f54be3fa4f1be3549ef7613a9a34"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4617
x-amz-cf-id: Lc9RseKnDREtJ2yf2VLpstUGX3ZhC-p9hnl2Pl7yafKY5-5zA5sNUA==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 365983766.jpeg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 4 KB
4 KB 956ms
951ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/365983766.jpeg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2d65ac4cc00c6155f10471dec6dca0cde27e4c1993188d79e5df79a04e1840f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "cb50db909101a3320b8031f554d1d16cd91d804e"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4007
x-amz-cf-id: Mlmz72pa9IYIEyzy5nz4eI3rIlPxI8MJLDWut_RH1VXuDCTPEiy3FA==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 3099631320.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/ 3 KB
3 KB 866ms
861ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/17/3099631320.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3df788c46c6342c3384392c52837e0ab6a6850e4d1bb1ecdc569ae4a293821fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "c8e8a8667d99b48f710ec743e8ef4bc473cf83e5"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3072
x-amz-cf-id: 5QqwpcQPdhp7hWkLUUrkB39MEPid5bY3HxuSAKa7CcFQekfJLmPqBA==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 4111863152.png
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 23 KB
23 KB 1981ms
1975ms Image
image/png 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/4111863152.png
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e62de225ff3660330f60d604129ca5b27c3cf127da21b3676593befe7b0e0e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "0a535306bafae1ac1bebdec76b45ae162c523878"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 23287
x-amz-cf-id: StapofqGvXvXkxQ2B1U41p1q6uklVkn02dJLXe1t5yMExeg4JqSyaw==
expires: Sat, 11 Mar 2023 21:51:13 GMT

GET
H2 200 1053663844.jpeg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 4 KB
4 KB 962ms
957ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/1053663844.jpeg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ce705e1084a274b55ab1d612972fca089b15d4f653e29c1d26a7002be54ab3c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "2c852ccb915a249f2c4f283f51af1e295b5ea171"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3864
x-amz-cf-id: Wk65MjKDd7ePXmyh3O8e_kosXCHiA7VL_ZlEo3DQbwOqeR8SKu-hrg==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET 1084431991.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 0
0

GET
H2 200 3529110768.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/ 4 KB
4 KB 2294ms
2289ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/3529110768.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 65786836c3f8e2948f0071123afe0e6504e3014a3a02b20014133c232f6301cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "d5039789ecbe610e42e1b4079ca8d019f71a6ece"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 3997
x-amz-cf-id: IfxwPBk6MKN0KY_BNq72x7eGp1np1kCo5_nw2TBx4fGO6CJ8bJaZiQ==
expires: Sat, 11 Mar 2023 21:51:13 GMT

GET
H2 200 4003268986.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/14/ 7 KB
7 KB 919ms
914ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/14/4003268986.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 783643f063d31a55f7333f09e8689532393e30862d54587592bf83e493cc2fe5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "42adc37bdbba8917373fe93241b8ae111b1651fb"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 7212
x-amz-cf-id: jgv72msoU6Xo3N2mR4biIQdHicauPC9FshdlackdxQ_gkUdIYkPETw==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 3075165815.jpg
assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/14/ 4 KB
4 KB 961ms
957ms Image
image/jpeg 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/14/3075165815.jpg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b45d42d9c5907d3f8257c6c9dbfb93738efaafaea53281e14d4f53383d9fb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
etag: "987460c719f025d2265bc3330b03f4831bcd0967"
x-cache-status: MISS
access-control-allow-methods: GET, OPTION
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 4133
x-amz-cf-id: Si0xKS7n3OUXOyJ8heyh-xdB4s8QYyipKMZ05pnd_HRunG9OjxMeDw==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 logo.png
assets.promediateknologi.com/promedia/network/162/desktop/images/ 38 KB
38 KB 21ms
17ms Image
image/png 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.com/promedia/network/162/desktop/images/logo.png?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1018ad022ebd3bbd31a9ea049c1f683346d3353792ba123fa1a7d2abbb0788ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 08:23:11 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
age: 48479
x-cache: Hit from cloudfront
content-length: 38504
last-modified: Mon, 13 Sep 2021 14:47:53 GMT
server: nginx
etag: "d64287316648d4dab20564767f062e1f"
access-control-allow-methods: GET, OPTION
x-amz-version-id: f3BdC8vhbwOiNLEtoyNGMDNZToHD2qVj
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: RRzDXGBrj8mn39NtlF2F7ZA71hWsqr95ySpiKu4-M5dvWdpSwgJo6w==
expires: Sat, 11 Mar 2023 08:23:11 GMT

GET
H2 200 slick.min.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 40 KB
10 KB 17ms
16ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/slick.min.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:48 GMT
content-encoding: gzip
age: 26963
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:32 GMT
server: nginx
etag: W/"72d9511c2715d0da989e1f5bfe886532"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: .LiVPxN8a.HIQ7QHZPtl2G7CWz1KuuE5
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: 2D5d35I5dQUQDkUjf8IC6HuX1rZzaN_QlB2fFfsMgqc4a4wCJ5SqTg==
expires: Sat, 11 Mar 2023 14:21:48 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/jquery.sticky-kit.min.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:48 GMT
content-encoding: gzip
age: 26963
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:33 GMT
server: nginx
etag: W/"d61a7b888967697179c82adc5e7fc18d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: mLoOYyiy.hpcA4H72VWXgrZGNnweuEkj
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: X6jlvd6NA25LC_V3VUcWNy40772rWrUUEsy5RxVZpeXAUgHNPiwPmA==
expires: Sat, 11 Mar 2023 14:21:48 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 20 KB
8 KB 12ms
6ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/jquery.magnific-popup.min.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:49 GMT
content-encoding: gzip
age: 26962
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:33 GMT
server: nginx
etag: W/"ba6cf724c8bb1cf5b084e79ff230626e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: 1pyC9tCqYspQkI_Zp8Hrv83O8mtJfReN
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: i_wyRjOl6vObs7KEMwILyAoksv-_0-tEp0qB8RHfjB28JbwQALMRlQ==
expires: Sat, 11 Mar 2023 14:21:49 GMT

GET
H2 200 jquery.marquee.min.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 5 KB
2 KB 674ms
667ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/jquery.marquee.min.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:33 GMT
server: nginx
etag: W/"14c4877ae18b2930b3cbd1bf9ad4dff6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: DyWAwdYkmut_KswbK7NGNu7lngnvMEy3
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
content-type: application/x-javascript
x-amz-cf-id: hZNhgt5YlmsWfWggwk27SPnvT06dJOKyNAAWtgSrnonBby7041-mxw==
expires: Sat, 11 Mar 2023 21:51:12 GMT

GET
H2 200 main.js Show response
assets.promediateknologi.com/promedia/en-news/desktop/js/ 4 KB
2 KB 19ms
12ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/main.js?v=192
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c38cc327ff4aa4487c7a7c1d003067f1452ba73d881d7914bbe366d7e016f568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:21:49 GMT
content-encoding: gzip
age: 26962
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 19 Sep 2021 15:25:32 GMT
server: nginx
etag: W/"bcb00b96ed56205afa50e344b866d35a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: K59K5EM89iE9SqX1Zlcb1VXLUDs0zc2b
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: o_scGVAIRwLEQVJZCIDwN10Vxd4JR6PpXgyGPEYmxGkybBWoEvSJdg==
expires: Sat, 11 Mar 2023 14:21:49 GMT

GET
H2 403 share.js
assets.promediateknologi.com/promedia/en-news/desktop/js/ 0
0 700ms
693ms Script
application/xml 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/share.js
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rfp-infeed.js Show response
js.rfp.fout.jp/ 63 KB
16 KB 110ms
25ms Script
application/javascript 2a02:26f0:6c00:2b4::7ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.rfp.fout.jp/rfp-infeed.js
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b4::7ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c7b314bede193e724fbaddea45d80bdd780ce70251905b7c5fb3f745567c4d87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsejHNs1YNTorr6jW4P2FLsdlgRaDUDOcbd-Yf5MT8TgEfkGr05H4uZ-6rxV2T7e50j7RgDBoNGrVjuox_O4fY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 15604
last-modified: Mon, 14 Feb 2022 04:44:46 GMT
server: UploadServer
etag: "709c17ae39876f1e8e8e7dcffcee5eff"
vary: Accept-Encoding
x-goog-hash: crc32c=nywM2g==, md5=cJwXrjmHbx6Ojn3P/O5e/w==
x-goog-generation: 1644813886776747
cache-control: public, max-age=1800
x-goog-stored-content-length: 15604
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 11 Mar 2022 22:21:11 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.5.0/ 11 KB
4 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-app.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3944
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Wed, 08 Mar 2023 14:18:15 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.5.0/ 31 KB
9 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.5.0/firebase-messaging.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 23:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 21:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 23:11:07 GMT

GET
H2 200 app.js Show response
assets.promediateknologi.com/promedia/sw/ 3 KB
1 KB 16ms
8ms Script
application/x-javascript 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/sw/app.js?pro=5
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ce246b13a7f316521adad2d9a6af151a26d5d8ba56628b82b6afcb44ae4b2cc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:23:47 GMT
content-encoding: gzip
age: 134844
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 24 Aug 2021 18:40:56 GMT
server: nginx
etag: W/"c5e56d09be700d78a72317816b93fcec"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
x-amz-version-id: oV.zEuGDAhQiFo11PQ50NYA0eifmyoZv
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: IFUpXMDPDb8JTvwH8rH5c92uKLcvzVKA66mXpaRQYSOKH9RgUBgIgQ==
expires: Fri, 10 Mar 2023 08:23:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 43ms
17ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-207405423-45

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58dac5fa8f9190cb483ae7c411bea3fce68d6bd24d2a7a204561e0d6e15f045b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36951
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
40 KB 87ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9DW766

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82a47360f1cbacadbf98e8a5b2355eabc9f44ab440d82fc8966b36324510846c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41009
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 icomoon.ttf
assets.promediateknologi.com/promedia/en-news/desktop/fonts/ 7 KB
7 KB 26ms
10ms Font
application/octet-stream 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/fonts/icomoon.ttf?i7fsrr
Requested by: Host: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/promedia/en-news/desktop/css/style.min.css?v=192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0

Request headers

Referer: https://assets.promediateknologi.com/promedia/en-news/desktop/css/style.min.css?v=192
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:07 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
age: 114364
x-cache: Hit from cloudfront
content-length: 6712
last-modified: Sun, 19 Sep 2021 15:25:24 GMT
server: nginx
etag: "1ea1b32003df3f4a5a29843b3ec0ae1a"
access-control-allow-methods: GET, OPTION
x-amz-version-id: imjed8ieulhUgeTZLxggwQDkrxpYOvpT
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: kvdbJObyTnq7T3xEEY_4skmIFULyuXLln1Ox5UAgJDxhE6mzTnnJ7Q==
expires: Fri, 10 Mar 2023 14:05:07 GMT

GET
H2 200 icons.ttf
assets.promediateknologi.com/promedia/en-news/desktop/fonts/icons/ 11 KB
12 KB 35ms
20ms Font
application/octet-stream 108.138.7.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.promediateknologi.com/promedia/en-news/desktop/fonts/icons/icons.ttf?jemrcm
Requested by: Host: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/promedia/en-news/desktop/css/style.min.css?v=192
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-54.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21

Request headers

Referer: https://assets.promediateknologi.com/promedia/en-news/desktop/css/style.min.css?v=192
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 14:05:07 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
age: 114364
x-cache: Hit from cloudfront
content-length: 11480
last-modified: Sun, 19 Sep 2021 15:25:24 GMT
server: nginx
etag: "1d8d949452407d5b53666cedb753c381"
access-control-allow-methods: GET, OPTION
x-amz-version-id: JLxAUWhv2WbtbK0Nt1BFKHaO.UKjGIHQ
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: l4WlkppJCPOMjc5VJpTv0p2X1ayRyVWfWU9vPZ-DQXadbzBF4VRzYA==
expires: Fri, 10 Mar 2023 14:05:07 GMT

GET
H/1.1 200
OK jakartadaily_id.js Show response
api.popin.cc/searchbox/ 174 KB
40 KB 1254ms
500ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/jakartadaily_id.js
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 486cc27a1c91b138c3fc2179fbfc87cb4a3736a4c075a605869c7c7b67db2cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 21:51:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Mar 2022 08:00:51 GMT
Server: nginx
ETag: W/"7908b6ac58a338ab0ec4f6452fb9f698"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: ALMp8QU_lncKE2pHzjUDtD6aWuUjVMwP
Expires: Fri, 11 Mar 2022 22:51:12 GMT

GET
H2 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
121 KB 40ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 13:33:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 125 B
736 B 53ms
30ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jakartadaily.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

42b06f7d0d47dd13f3b3143098f7b51b4397461ae7ad4c78effa3ba9d8c53011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 jakartadaily.id.1212591.es6.js Show response
jsc.mgid.com/j/a/ 242 KB
71 KB 27ms
27ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debd606134571219c6a7d017dc6da9ba6336bbfb21823ea0b14d1718a0a5e43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 4649
last-modified: Thu, 03 Mar 2022 14:03:42 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZM4NRN1HVJXFC0V0
x-amz-id-2: pA1RfM9Opa61IrnLrT5fnK5BNo+yIKxYMATSCQ/HyDrOQZrr3PoruK+DWQFvaArZ3AvjOscjWks=
cf-bgj: minify
server: cloudflare
etag: W/"e9c42976bd0d9e7431c0745a430facf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6ea782911b529b37-FRA
expires: Sat, 12 Mar 2022 00:51:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/ 294 KB
106 KB 62ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8400307307701650&plah=www.jakartadaily.id&bust=31065567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b2768ec59412bbaf92b5ce4405dff00a4e08af74a4226ff5d930d5816d48310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108462
x-xss-protection: 0
server: cafe
etag: 546510563897486632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 21:51:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame E2BF 10 KB
5 KB 39ms
9ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8400307307701650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 10 Mar 2022 23:41:54 GMT
expires: Thu, 24 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 79757
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9DW766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6379
date: Fri, 11 Mar 2022 20:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Mar 2022 22:04:52 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 24ms
6ms Script
application/javascript 108.138.17.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 07:54:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 568625
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: 758w8UzZZWwRsAgfrHOW-W922rgYJ9HHKSLw89MARwWNjbI1sBgYvw==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 56ms
24ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jakartadaily.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 748 KB
143 KB 718ms
699ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3310887415951843&correlator=1709612126123311&eid=31060439%2C31065604%2C31062931&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&sc=1&iu_parts=5197741%2Cpromedia%2Cjakartadaily-desktop&enc_prev_ius=%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F%2C%2F0%2F1%2F2%2F&prev_iu_szs=970x250%2C300x600%2C160x600%7C120x600%2C120x600%7C160x600%2C970x90%2C1x1%7C336x280%2C120x600%7C160x600%2C300x250%2C320x50%7C1x1%7C300x250%7C336x280%7C336x420%2C320x50%7C1x1%7C300x250%7C336x280%7C336x420%2C468x60%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2C0&ifi=2&adks=4047974359%2C1590741703%2C81895508%2C3069493291%2C523465871%2C4292163228%2C589246700%2C1263673963%2C1078559909%2C4025689408%2C591077246&sfv=1-0-38&ecs=20220311&fsapi=false&prev_scp=promedia%3DdesktopTopDetail%7Cpromedia%3DdesktopGiantDetail%7Cpromedia%3DdesktopSkinAdsLeftDetail%7Cpromedia%3DdesktopSkinAdsRightDetail%7Cpromedia%3DdesktopBottomFrameDetail%7Cpromedia%3DdesktopInArticle%7Cpromedia%3DdesktopSkycrapper%7Cpromedia%3DdesktopRB1Detail%7Cpromedia%3DdesktopRB2Detail%7Cpromedia%3DdesktopRB3Detail%7Cpromedia%3DdesktopUnderImage&cookie_enabled=1&abxe=1&dt=1647035471659&lmt=1647035471&dlt=1647035471374&idt=257&biw=1600&bih=1200&oid=2&adxs=265%2C1035%2C90%2C1350%2C250%2C265%2C783%2C1035%2C-9%2C265%2C265&adys=139%2C170%2C119%2C119%2C1110%2C1045%2C525%2C1211%2C-9%2C2135%2C525&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&frm=20&vis=1&scr_x=0&scr_y=0&psz=1070x0%7C300x0%7C160x-1%7C120x-1%7C1100x-1%7C518x0%7C222x0%7C300x0%7C0x-1%7C518x0%7C740x0&msz=1070x0%7C300x0%7C160x-1%7C120x-1%7C1100x-1%7C518x0%7C222x0%7C300x0%7C0x-1%7C518x0%7C740x0&fws=0%2C0%2C512%2C512%2C512%2C0%2C0%2C0%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1927111635.1647035472&ga_sid=1647035472&ga_hid=732247263&ga_fc=false&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C-1%7C2%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e5f348c6629908a514ee54c3f6e08d6b2ddc8d683f9ec2bdcb91688a718cf7f2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/7534980988070739056/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16029609926136477954/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/7534980988070739056/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTG56GFv_YCFRf2dwodA-gHcQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16029609926136477954/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146045
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADFF 6 KB
4 KB 60ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 44ms
11ms Image
image/gif 108.157.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&time=1647035471677&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&random_number=724943007&sess_cookie=63ad866817f7af6d73d1e9bcde9&sess_cookie_flag=1&user_cookie=63ad866817f7af6d73d1e9bcde9&user_cookie_flag=1&dynamic=true&domain=jabarnews.com&account=WUrPv1MFx820uT&jsv=20130128&user_lang=en-US
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 03:49:47 GMT
Via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 64885
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-P2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: DMhk6jgTfa2RHinnhateBjY0p5w_GRWFkfxJeupSS9lW8ZSsdnZV8w==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 493ms
162ms Image
text/plain 2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
server: Server

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
17ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1997891758&gjid=67620&cid=1927111635.1647035472&tid=UA-195466154-23&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1326586520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
19ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=465179177&gjid=142281331&cid=1927111635.1647035472&tid=UA-195466154-34&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1265156274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
20ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1562208754&gjid=1624827317&cid=1927111635.1647035472&tid=UA-195466154-39&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=184408168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
18ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=357552781&gjid=1308499700&cid=1927111635.1647035472&tid=UA-195466154-56&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1372685249

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 19ms
18ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1722182261&gjid=1931608341&cid=1927111635.1647035472&tid=UA-207405423-1&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1486683387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1634416835&gjid=862043985&cid=1927111635.1647035472&tid=UA-207405423-2&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1962864671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=552782131&gjid=961864058&cid=1927111635.1647035472&tid=UA-207405423-3&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1312092238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=628795440&gjid=519608804&cid=1927111635.1647035472&tid=UA-207405423-4&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1468018978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=789984742&gjid=1160776828&cid=1927111635.1647035472&tid=UA-207405423-5&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1358937055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1315316463&gjid=1189966117&cid=1927111635.1647035472&tid=UA-207405423-6&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1048821896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1248096417&gjid=124189926&cid=1927111635.1647035472&tid=UA-207405423-7&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=2120648536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=634680259&gjid=89395978&cid=1927111635.1647035472&tid=UA-207405423-8&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=783605663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1816422861&gjid=51367720&cid=1927111635.1647035472&tid=UA-207405423-9&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=791100824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=587657185&gjid=591201460&cid=1927111635.1647035472&tid=UA-207405423-10&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1794158556

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1253940723&gjid=1475813053&cid=1927111635.1647035472&tid=UA-207405423-11&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=846080718

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1897543970&gjid=480893918&cid=1927111635.1647035472&tid=UA-207405423-12&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=199003406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1667742968&gjid=1865699056&cid=1927111635.1647035472&tid=UA-207405423-13&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=290797582

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=2015734500&gjid=913575135&cid=1927111635.1647035472&tid=UA-207405423-14&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1479894675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=456664165&gjid=2134286070&cid=1927111635.1647035472&tid=UA-207405423-15&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1856197928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=181314672&gjid=1177636340&cid=1927111635.1647035472&tid=UA-207405423-45&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=5114482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1891462172&gjid=413316415&cid=1927111635.1647035472&tid=UA-207405423-57&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=799750157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1909646226&gjid=1951933162&cid=1927111635.1647035472&tid=UA-207405423-82&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1726924162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=780658049&gjid=1188641672&cid=1927111635.1647035472&tid=UA-207405423-93&_gid=1718961336.1647035472&_r=1&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=1184548481

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=1927111635.1647035472&tid=UA-195466154-56&_gid=1718961336.1647035472&gtm=2wg370M9DW766&cd2=2022-03-01%2009%3A14%3A39&cd3=&cd4=&cd5=Indra%20Kenz%2C%20Binomo&cd6=2767320&cd7=Djauhari%20Effendi&cd8=Djauhari%20Effendi&cd9=6673&cd10=6673&z=90796231

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 14:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28192
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 63ms
22ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-195466154-23&cid=1927111635.1647035472&jid=1997891758&gjid=67620&_gid=1718961336.1647035472&_u=YAhAAEAAAAAAAC~&z=1588138835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
419 B 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.jakartadaily.id&callback=_gfp_s_&client=ca-pub-8400307307701650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8400307307701650&plah=www.jakartadaily.id&bust=31065567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fae7a9dc1c620f3613dcd561a150ad78ce1859869cef940030f4c7c5682d7b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&tn=DIV&cls=ads__horizontal&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4770 0
19 B 141ms
125ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8400307307701650&output=html&adk=1812271804&adf=3025194257&lmt=1647035471&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647035471551&bpp=2&bdt=178&idt=288&shv=r20220308&mjsv=m202203070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=320059503726&frm=20&pv=2&ga_vid=1927111635.1647035472&ga_sid=1647035472&ga_hid=732247263&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065567%2C31062931&oid=2&pvsid=3310887415951843&pem=201&tmod=1949855300&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 21:51:11 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 34ms
22ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-45&cid=1927111635.1647035472&jid=181314672&gjid=1177636340&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=160476555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 34ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-57&cid=1927111635.1647035472&jid=1891462172&gjid=413316415&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1224447297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 32ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-82&cid=1927111635.1647035472&jid=1909646226&gjid=1951933162&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1107936399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 32ms
24ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-93&cid=1927111635.1647035472&jid=780658049&gjid=1188641672&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=120277471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 32ms
24ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-195466154-34&cid=1927111635.1647035472&jid=465179177&gjid=142281331&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1124542324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 48ms
41ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-195466154-39&cid=1927111635.1647035472&jid=1562208754&gjid=1624827317&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1898982553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 29ms
22ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-195466154-56&cid=1927111635.1647035472&jid=357552781&gjid=1308499700&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1124929335

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 28ms
21ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-1&cid=1927111635.1647035472&jid=1722182261&gjid=1931608341&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=2050200286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 47ms
41ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-2&cid=1927111635.1647035472&jid=1634416835&gjid=862043985&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=495288223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 46ms
40ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-4&cid=1927111635.1647035472&jid=628795440&gjid=519608804&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=136902503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 45ms
40ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-5&cid=1927111635.1647035472&jid=789984742&gjid=1160776828&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=603112339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 44ms
39ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-7&cid=1927111635.1647035472&jid=1248096417&gjid=124189926&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1614615898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 46ms
41ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-8&cid=1927111635.1647035472&jid=634680259&gjid=89395978&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1907651746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 46ms
42ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-9&cid=1927111635.1647035472&jid=1816422861&gjid=51367720&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=161656270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 46ms
42ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-11&cid=1927111635.1647035472&jid=1253940723&gjid=1475813053&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=1660220927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 45ms
42ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-15&cid=1927111635.1647035472&jid=456664165&gjid=2134286070&_gid=1718961336.1647035472&_u=YAjAAEABAAAAAC~&z=200424416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all_an_white_4.png
advertnative.com/storage/logo/ 3 KB
3 KB 498ms
162ms Image
image/png 139.99.126.164
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advertnative.com/storage/logo/all_an_white_4.png

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.126.164 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip164.ip-139-99-126.net

Software

nginx/1.19.5 /

Resource Hash

23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Thu, 23 Jan 2020 15:16:52 GMT
server: nginx/1.19.5
etag: "5e29b8e4-a78"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2680
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET firebase-messaging-sw.js
www.jakartadaily.id/sw/ Frame 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=732247263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&ul=en-us&de=UTF-8&dt=Indonesian%20Influencer%20Indra%20Kenz%20Officially%20Detained%20for%20Binomo%20Fraud%20Case%20-%20Jakarta%20Daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAAC~&jid=1686682081&gjid=1692877753&cid=1927111635.1647035472&tid=UA-207405423-45&_gid=1718961336.1647035472&_r=1&gtm=2ou370&z=2006237261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 40ms
19ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207405423-45&cid=1927111635.1647035472&jid=1686682081&gjid=1692877753&_gid=1718961336.1647035472&_u=aAjAAUABAAAAAC~&z=829362018

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jakartadaily.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.jakartadaily.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
125 B 125ms
116ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=164703547222921428565&uniqId=13d4b&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&lu=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&sessionId=622bc450-0b61b&pageView=1&pvid=17f7af6d96591118c34&site=751434&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ea782958a569b37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mgid-logo-ua.svg
cdn.mgid.com/images/logos/ 1 KB
863 B 41ms
24ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/mgid-logo-ua.svg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 5454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: M76AAQ55EZJP9TMC
x-amz-id-2: VXmQ2MS2gY0CDAVNo/yfDvHdkIKQiJG2DW8GLnAgeUMKx4b2yUt38cgxvmHqG2XU8snRID1K0fw=
last-modified: Wed, 02 Mar 2022 18:11:37 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646244686/ctime:1646244686/gid:0/gname:root/md5:17f813144571b58f583d7f58e611b631/mode:33206/mtime:1646244686/uid:0/uname:root
etag: W/"17f813144571b58f583d7f58e611b631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ea78295baaa9b37-FRA
expires: Sat, 12 Mar 2022 21:51:12 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
814 B 46ms
30ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 6383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: TAP7D9AX42CTQWCM
x-amz-id-2: yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6ea78295baac9b37-FRA
expires: Sat, 12 Mar 2022 21:51:12 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1212591/ 3 KB
2 KB 51ms
41ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1212591/1?pv=5&cbuster=1647035472305681346127&uniqId=13d4b&niet=4g&nisd=false&jsv=es6&w=518&h=509&maxw_3=253&maxh_3=214&cols=2&ref=&cxurl=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&lu=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&sessionId=622bc450-0b61b&pageView=1&pvid=17f7af6d96591118c34&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a213da5d5c10e5b53e1855bb706df4810295f001d789978026139e76976d57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ea78295fb309b37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmY...
s-img.mgid.com/g/11739835/492x277/-/ 21 KB
22 KB 592ms
561ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739835/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmYzE4OThhY2IzOTkyNDAwMDhiNDRiNzAxNWQ4Ni5qcGc.webp?v=1647035472-__X5TV_WCP_jVoJVSfiusr1sjLBxOXoWq4z7rolTPAI
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7

Request headers

Referer: https://www.jakartadaily.id/
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:46:40 GMT
x-mg-request-uuid: 7a63d120-0bda-4fae-8c66-0e18b856c194
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ea7829688e5913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21954
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxY...
s-img.mgid.com/g/11739875/492x277/-/ 18 KB
18 KB 591ms
560ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739875/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxYTgxZjc0Y2I2NzM5NzVkZjBlYzQ1ZGRmMDdlYS5qcGc.webp?v=1647035472-pimx7ZHGI7j2bssJNKqa4cmsMTswBM5s5qWJ-U3YqMc
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11b010cedf3a5ff81a1cf7a79b50f6606ac6eddb6f9047bedb421e033b6c602

Request headers

Referer: https://www.jakartadaily.id/
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:51:17 GMT
x-mg-request-uuid: 56610892-9927-414d-88d9-d2ec00cb2d5a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ea7829688e8913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18224
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2Z...
s-img.mgid.com/g/11739857/492x277/-/ 32 KB
33 KB 555ms
524ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2ZThhZGM3MTU3OWQxOTI3OTMuanBlZw.webp?v=1647035472-GWHJZSAyGXU1_POLsuGtje9J6IitfVheNGysAtt6miE
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94

Request headers

Referer: https://www.jakartadaily.id/
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 9f77e69b-cbde-40c9-9982-3601487e671e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ea7829688eb913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33276
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3Z...
s-img.mgid.com/g/11739864/492x277/-/ 13 KB
14 KB 552ms
522ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739864/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTg0OGY4MmJmOGQzNjg3ZDAyMzk2OWE1NjdiZDZkNjUucG5n.webp?v=1647035472-WiqRqaUmoMJn6B7hpKStBELS_A4G4Idlj5L9FeqSqLM
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972

Request headers

Referer: https://www.jakartadaily.id/
Origin: https://www.jakartadaily.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
cf-cache-status: MISS
last-modified: Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid: 4f1cdf99-3a0c-4d3e-b333-0c159aef2bdc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6ea7829688ee913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13774
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
113 B 112ms
102ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1647035472400382755224
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ea782969c279b37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 066D 6 KB
3 KB 28ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FD7 6 KB
3 KB 19ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9AA 6 KB
3 KB 17ms
12ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74E0 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9966 6 KB
3 KB 13ms
12ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBD4 6 KB
3 KB 13ms
11ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D94D 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3ABE 6 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA58 6 KB
3 KB 10ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9081 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:51:11 GMT
expires: Sat, 11 Mar 2023 21:51:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 i-noref.js Show response
cm.mgid.com/ Frame C364 0
367 B 140ms
139ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1647035472561678288932
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/a/jakartadaily.id.1212591.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6ea7829798b45b4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ Frame 7FD7 4 KB
618 B 36ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 19:58:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7FD7 2 KB
984 B 60ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:44:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7FD7 0
0 44ms
44ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD6hvT8QrYtPiLZfs3wOD0J-IB_S34florr_Ft6YNpuDPzbQQEAEg6qrjf2CVoqCCsAegAbC6odcDyAEJqQImacesD1CyPuACAKgDAcgDywSqBNMCT9Dywljg85_HNsZcjyJ0eptq0ZrvCq-iS48tPkHpOp4RybUipGkFm4jkPDPj0gYmgrPNZ18lQ4caR_o5oCO6EGArTOjkvIc1-NdUIbfVaxL6Nd8QpUvkd7pNmV1AeTeN0aXQ7Zog0INiecl1L75AYrsCpMeQQTR-XwtmxHZE6RwnbpLR6vSXDEu-D6noQV6Bja8SuAU-WtwV62BE1Ko-ElgO1qwhaT5_xQwQ1mXkzoaBiUCyttLvWKlOKMUX0CinTTwcnRvGuYyZ-UPKDQ6HA6HvERBGnVFawXJyZaXitDEau_2OcTqTERlhaqWUthbRlETKEmOBJ3baXyIEEAQY6Jl-H1wnIyXjvBXoGZLpB2QX1jchHQE6vUijARBlMCT7sQRCEd09TY9c84-ibbqHLk0exPzMuLyNDixVWiE7lozFUOz3nmKmWA-btWL0TB9SVDIowATxqf3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD8twfSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=IuTIovHFomc&uach_m=[UACH]&template_id=494
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 7FD7 19 KB
8 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7FD7 2 KB
1 KB 58ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FD7 117 KB
36 KB 92ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7FD7 15 KB
6 KB 44ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7FD7 0
0 52ms
19ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbLGIVUjMx-U1R43bs_oLkRbmofPdSQptjaFYBtNuIA3qGAfXLD29p4Obp_rncRli6Em2g8Nh9gFZvFazx0pQsTLFefA
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 7FD7 28 KB
12 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 08:32:30 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/ Frame 1065 14 KB
5 KB 45ms
25ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7140652a9c0fc05f7bc567243697ad95af7d2e238c5ffbaba9e240db5058da03

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 3602
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 06 Mar 2022 13:12:43 GMT
expires: Mon, 06 Mar 2023 13:12:43 GMT
cache-control: public, max-age=31536000
age: 463109
last-modified: Fri, 26 Jun 2020 11:21:03 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C9AA 0
0 65ms
65ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfhvUT8QrYtTiLZfs3wOD0J-IB533noJo5JTb4cIL2tkeEAEg6qrjf2CVoqCCsAegAdvGxOwCyAEJqQImacesD1CyPuACAKgDAcgDSKoE1wJP0LCv7gkJWQNIhKDkDKwAbnMH8kVkwawOC_uWKqDKUnPdva8da-ycqbR8HAhT1MODkphlYcgk2wBUCy6cPovmeZfvXOpk6jTkd_Wht9y7-3D8ZfrNVGNDG7T8QjvDzEHuXINsuw3KVDNzpKG5JAZhNzQi8H26p1sur1UZRGMl7bfYNh_1OW24D4VdIA_e1YXHxWtgUmF08KXyryOHcxX1KdoquzVhhUqiQ90Nx_rnvkWWiUM1E9f0k9QVM6h0gCE_OrPI_fbY5lq3NocwJWUvSafJzFt15ONQagvALsx1hjOcl1pM9QSMMaZJFgppofl5YCYQhfKG_EZcWMcXwB11imsRbeMUfwlR2Yuj2F7SfsXV3cSjPgqC3hmTzjEYTiqMksbbPlD0pUJpfm2oEwe33-FCPGXAK-rVtrsKSaj1oFhs7szWTEKQ5O7Ks1mFE9O0tIK5xXqbwAS0u6jd6QLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjbm7kwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC0uAPSCAkIiOGAEBABGB2ACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=eLI59X9xaiA&uach_m=[UACH]&template_id=419
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame C9AA 19 KB
8 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 066D 4 KB
618 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 20:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 066D 2 KB
938 B 42ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:44:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 066D 0
0 71ms
71ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaIEyT8QrYtLiLZfs3wOD0J-IB-re9flovr3Ft6YNloLNhYgWEAEg6qrjf2CVoqCCsAegAbC6odcDyAEJqQImacesD1CyPuACAKgDAcgDywSqBNMCT9DxR9oD6uckpnUqhwT-km8Ep9jbs1Z28SOKSxWIA5Yhvx5dbWDhqHtyTeOsF7a74lSem6iVuREtWvizQQmgQnbbJgTgtpU1G5H0O-PuQ-4tAOylYVzg6XTxJv6tEzRjjzXzLsQrFkJwbg5EKoXZJ1z_VD13KHXvLHjk2-74aWHTK0w8vafvEOZpIGiaftAHadN-YA_iOR1dy9DeUHVwchh6BEWLBIU-PJHwwfxdQTpCyNWZbeYmqYi_7XZv7zENTRhUByzUtgbOGKkXXJVQ3o38Rs5jrWNFu77rkZ_6QGug86uPsFV4IR8OK069B4aRXu3ceBPXnXox9dzPPeXO_k3yVKU15tC_v4gTY8TSkX4JBwdri0NJsC8GB6KG6YcS7arQuwMoVpegeHaweeIJSI3w1SMMd9mE2X9rDzVvExGG1OFY7LfUHdl15RuvibBDropdwATz8NDOrQPgBAGSBQQIBBgBkgUECAUYBKAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCBhwfSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=eX6007ShE1w&uach_m=[UACH]&template_id=494
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 066D 19 KB
8 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 066D 2 KB
1 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 066D 117 KB
36 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 066D 15 KB
6 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 066D 0
0 35ms
20ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBPpDpHbgMRAIOb-w78S7EtBetW8zsiC92XHRl-ZWZeMvZbR21Qsrr98IMBMQQi1RvJLgXxo0nOhalDjGxKo9er51S3A
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 066D 28 KB
12 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 08:32:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 74E0 0
0 67ms
67ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLYm_T8QrYtXiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTcAk_QNlsKwhGtFjagipwiq1rMl1k8LuO8gPzgCoRocibQn4sbtFf8bFcTeQzvfhYcI99KW8ZW9ou1PsBuLf2k5QCG7iR_HvTUjLF1TvnxoqEDGIsrASOSQfpKC3HOgD4J9hQu88fCNbVCINrGaGc8o9BDXPZ_0X1tgKwxSsS4I2h_KK5al03XE1MefGByVGAsz1b8LauVZkn6Q7k1RjZP_QGuxzjZ6QAAqLYZXe1D9cFEQ8zrwVhUaRvAAhx5Cxa2pHEr2K54xKk81ZzaWLFVxg9muVbshlCvlDYZzSkFVWU1xnvfILh38LA-LnHYFIuYzfKAzcOwlJfd5MlP67J0shELa5_Q6Dx0JwPKhUnJNglM1qOKMjPTyv1q8XO-olEn7qgkNgheQsMlSzPyd2Msuvjl8x4Ay2ebPI_PCGKODZqu9qk8_Mca5e5H1RBCOL3Sz8-T_1zPS3QDEtdRluAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxMjc3MTY4NDE4Njc3NDcY3coO&sigh=FEgU8dS-cdA&uach_m=[UACH]&cid=CAQSPwCNIrLMckxchn8w86YtaphXzYC7JM_b_nrfFP-ohxTw4wMjlaKmHelgnZ0zVR1qPSsOlQpaHS2oQgKZJNgxrhgB
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 74E0 0
0 119ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEsY1oAHYBJ2DYgICAAAANt04097MRWqrkNqNEE_EK2LYpp9iVPcCMXiNWAAS&wp=YivETwALcVUKd_YXAAfoA22s-fe_cZOmdT8EyQ

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 307810
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AB5F 44 KB
17 KB 120ms
21ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVUKd_YXAAfoA22s-fe_cZOmdT8EyQ&u=%7CatVqgFSvHDRDcGwKAzJz%2BDkPyLp9bP%2FacilyMkVdGTU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJeweAb1R2zHblRiT3nqWjEB-4tJksIXmAW5OTLa746p82NVa6TOUNbgPy6ZTOmdu6oV_Y7PpGeGDHj5pN0Y2ahvEK4WZh22AOE6n8iZJaPLpnOwJxqNcPq4CWYhGKfD2awVhxlutrfGa4chcT9n2MxRDEqA50hkNq1I-oHAFyEwXTnp4_s_SNtQGOxVPiuWG8_tmMVN_HlatupMSvpF9aXNSQ6zmEnJBeSsdMMFAPplaW0T-Oicszr8EZdXNTnV7RWPAFWR_1wocI5Z-dFYPylLlO2hcoOe6eeKyV9vdHDj0uU_fUi2ukewLHYRtPdR3PQXoI5f48qH2KNQam3fs5uLatEyisRid4PYuUeUnkStrYK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR8QT8QrYtXiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_QNlsKwhGtFjagipwiq1rMl1k8LuO8gPzgCoRocibQn4sbtFf8bFcTeQzvfhYcI99KW8ZW9ou1PsBuLf2k5QCG7iR_HvTUjLF1TvnxoqEDGIsrASOSQfpKC3HOgD4J9hQu88fCNbVCINrGaGc8o9BDXPZ_0X1tgKwxSsS4I2h_KK5al03XE1MefGByVGAsz1b8LauVZkn6Q7k1RjZP_QGuxzjZ6QAAqLYZXe1D9cFEQ8zrwVhUaRvAAhx5Cxa2pHEr2K54xKk81ZzaWLFVxg9muVbshlCvlDYZzSkFVWU1xnvfILh38LA-LnHYFIuYzfKAzcOwlJfd5MlP67J0shELa5_Q6Dx0JwPKhUnJNglM1qOKMjPTyv1q8XO-olEn7qgkNgheQsMlSzPyd2Msuvjl8x4Ay2fZPq5dj-0SHiUy4grswWHi7PpNYxpsID9mB_I1DePRZ2yGuFNCKUpKDOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VfTA8z1uH-adBDqIGdEjmhxdqKw%26client%3Dca-pub-5127716841867747%26adurl%3D

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

add450a57df7c9b0b2310e2b0eb5e1c3866f18314f427e1dfaeb263a70ae8607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HNspP07Nmlhl1JA89YdlIzqbGDv9ZYD_eV7wkp9CI4oq1l4mOSy_D0A8th3Ud_84GdM5q16xbw_GOPtbwN6tHoH1CGCYgUk2Mc618GeYpvUZRdpERqkraIOtmdG6BYlakc9-yIBeVmY2hG1qfZyWUFa9vnGgqshHDNDytrtZDP9e5woSieoMd43aBgEcdCjSfcL6E_p56GYhpP7Ty7VgKrUwLm3OzjVcBHr8SoFWnestiXf7xVULjB9juIOYyao3fQL66w"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 4818045
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 74E0 2 KB
1 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74E0 117 KB
36 KB 78ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 74E0 15 KB
6 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 74E0 0
0 27ms
20ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfot7mJf_1cY4iGjJwcCF-xe6pAFL9BJLFlxFgiSL5pOP5vkCOhvXNlgOBqM_ht8GLadFfC1NBs6HjSto_l8iZiJOsOg
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 74E0 22 KB
7 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Mar 2023 13:19:20 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9966 0
0 64ms
60ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc76RT8QrYtbiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTbAk_QB20E48TMgcaOE4-qdgAtZPQdn2OmEfJQx4ZjAY2ahgvoxfbGQmV82xJskme4Ac8AeJSUborJ7XTEdDddMP5nwb9EAUjJX-xeruu9irLrEYDKQO2IQl3IRhEhBrvJHpymfZoAI-uU9yi8nBYQT6lqn70MEjpkc3QjCweuTIdGOFYh3z5ucB8JHe7Z-N8K8tqAVkvAFewPXyMYJRccEN43ak6z58RqD7OuYpDmz3wCXBAdgATRTDRPy4YRrRfrki37j7wWkyZ8ScMn8insUG5NiXV2EYHgSI6p6-zdeLMOFSHMNdvV1C_NfmUF4UDyvEE_i387VqnXk-pUDEmH6cnx5BkzWPvhoP4hCUA0ww6u20dRCYReKM1kjyW2H4mNQ8gMU0wRb-zOYDETx5Dt_xss7beLZ7OORC2vb3mZ8qeOEOQStPzM0gcdoFNw5EauaAFXeQ1g5evcnF9X4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=FHKD1BTla8U&uach_m=[UACH]&cid=CAQSPwCNIrLMckxchn8w86YtaphXzYC7JM_b_nrfFP-ohxTw4wMjlaKmHelgnZ0zVR1qPSsOlQpaHS2oQgKZJNgxrhgB
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 9966 0
0 109ms
10ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEujMCcoHWp2DYgICAAAANt04097MRWqrkNqNEE_EK2I3_cybG7JzBXBwywAS&wp=YivETwALcVYKd_YXAAfoAxu5raE0lFfzJ9QFKA

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 267785
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2218 46 KB
18 KB 117ms
22ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVYKd_YXAAfoAxu5raE0lFfzJ9QFKA&u=%7CatVqgFSvHDSbFsKp0ODBejfHusPJBqHJzgfYRaVRXKI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl4wNY3zsDEngtW5efL54FfH9FJdOVuMPRAc8hs53JU9WNVSMfpN6krF8xbQ_G3JhebD87QxzFtSJLHi9nxdHrdxhyymg15gYWepXRIdux84c7-vW68Ck8YKBXRYfO9172sLv73n1lsxG1VQDNhPOxzjEM96I7npntrGhFIabFyToGlLyqvH2yW3gtkVkMbzhGz5U8V_Ovxhhe-UKe9BP15aSJbq-SVi5HR87WvRKtVJLgTKdBZC9OG07DrjQiF1CbbXAOIO4swToTVZOeB8OlNfsOXkKgiJWL6pvRFt_Rb7S1pKX93QqR5yy9liwBcn4cz5FD2nM4Us5Pmm_CPjwk0D4GQ8FJtMPW98kPfxnDY9Wt9zoSv4U3JBU-THaH70jce&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFqkJT8QrYtbiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTeAk_QB20E48TMgcaOE4-qdgAtZPQdn2OmEfJQx4ZjAY2ahgvoxfbGQmV82xJskme4Ac8AeJSUborJ7XTEdDddMP5nwb9EAUjJX-xeruu9irLrEYDKQO2IQl3IRhEhBrvJHpymfZoAI-uU9yi8nBYQT6lqn70MEjpkc3QjCweuTIdGOFYh3z5ucB8JHe7Z-N8K8tqAVkvAFewPXyMYJRccEN43ak6z58RqD7OuYpDmz3wCXBAdgATRTDRPy4YRrRfrki37j7wWkyZ8ScMn8insUG5NiXV2EYHgSI6p6-zdeLMOFSHMNdvV1C_NfmUF4UDyvEE_i387VqnXk-pUDEmH6cnx5BkzWPvhoP4hCUA0ww6u20dRCYReKM1kjyW2H4mNQ8gMU0wRb-zOYDETx5Dt_xss7beLZ_GMZb8o4OWKTTuaszQvEgTFxg2rqn1oZvJmVaelxhNM_W52GEzoF5mY4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3sbrKzXuLYU1BJlv5-YIavsrgT-A%26client%3Dca-pub-5127716841867747%26adurl%3D

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c2484ebe98b1aecfd9700c2697abc4cc2f77fc6f530bd776d68b37fc1880506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=tpLC507Nmlhl1JA8-uqMaCYv3jgJadJVEtiwvh4cEyxF1lUsa-120zfAw-HHV_K-yfkG6fP9WaGV4dzoYRftof23rSLcihjkdG7yvDvKtcohbt9dgWy7W3aE37o2ZQcqHakcptRZAav_-qxrlGlLMLKzsCqqUd2lbTxUzt_DXX6oq9Ch5b_Es_W2jLwdeVvmCwUw8S007TFAhDjsXiyg9Dwhtmn191K72lWk60tYz_PUOjMnfuwb6kQN__bVMHwR9K2d9Q"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5317712
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 9966 2 KB
1 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9966 117 KB
36 KB 89ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 9966 15 KB
6 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9966 0
0 26ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUOPzJ3RezmfimwFXpG-MPgPOUkQllyJnGBcumxzTy3dfXx4qJ3Jha3zNuOUa3A5sQfigwx3saoASpsTlEJMXs9M6Oqg
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9966 22 KB
7 KB 54ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Mar 2023 13:19:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BBD4 4 KB
618 B 58ms
54ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 19:57:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame BBD4 2 KB
938 B 54ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:44:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BBD4 0
0 62ms
59ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYSctT8QrYtfiLZfs3wOD0J-IB-re9floiZmn68EM_Oq8tOgcEAEg6qrjf2CVoqCCsAegAbC6odcDyAEJqQImacesD1CyPuACAKgDAcgDywSqBNYCT9A_eTORmd8_jiYnsAvFREBOr1IEPu9HHFktUdsnvhYwIp9kJOJ82nPqAYXJvtWEXATvjJL3HfMhwh2dY52kRgLlBleYetCsn-CAUGHUD5PCluaxDcBg2YTpNN2EIGj9je-25RhV0AbrZZBKB8oz7s-3EbP4Gnf_kVzEyzVB8bV2CxjkQZLcs0amv_2R-I-R_Wuig5dx8xrqhEg4jJkC0LWLOZGbBXjXfpoLYnNuEfFXDrGGoJ8W9-bWzhkZ439UmlfJULpVLviDi2WJZgloDkIArMWQS8-O2kIIjTeyLyxf5IFbJXKpEefBUourw2JYCwB98FFGFYiIuyOWRTgKIMt5szQx1XsKlrszd_Oeu_A-_M9OmlsdxDrlplPeYcDH5eUuRFh2hcAp9urPLeYqMAydb0QUxiza4tQIpT91sNsJoiiqhmxxnb1uCVZWnLNxiUhtFuVhwASb8dDOrQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDk7gLSCAkIiOGAEBABGB2ACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=G95eL6XVMJc&uach_m=[UACH]&template_id=494
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame BBD4 19 KB
8 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame BBD4 2 KB
1 KB 65ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBD4 117 KB
36 KB 81ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame BBD4 15 KB
6 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BBD4 0
0 27ms
23ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuz6VQt2-pEZLCm2K-Fa0WAmo_lj6dU9c93OKwud6wTeLiV0sCnmccchFT0Kphe4DoSOo2o3kxQ6TrkjgfnY_QJsxnFA
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame BBD4 28 KB
12 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 08:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 08:32:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D94D 0
0 58ms
55ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5EADT8QrYtjiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTcAk_Qr5kaSNFeTmUAmfxamozTV__WLnkSawTnsD7jVqICGSVWLdtR1A-tZwHXpbHXf63jwXQjztvBDlWesO395nytOXc2dmmwLHkwbJukKS_emSv7kJ_NmcZUWaUW4LojEge3nukfBNPYaatMTLs4Neubdg8E6fttZz7_-VwUzPufPHdjfMS5MTE78etPCSLKQzQ4bMecIL9HpZP5aRnxWq3BCjXJxEN2f1kQ-4czGWtNC-OyAfw-S3eqKXInrzFzWx16aGJ8RBnBPkd3OxtZvP_c7d22OTscqy81WmsAlB3BUWfL43SztKM6zCYg0RvcITVXwN7kZhPnPkC8uR42m0uw3vn53cWORj5f6Brf7g3L_dgm_F8rqwqUe6OPGF87WBC7WYaIFRORalVSvZLb4NSrtvm5MH3LP9uahnd7Oe_1k40p79qS3ENtrxJpLoDqLvp6xR9b305Yd4U6heAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxMjc3MTY4NDE4Njc3NDcY3coO&sigh=5-2MY4Pfn7I&uach_m=[UACH]&cid=CAQSPwCNIrLMckxchn8w86YtaphXzYC7JM_b_nrfFP-ohxTw4wMjlaKmHelgnZ0zVR1qPSsOlQpaHS2oQgKZJNgxrhgB
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D94D 0
0 103ms
10ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEsY1oAHYBJ2DYgICAAAANt04097MRWqrkNqNEE_EK2K9GMHsU4L8xnKaeAAS&wp=YivETwALcVgKd_YXAAfoAwe6vNW9yLTM3gXvrA

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 330819
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C871 47 KB
18 KB 125ms
36ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVgKd_YXAAfoAwe6vNW9yLTM3gXvrA&u=%7CatVqgFSvHDRbT8jrAgUX7cmHc8II4MZg8SqcecOtNjA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJewT4l4AQkI39Ousol5PVutr0GdLJNhdQ5Qt-e_AxCoRyABr1QXirQEO6Ce_L9fRj_RHYXWs3KKRGOHsmVSj78EWqGC7TLrfSkLtJG7n3QuTKsxMRYlGPY5KIZYuc4oJrKAL5n0R48fDE2gXdjaMNiEQ_D79Ckgjgyxph7mOPu0HK5Z0fyz-RJae0c3OY0dp3fFgYwg6otBLQev3UzPYtTGiBM2lbs_h_X26nvZC-jqeOO4RcIyUn7ZJiMUxQVFAeMle1rAHFhAnKF1KkOzzs5fo6Z75ue1JqBBRVMXBXnkYCSpAvw7BFIXvo-3-7duWvpTj7b87aE0domqjEQ0iy0H_jH8c_9g6kl_ESBShGh-Ch3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH_HET8QrYtjiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_Qr5kaSNFeTmUAmfxamozTV__WLnkSawTnsD7jVqICGSVWLdtR1A-tZwHXpbHXf63jwXQjztvBDlWesO395nytOXc2dmmwLHkwbJukKS_emSv7kJ_NmcZUWaUW4LojEge3nukfBNPYaatMTLs4Neubdg8E6fttZz7_-VwUzPufPHdjfMS5MTE78etPCSLKQzQ4bMecIL9HpZP5aRnxWq3BCjXJxEN2f1kQ-4czGWtNC-OyAfw-S3eqKXInrzFzWx16aGJ8RBnBPkd3OxtZvP_c7d22OTscqy81WmsAlB3BUWfL43SztKM6zCYg0RvcITVXwN7kZhPnPkC8uR42m0uw3vn53cWORj5f6Brf7g3L_dgm_F8rqwqUe6OPGF87WBC7WYaIFRORalVSvZLb4NSrtvm5MH2JPfoIAfjnKlBphy750nxq1VdnGRhHNgJe5sfcN6BF81bd3QEpOt6vcOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13KyJD30azd57btt08sxZI0XDqrQ%26client%3Dca-pub-5127716841867747%26adurl%3D

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cceb4bd359e63a9dd19b81e82fb7c55bc4e8b837e1a2e1931b2550ad27b579ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YTUF1k7Nmlhl1JA8kGCHMJpz0ST37tukqLcYmhdKxtErD-mX4ByAY_s7I2fvk2RFGeGDk5W_0ugAsCm063wv0eS7p9l_PZCYKgkdm10FieVZ58KUujqbbhRJYZv0_kVOyXG5WYaOJmcjwRrGofVgFCPq_leSl3riiixvoSly5n25An29r7b10wqagdubiBeSWrS1bl6UIcDm-67uEHk4Kx_YyAl9ojQ5xeov9NI4gq9QntIKPcBLmD-IH5x7bJZaGXtd5A"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5566964
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame D94D 2 KB
1 KB 65ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D94D 117 KB
36 KB 81ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame D94D 15 KB
6 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D94D 22 KB
7 KB 51ms
47ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Mar 2023 13:19:20 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3ABE 0
0 58ms
56ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7PgXT8QrYtniLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTlAk_QTXUR1pj7P2x__A5_liunrVcBSbp5Fr4Wj7pTSDNdjhTsmJ49yEBIs0rA1BXN3pM6vVLSZl7U9b9LMaoO96Y7ZJhpmZFRzRbaiKIA6NS76W2fukilxmxw4R1cr--VfnK_8VHZu-2BS2hdd5Hx0t6-fkaA7mG77FcqvKbRuLlOCvBZtwhhnIsgKNvUbZa59R_1dLnxqjJOsO8LaNg_ZRxBzO8ayVoEzSq8e0rV7FrGety9oBEkTgSAYEhQ6CAwwZyWx3SszsFzXK0XkpPAt8uDJdtoJOuj_4nRUYMGh8XBVxXq-Z7hsihFIzcgkGAcB46QbcKntY7VOEJNMfveNbrd8d0ob1IbAogF7FKG5GCtzFepiJkfCL7DSNAfwY3QrnKpVSzZkWHe_OsLzPtUTFSeIHztzCAGE4D-z3TNY1kVRmacGjP-ItKTVrvITpu6RR2BJNRVtan_1Uc6b8Knr9OKq0K0JuAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTUxMjc3MTY4NDE4Njc3NDcY3coO&sigh=CvvM79yu018&uach_m=[UACH]&cid=CAQSPwCNIrLMckxchn8w86YtaphXzYC7JM_b_nrfFP-ohxTw4wMjlaKmHelgnZ0zVR1qPSsOlQpaHS2oQgKZJNgxrhgB
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3ABE 0
0 101ms
11ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEsc1rAL6AZ2DYgICAAAANt04097MRWqrkNqNEE_EK2Kjq6F2QWI7njDsWwAS&wp=YivETwALcVkKd_YXAAfoA_EArZ0EfEY2KotLww

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 223430
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CBAC 44 KB
17 KB 139ms
54ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVkKd_YXAAfoA_EArZ0EfEY2KotLww&u=%7CatVqgFSvHDTI43q5%2B75cWN0JuV6QcyQswlJHgucVLMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl41xPG0QE7tErjAATjX_jeGuqNPLeFOuXww2aWdZMsHblkDjQauJoYNOSvxm9IOsjRQLyU3Jay_QSZM1shhFr4HCdRrc9GAH9vjnFnPK4RwjlTPoXbhOLt9Jt6w8YnsxitN0xYEv3WenLC3spI5PxYvugjN1lTfNeamx5xM7GsjcckBkJZisE9QhmJ8EchP1HsDG-KlFiLdgCV5mOFrpWVuPbpElS8zmS8EigulcT1Dgf14ef_-Qjpmnsq69N5X4HYihhl9_RLMUUdXRVe39BrPfE1sUFB9bh5GKQ75CeYwv6i0HEzBO8EhmmDa5R9UrfkXGJLsqEfVvi4pij7uBXMe1-CfHd_Y4CoKmDZgrWd1-2i7zXAQkhcUj8_1q5BIf64&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8iB7T8QrYtniLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgToAk_QTXUR1pj7P2x__A5_liunrVcBSbp5Fr4Wj7pTSDNdjhTsmJ49yEBIs0rA1BXN3pM6vVLSZl7U9b9LMaoO96Y7ZJhpmZFRzRbaiKIA6NS76W2fukilxmxw4R1cr--VfnK_8VHZu-2BS2hdd5Hx0t6-fkaA7mG77FcqvKbRuLlOCvBZtwhhnIsgKNvUbZa59R_1dLnxqjJOsO8LaNg_ZRxBzO8ayVoEzSq8e0rV7FrGety9oBEkTgSAYEhQ6CAwwZyWx3SszsFzXK0XkpPAt8uDJdtoJOuj_4nRUYMGh8XBVxXq-Z7hsihFIzcgkGAcB46QbcKntY7VOEJNMfveNbrd8d0ob1IbAogF7FKG5GCtzFepiJkfCL7DSNAfwY3QrnKpVSzZkWHe_OsLzPtUTFSeIHztzCAGE4D-z3TNY1lXREcOnbxiMW0PQhgYcz1CTAmLkt57rStLHXqcnX25g8sPAcanmT9RXeAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1diEBA0kX8665VyM8DY5KXPBPzHw%26client%3Dca-pub-5127716841867747%26adurl%3D

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cbd2bf7997d46cd084ab99419191c274c50f42e6bd616afea5a7ae09336bd5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Y5rfP07Nmlhl1JA8hdtbEaXXTcaEtMsCPBbcz9leV-MBhrCf0pCW71hYKAJZuSBvGkEEzHI4JcvzR9VM5DB79Ovucrd7lhydgRb-gyRobvKH0dUPclyFc27n_OS20XEhYQebDA4BdFmWVkUNp99tN3mVTQVFFP13Bmc9mWX2JzXhKH5_nzaYcyjQu7d_AvmG6CQf95CxYPS_v-8C_-j-59TGkFMYNQBUMBBt0-DRWUjde7s0B4izs6qCZBFv2zbZTvr_nw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 6925601
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3ABE 2 KB
1 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ABE 117 KB
36 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 3ABE 15 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3ABE 0
0 23ms
22ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8ar0kUXcnG88I4EO_tAj2l1Q1SuuxM7lUTzeeKJZ2W2hYZnhfd03PQTr8QGSOpT3lYNFqg59C5Q1PAzBs6Pw8uUxV1Q
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3ABE 22 KB
7 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Mar 2023 13:19:20 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/ Frame 4A18 15 KB
4 KB 66ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13f0b80a8475a6640df435d02f8a886afbe2c41fc07925f2fc7b0e5de586ece5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 3670
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 09 Mar 2022 00:44:01 GMT
expires: Thu, 09 Mar 2023 00:44:01 GMT
cache-control: public, max-age=31536000
age: 248831
last-modified: Fri, 26 Jun 2020 11:21:21 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA58 0
0 53ms
52ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7XHkT8QrYtviLZfs3wOD0J-IB533noJo_Jbb4cIL2tkeEAEg6qrjf2CVoqCCsAegAdvGxOwCyAEJqQImacesD1CyPuACAKgDAcgDSKoE1wJP0EU7T9MimORe0EJW2SVugJPBR3PqrUwhcv1RdpE7nmFZzEgcLf5HfWFcrJnQJLkeD_456X1y7BgmJjgtG8eZZmfZBECsS7CLOY_gkoREwX_EcNBeJ6DP_soQXSF9eUFcJgHG28KshN-ddAMRkjerqY9EJujrFqyRRHVeEfvnHUbA2_zrwfF6Aq80ktqQaSp9i2gxPwyxq8TBlj2DsYtFR646a07x6xNabLY9vB5AAwzrvGYR6HZYP8JJkpyrKUsnT7zNlzcRDMR8gfC-4Kniff3c5mjZqnH2cb_XBklqf5EttUrZpj0SYn4ZPo74jvCtlCATcxv8GFlvE45mZ592Kz2o7C8Pw7Su26NwY4b74IYfAyk9923l7ALgIHKdljD1q1Uk-mNwiszruK1pB5hRB1Yz4JAnFuAddlkCL9rM0yNouNb-alUsWKt7UCda7siteiSVVvY1wAS0u6jd6QLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjbm7kwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDS0AHSCAkIiOGAEBABGB2ACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTEyNzcxNjg0MTg2Nzc0Nxjdyg4&sigh=RIICXb3RLgU&uach_m=[UACH]&template_id=419
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame DA58 19 KB
8 KB 64ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9081 84 KB
29 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 18:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Mar 2022 18:01:11 GMT

GET
DATA 200
OK truncated
/ Frame 066D 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 066D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

9ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:38:43 GMT
x-content-type-options: nosniff
age: 216749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 09:38:43 GMT

Redirect headers

date: Fri, 11 Mar 2022 08:05:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Apr 2022 08:05:19 GMT

GET
DATA 200
OK truncated
/ Frame 7FD7 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 7FD7
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

12ms
11ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:38:43 GMT
x-content-type-options: nosniff
age: 216749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 09:38:43 GMT

Redirect headers

date: Fri, 11 Mar 2022 08:05:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Apr 2022 08:05:19 GMT

GET
DATA 200
OK truncated
/ Frame BBD4 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame BBD4
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

13ms
12ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:38:43 GMT
x-content-type-options: nosniff
age: 216749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 09:38:43 GMT

Redirect headers

date: Fri, 11 Mar 2022 08:05:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Apr 2022 08:05:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01CB 143 B
163 B 31ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:05:03 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame C9AA 2 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9AA 117 KB
36 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1065 9 KB
3 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1065 26 KB
10 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Mar 2022 14:22:06 GMT

GET
H3 200 e397c63ab7194025e129eda36af3c71a.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/ Frame 1065 66 KB
17 KB 15ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/e397c63ab7194025e129eda36af3c71a.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd5235072e7eaccce2644acadbc2780addcdcd14d4a2668c965c1213e143955e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 463108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17644
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:03 GMT
server: sffe
date: Sun, 06 Mar 2022 13:12:44 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 13:12:44 GMT

GET
DATA 200
OK truncated
/ Frame 066D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0f7eabc5a8dbf79dfe9d11939423c2151dc190314306aef614b363f1c2c0396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4A18 9 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4A18 26 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 12 Mar 2022 14:22:06 GMT

GET
H3 200 f4561eff9af277ad0a042647ec424030.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/ Frame 4A18 67 KB
17 KB 10ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/f4561eff9af277ad0a042647ec424030.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f38409ad7eb862f703a924dba77ee7c718d3023c8de907a95fbf3aaa9dc08ebe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 230982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17704
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:21 GMT
server: sffe
date: Wed, 09 Mar 2022 05:41:30 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 05:41:30 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AB5F 2 KB
1 KB 50ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVUKd_YXAAfoA22s-fe_cZOmdT8EyQ&u=%7CatVqgFSvHDRDcGwKAzJz%2BDkPyLp9bP%2FacilyMkVdGTU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJeweAb1R2zHblRiT3nqWjEB-4tJksIXmAW5OTLa746p82NVa6TOUNbgPy6ZTOmdu6oV_Y7PpGeGDHj5pN0Y2ahvEK4WZh22AOE6n8iZJaPLpnOwJxqNcPq4CWYhGKfD2awVhxlutrfGa4chcT9n2MxRDEqA50hkNq1I-oHAFyEwXTnp4_s_SNtQGOxVPiuWG8_tmMVN_HlatupMSvpF9aXNSQ6zmEnJBeSsdMMFAPplaW0T-Oicszr8EZdXNTnV7RWPAFWR_1wocI5Z-dFYPylLlO2hcoOe6eeKyV9vdHDj0uU_fUi2ukewLHYRtPdR3PQXoI5f48qH2KNQam3fs5uLatEyisRid4PYuUeUnkStrYK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdR8QT8QrYtXiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_QNlsKwhGtFjagipwiq1rMl1k8LuO8gPzgCoRocibQn4sbtFf8bFcTeQzvfhYcI99KW8ZW9ou1PsBuLf2k5QCG7iR_HvTUjLF1TvnxoqEDGIsrASOSQfpKC3HOgD4J9hQu88fCNbVCINrGaGc8o9BDXPZ_0X1tgKwxSsS4I2h_KK5al03XE1MefGByVGAsz1b8LauVZkn6Q7k1RjZP_QGuxzjZ6QAAqLYZXe1D9cFEQ8zrwVhUaRvAAhx5Cxa2pHEr2K54xKk81ZzaWLFVxg9muVbshlCvlDYZzSkFVWU1xnvfILh38LA-LnHYFIuYzfKAzcOwlJfd5MlP67J0shELa5_Q6Dx0JwPKhUnJNglM1qOKMjPTyv1q8XO-olEn7qgkNgheQsMlSzPyd2Msuvjl8x4Ay2fZPq5dj-0SHiUy4grswWHi7PpNYxpsID9mB_I1DePRZ2yGuFNCKUpKDOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1VfTA8z1uH-adBDqIGdEjmhxdqKw%26client%3Dca-pub-5127716841867747%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AB5F 2 KB
1 KB 48ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AB5F 308 B
636 B 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame AB5F 507 B
835 B 81ms
81ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame AB5F 43 B
347 B 69ms
34ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Gw5IgE2u2i7wh2suWOcIVPwjp9Q-NHr5n_B1xy1BBRuZg75uxjnUkRyWEzAJpIGl_0aM_pi5m68PRd_MbDaL3IQ0cHzOhn9U5fW5xgEgWsWnL45wXhenPtrKh_mDOoMTXfV26CkoBGyYFzrgvw7JjnF1fK_hS7foRiNIrgTqHL3B1Oct3a71MAosvr6NtaN5VQ2297dziX726GSUOXCQ3QjDYTkGW5jQ3yp4x4einYq2ml-Y8aVRzuWc_Du_HeeU-ky2jSEJ7ONqDOsAIRXgTXcUk9acuRXV478MlefN9uNMO2TemLH_52BAkYr5af8DVh9sBk3D5I0PnbTD0FTE6pRSNaMCffnRZ9HON5hTAs9gYbcfjpaHXRgiUzJszI4JSnB6-z628HwjOpdlKkOP1oaUud6D4VE5jLUXjppMAgY6EqaIK00MVk_VlFToNwRnOBuZ-A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3301383
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220105/ Frame AB5F 162 KB
163 KB 13ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdaeb32f2f2b026d74b2e820d614241b2354687e456819ece14659f8d8511dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-288fc"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 166140
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2218 2 KB
1 KB 37ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVYKd_YXAAfoAxu5raE0lFfzJ9QFKA&u=%7CatVqgFSvHDSbFsKp0ODBejfHusPJBqHJzgfYRaVRXKI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl4wNY3zsDEngtW5efL54FfH9FJdOVuMPRAc8hs53JU9WNVSMfpN6krF8xbQ_G3JhebD87QxzFtSJLHi9nxdHrdxhyymg15gYWepXRIdux84c7-vW68Ck8YKBXRYfO9172sLv73n1lsxG1VQDNhPOxzjEM96I7npntrGhFIabFyToGlLyqvH2yW3gtkVkMbzhGz5U8V_Ovxhhe-UKe9BP15aSJbq-SVi5HR87WvRKtVJLgTKdBZC9OG07DrjQiF1CbbXAOIO4swToTVZOeB8OlNfsOXkKgiJWL6pvRFt_Rb7S1pKX93QqR5yy9liwBcn4cz5FD2nM4Us5Pmm_CPjwk0D4GQ8FJtMPW98kPfxnDY9Wt9zoSv4U3JBU-THaH70jce&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFqkJT8QrYtbiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTeAk_QB20E48TMgcaOE4-qdgAtZPQdn2OmEfJQx4ZjAY2ahgvoxfbGQmV82xJskme4Ac8AeJSUborJ7XTEdDddMP5nwb9EAUjJX-xeruu9irLrEYDKQO2IQl3IRhEhBrvJHpymfZoAI-uU9yi8nBYQT6lqn70MEjpkc3QjCweuTIdGOFYh3z5ucB8JHe7Z-N8K8tqAVkvAFewPXyMYJRccEN43ak6z58RqD7OuYpDmz3wCXBAdgATRTDRPy4YRrRfrki37j7wWkyZ8ScMn8insUG5NiXV2EYHgSI6p6-zdeLMOFSHMNdvV1C_NfmUF4UDyvEE_i387VqnXk-pUDEmH6cnx5BkzWPvhoP4hCUA0ww6u20dRCYReKM1kjyW2H4mNQ8gMU0wRb-zOYDETx5Dt_xss7beLZ_GMZb8o4OWKTTuaszQvEgTFxg2rqn1oZvJmVaelxhNM_W52GEzoF5mY4AQBgAau35mgs_aK3fgBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3sbrKzXuLYU1BJlv5-YIavsrgT-A%26client%3Dca-pub-5127716841867747%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2218 2 KB
1 KB 37ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2218 308 B
636 B 123ms
121ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 2218 507 B
835 B 124ms
120ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 2218 43 B
347 B 61ms
32ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=yqdi5MthTCnyHmk5TlZcDxCMhhSuZz3J5Uw3HNaqtwEHRDYrg-gBOmyDH9qspAyQSsDUrDDW69N3OIjSk8vmgIJNX-23H7PZG9zlG9sz_8AoDj-o3kfwgbRQl243tCAYIX8NGMuPpflRt4P4cOHs_7YkfGkE2sC9EaykOupa8bblPc5BM03BnR1QwKXQniNIycbErrc12gn-artvKQXcaYBW0XrZRySOXU7zfTqyWuKm6bycG9rmNHhUae1JsvdEddaRBb_vmfleP2bFA5zl78DiuZMnGKufut2nlLL0VxMNY9pESuxwN4qzViSCMZM9TrRKcNgw0wL74GdiT23TCvGkytBMhR6nGx6h97ChZaPbuEBhIf6iFIUP7aLX9sZf6v-CPOm-L1ymrFk-Uvkn8_Ugg-hufwroxOhc1RgxqyEH8_DYaSrCw57tKNc_BkIhu5p77w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2678481
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 eb2dc2708eeb4a0c9a72930f532e5151_image_ad_970x90.jpeg
static.criteo.net/design/dt/90764/220105/ Frame 2218 69 KB
69 KB 119ms
116ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/eb2dc2708eeb4a0c9a72930f532e5151_image_ad_970x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c98c37237f53887b38b43b163f6e675ce03796b0706d66f356c534017006a5b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-11223"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 70179
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 066D 16 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 231474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 05:33:18 GMT

GET
DATA 200
OK truncated
/ Frame 7FD7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6109468b04c8076cb9fbbe002b0f5382f34a4c68bc024523c1bff5187de9efb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74E0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 164e2138d0556b2c2ac5cb48355f2978debd2e1fd3df53697bb293815391a6b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBD4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d7646a36f7edfa35f4308f6150a5a6524198872b24f8c1b2e4997bc09b63d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D94D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3c6e6e278c8858e9d350e96a8dda97f14826c630a7094791e19d1ea4c35a2eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3ABE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee05805308fdad500dabaf05253a642ffa630a55fd62aee1ef224f5d64f28b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EBE 143 B
163 B 12ms
11ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:05:03 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame DA58 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA58 117 KB
36 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:12 GMT

GET
H2 200 1053088397385905256_8584123760372900530.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 9081 24 KB
25 KB 34ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/1053088397385905256_8584123760372900530.jpeg

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93cd65ce3662c6cffe32a75f5b4ef49159b801036ba9728b9983c052940eddfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:04:24 GMT
x-content-type-options: nosniff
age: 269208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24468
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 05:53:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 19:04:24 GMT

GET
H2 200 16499024985400156857_6134346376249151006.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 9081 18 KB
18 KB 42ms
17ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/16499024985400156857_6134346376249151006.jpeg

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d575d259b402bffabc1ed0d7ea15cd6733a374c231c60e120a2f71bf04f240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 21:34:07 GMT
x-content-type-options: nosniff
age: 87425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18114
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 05:25:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 21:34:07 GMT

GET
H2 200 13235045368289112152_5126012048098972973.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 9081 23 KB
23 KB 40ms
14ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/13235045368289112152_5126012048098972973.jpeg

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6673a83e214096b51efd267c0d7dca63606bf4b058c6132d3cd81d15b476106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 21:48:50 GMT
x-content-type-options: nosniff
age: 86542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23169
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 05:25:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Mar 2023 21:48:50 GMT

GET
H3 200 4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 9081 107 KB
107 KB 10ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:38:43 GMT
x-content-type-options: nosniff
age: 216749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 09:38:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9081 0
0 38ms
38ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP3-1T8QrYtziLZfs3wOD0J-IB_S34florr_Ft6YNpuDPzbQQEAEg6qrjf2CVoqCCsAegAbC6odcDyAEJqQImacesD1CyPuACAKgDAcgDywSqBNICT9BL4rZ6B9LHpZm1aaH-yFJCDbRrfSrTM3Eko-Nravu0i-QhREcA4xEm7AOFmAQvEz1SqQQ5h17QnYIQNYaVIScFJSt1DIJpoPbssLeGctYOLhbt8D0I4w-janO2M3aEbniDxeo9Uh6RBz7GYuoK5SRVMlzAC9B_oLUbaw9LEJM5aHx17aktdB0Jeyv0_gNHuG9jYYkpREU4rdBlkWhRZfTs3hVTvz_gLaEBCKwGj2q4wOglytBg-Icm9V9d9b8yP1laBVP4jfG0EC42mySbmjTQEDvA2frc3nbV4MsDkfTO9FhUQrUYjVU-HYqkBjCwIfs-O5KIDMligCVsnv0cPYLH4DNlAmXmA2fnhuxp63iC-rYxejwqVhdRiRH7Hu0NHccDW8pLfcE9u7fwssv3U4cPtaFCvjM3HK1Zi86RquUlHXcndstyoE_Y1rKvPuMIMnHABPGp_eSiA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELSKA9IICQiI4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi01MTI3NzE2ODQxODY3NzQ3GN3KDg&sigh=kD49dJMConc&uach_m=[UACH]&template_id=494
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 9081 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:39:26 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C871 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVgKd_YXAAfoAwe6vNW9yLTM3gXvrA&u=%7CatVqgFSvHDRbT8jrAgUX7cmHc8II4MZg8SqcecOtNjA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSMZuU9m-2GwHT8yZD5MyYZfvFe4ehoj6dzmkalLBWJewT4l4AQkI39Ousol5PVutr0GdLJNhdQ5Qt-e_AxCoRyABr1QXirQEO6Ce_L9fRj_RHYXWs3KKRGOHsmVSj78EWqGC7TLrfSkLtJG7n3QuTKsxMRYlGPY5KIZYuc4oJrKAL5n0R48fDE2gXdjaMNiEQ_D79Ckgjgyxph7mOPu0HK5Z0fyz-RJae0c3OY0dp3fFgYwg6otBLQev3UzPYtTGiBM2lbs_h_X26nvZC-jqeOO4RcIyUn7ZJiMUxQVFAeMle1rAHFhAnKF1KkOzzs5fo6Z75ue1JqBBRVMXBXnkYCSpAvw7BFIXvo-3-7duWvpTj7b87aE0domqjEQ0iy0H_jH8c_9g6kl_ESBShGh-Ch3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCH_HET8QrYtjiLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgTfAk_Qr5kaSNFeTmUAmfxamozTV__WLnkSawTnsD7jVqICGSVWLdtR1A-tZwHXpbHXf63jwXQjztvBDlWesO395nytOXc2dmmwLHkwbJukKS_emSv7kJ_NmcZUWaUW4LojEge3nukfBNPYaatMTLs4Neubdg8E6fttZz7_-VwUzPufPHdjfMS5MTE78etPCSLKQzQ4bMecIL9HpZP5aRnxWq3BCjXJxEN2f1kQ-4czGWtNC-OyAfw-S3eqKXInrzFzWx16aGJ8RBnBPkd3OxtZvP_c7d22OTscqy81WmsAlB3BUWfL43SztKM6zCYg0RvcITVXwN7kZhPnPkC8uR42m0uw3vn53cWORj5f6Brf7g3L_dgm_F8rqwqUe6OPGF87WBC7WYaIFRORalVSvZLb4NSrtvm5MH2JPfoIAfjnKlBphy750nxq1VdnGRhHNgJe5sfcN6BF81bd3QEpOt6vcOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_13KyJD30azd57btt08sxZI0XDqrQ%26client%3Dca-pub-5127716841867747%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C871 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C871 308 B
636 B 141ms
140ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C871 507 B
835 B 93ms
92ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame C871 43 B
347 B 40ms
39ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=GQ4itk2u2i7wh2suWOcIVPwjp9RoUr-VAgsdgSaJnSe85Rqpv_JuM5x2gdC3Tnfco5K9pqOImvYcUMgEzfdBgFJkkxJTMVT07ED6kmaHOzS1Mkv2f1K5--F83LGP6NiLARR8ogLn2ljEiFooas3cWYln-TWIUd8SGOPCHG1NFmlYVc4mH04oBGKp_wGWh3dHn-lo96DEVOIMPWo7pY4ySsemgg6n6yDyXOaAsmFmAZNlm6V7OXMUn8b-zJ7U-eYKIvDOlvvsyXZG23oAMmIQkNfM8d9RAX8vdvaB6ebGwz3WlF8CFvdf9sSYtMi5oVkWxn2Uifd5H0ACE8_m2j2c1ZD8ymmThh-fCobRJkfEifyWa7CLxbRi1M0v6vbpv78ohhm2Spzx90KzLHxVOPvZp6zXGDGHq968Ho2JJ1tgFJeM4eFYr-Jkf5-Tij-4pgyEbgVKXg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3362767
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220105/ Frame C871 162 KB
163 KB 95ms
94ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/010176d8751a44d8922f8b325c26ec43_image_ad_160x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fdaeb32f2f2b026d74b2e820d614241b2354687e456819ece14659f8d8511dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-288fc"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 166140
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CBAC 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YivETwALcVkKd_YXAAfoA_EArZ0EfEY2KotLww&u=%7CatVqgFSvHDTI43q5%2B75cWN0JuV6QcyQswlJHgucVLMM%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF2xxep2Pf7MmfBVpvJXpzl41xPG0QE7tErjAATjX_jeGuqNPLeFOuXww2aWdZMsHblkDjQauJoYNOSvxm9IOsjRQLyU3Jay_QSZM1shhFr4HCdRrc9GAH9vjnFnPK4RwjlTPoXbhOLt9Jt6w8YnsxitN0xYEv3WenLC3spI5PxYvugjN1lTfNeamx5xM7GsjcckBkJZisE9QhmJ8EchP1HsDG-KlFiLdgCV5mOFrpWVuPbpElS8zmS8EigulcT1Dgf14ef_-Qjpmnsq69N5X4HYihhl9_RLMUUdXRVe39BrPfE1sUFB9bh5GKQ75CeYwv6i0HEzBO8EhmmDa5R9UrfkXGJLsqEfVvi4pij7uBXMe1-CfHd_Y4CoKmDZgrWd1-2i7zXAQkhcUj8_1q5BIf64&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8iB7T8QrYtniLZfs3wOD0J-IB8me0rFc1Z2R93DAjbcBEAEgAGCVoqCCsAeCARdjYS1wdWItNTEyNzcxNjg0MTg2Nzc0N6AB1bbS6gPIAQmpAiZpx6wPULI-4AIAqAMBqgToAk_QTXUR1pj7P2x__A5_liunrVcBSbp5Fr4Wj7pTSDNdjhTsmJ49yEBIs0rA1BXN3pM6vVLSZl7U9b9LMaoO96Y7ZJhpmZFRzRbaiKIA6NS76W2fukilxmxw4R1cr--VfnK_8VHZu-2BS2hdd5Hx0t6-fkaA7mG77FcqvKbRuLlOCvBZtwhhnIsgKNvUbZa59R_1dLnxqjJOsO8LaNg_ZRxBzO8ayVoEzSq8e0rV7FrGety9oBEkTgSAYEhQ6CAwwZyWx3SszsFzXK0XkpPAt8uDJdtoJOuj_4nRUYMGh8XBVxXq-Z7hsihFIzcgkGAcB46QbcKntY7VOEJNMfveNbrd8d0ob1IbAogF7FKG5GCtzFepiJkfCL7DSNAfwY3QrnKpVSzZkWHe_OsLzPtUTFSeIHztzCAGE4D-z3TNY1lXREcOnbxiMW0PQhgYcz1CTAmLkt57rStLHXqcnX25g8sPAcanmT9RXeAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1diEBA0kX8665VyM8DY5KXPBPzHw%26client%3Dca-pub-5127716841867747%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CBAC 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CBAC 308 B
636 B 128ms
126ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame CBAC 507 B
835 B 146ms
144ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame CBAC 43 B
347 B 47ms
46ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=3gtx-1oP_H7J1_x3E8eUhKiuzOkhFJJIH0LeSEM2re4NeUfwgCTqaj472CSpCxeRuxn4NV_w6HF5ebKjeLb_M8xmDnArfFMnTFaM9yVsK4R8x76rR7x830FKwMqzerbLt5xS3Ybt_FWZqgz8mc5tNdVj9EmGSsGpgJ8scFvsgFPJJfyYa_TRFyIrnO0wo6VD-LbJLo4HYaoQ5oHWALT5haxhwPTj1qWBnYfQSZneIFaLlSrwSzD8jRW3JPTDuQ6Rv1XNeFZZXZQAB2F-XPssQ_FhF5pV_rpWLq6hiIjyYO1uxedBF6jAargd2_rLCd4rLv7_iGDq4ZjwnJoCYsqhSCnMd65ovBgjJ-tKCzUh1Rof_0L4q_G_G6AXOtuJn0lhT1HBHycCGu8nYneg2Vt_yFEKRpV0LOmzaDE18M5IsWlX4rL4bnew0XFE_46Iia5IOq1Yrg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3058936
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif
static.criteo.net/design/dt/90764/220105/ Frame CBAC 261 KB
262 KB 128ms
126ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-41466"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 267366
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame C9AA 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
DATA 200
OK truncated
/ Frame 9966 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca0006de845ba56e09fbe0981e899ece15c1f6a6da4cd3fb994a8b568f0cd82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7FD7 16 KB
16 KB 34ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 231474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 05:33:18 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BBD4 16 KB
16 KB 32ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 231474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 05:33:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1065 672 B
361 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/e397c63ab7194025e129eda36af3c71a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97b78ad799f6a38c07afa4857123ec6fde0ed179e4bbb8ab82a31341fe0fbf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 20:33:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:13 GMT

GET
H3 200 caa9c24b69c99b698126306d4014024f.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/media/ Frame 1065 75 KB
75 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/media/caa9c24b69c99b698126306d4014024f.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86c7bf11d7b48a7f3d16ce2455a56209355827fee434af0d30aeeea8704ed2c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 463109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76800
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:03 GMT
server: sffe
date: Sun, 06 Mar 2022 13:12:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 13:12:44 GMT

GET
H3 200 eb28d6588262baebf73a8949d88cc09c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/media/ Frame 1065 26 KB
8 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/media/eb28d6588262baebf73a8949d88cc09c.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16029609926136477954/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8835160abf4453ebfc2e50964546420cb3164ed2cbe1cc05e7952cfebb17cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 463109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7835
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:03 GMT
server: sffe
date: Sun, 06 Mar 2022 13:12:44 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Mar 2023 13:12:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AB5F 0
127 B 107ms
21ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HNspP07Nmlhl1JA89YdlIzqbGDv9ZYD_eV7wkp9CI4oq1l4mOSy_D0A8th3Ud_84GdM5q16xbw_GOPtbwN6tHoH1CGCYgUk2Mc618GeYpvUZRdpERqkraIOtmdG6BYlakc9-yIBeVmY2hG1qfZyWUFa9vnGgqshHDNDytrtZDP9e5woSieoMd43aBgEcdCjSfcL6E_p56GYhpP7Ty7VgKrUwLm3OzjVcBHr8SoFWnestiXf7xVULjB9juIOYyao3fQL66w&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AB5F 2 KB
1 KB 147ms
147ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AB5F 2 KB
1 KB 147ms
146ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2218 0
127 B 102ms
21ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=tpLC507Nmlhl1JA8-uqMaCYv3jgJadJVEtiwvh4cEyxF1lUsa-120zfAw-HHV_K-yfkG6fP9WaGV4dzoYRftof23rSLcihjkdG7yvDvKtcohbt9dgWy7W3aE37o2ZQcqHakcptRZAav_-qxrlGlLMLKzsCqqUd2lbTxUzt_DXX6oq9Ch5b_Es_W2jLwdeVvmCwUw8S007TFAhDjsXiyg9Dwhtmn191K72lWk60tYz_PUOjMnfuwb6kQN__bVMHwR9K2d9Q&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2218 2 KB
1 KB 142ms
141ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2218 2 KB
1 KB 142ms
142ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame FFA6 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C871 0
127 B 89ms
21ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=YTUF1k7Nmlhl1JA8kGCHMJpz0ST37tukqLcYmhdKxtErD-mX4ByAY_s7I2fvk2RFGeGDk5W_0ugAsCm063wv0eS7p9l_PZCYKgkdm10FieVZ58KUujqbbhRJYZv0_kVOyXG5WYaOJmcjwRrGofVgFCPq_leSl3riiixvoSly5n25An29r7b10wqagdubiBeSWrS1bl6UIcDm-67uEHk4Kx_YyAl9ojQ5xeov9NI4gq9QntIKPcBLmD-IH5x7bJZaGXtd5A&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:11 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C871 2 KB
1 KB 147ms
147ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C871 2 KB
1 KB 152ms
149ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 379C 35 KB
13 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CBAC 0
127 B 79ms
22ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Y5rfP07Nmlhl1JA8hdtbEaXXTcaEtMsCPBbcz9leV-MBhrCf0pCW71hYKAJZuSBvGkEEzHI4JcvzR9VM5DB79Ovucrd7lhydgRb-gyRobvKH0dUPclyFc27n_OS20XEhYQebDA4BdFmWVkUNp99tN3mVTQVFFP13Bmc9mWX2JzXhKH5_nzaYcyjQu7d_AvmG6CQf95CxYPS_v-8C_-j-59TGkFMYNQBUMBBt0-DRWUjde7s0B4izs6qCZBFv2zbZTvr_nw&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CBAC 2 KB
1 KB 151ms
150ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CBAC 2 KB
1 KB 150ms
150ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Mar 2023 21:51:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

77ms
76ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 21:51:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AB7 143 B
163 B 33ms
33ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Mar 2022 21:05:03 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 9081 2 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:41:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9081 117 KB
36 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Mar 2022 21:51:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A18 672 B
361 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/f4561eff9af277ad0a042647ec424030.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97b78ad799f6a38c07afa4857123ec6fde0ed179e4bbb8ab82a31341fe0fbf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 20:20:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Mar 2022 21:51:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Mar 2022 21:51:13 GMT

GET
H3 200 f1b97ba78524f8a9a7b308ecbf9c6df1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/media/ Frame 4A18 14 KB
14 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/media/f1b97ba78524f8a9a7b308ecbf9c6df1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8812482a38d462b6765c0524a8f49fcf26e45da890ae549eb08e792a8f5e6fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 164623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14685
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:21 GMT
server: sffe
date: Thu, 10 Mar 2022 00:07:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Mar 2023 00:07:30 GMT

GET
H3 200 eb28d6588262baebf73a8949d88cc09c.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/media/ Frame 4A18 26 KB
8 KB 29ms
29ms Image
image/svg+xml 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/media/eb28d6588262baebf73a8949d88cc09c.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7534980988070739056/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8835160abf4453ebfc2e50964546420cb3164ed2cbe1cc05e7952cfebb17cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 230983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7835
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 11:21:21 GMT
server: sffe
date: Wed, 09 Mar 2022 05:41:30 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Mar 2023 05:41:30 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 248D 35 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C9AA 0
0 33ms
24ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKZ0N8q-GSC44h-lT3j3iWfaESnmnLpdl0h0DOYkgCD9NPIVwwjYBYeTsWGf8T8e5kUsbaYCiJlGxszBAoPLLzBSICrw
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C9AA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa14a6eb8beb28a9968184eb3cd61f8b13b15063afcd54cdd1bc840aa0ef1293

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 1065 22 KB
22 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:48:01 GMT
x-content-type-options: nosniff
age: 180192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:48:01 GMT

GET
DATA 200
OK truncated
/ Frame 1065 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a5b78ad822b53b004ccf50ed056a74bc7a3a2a59b722394ca0238616eef9c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6EBE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

156ms
156ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 21:51:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame DA58 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
DATA 200
OK truncated
/ Frame 4A18 450 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a5b78ad822b53b004ccf50ed056a74bc7a3a2a59b722394ca0238616eef9c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame 4A18 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:48:01 GMT
x-content-type-options: nosniff
age: 180192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:48:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 9081 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:35:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DA58 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIY3XgoLzTCELwkf9jDASw2VuIpjtgMoDRSS2MX5_2JxgjedvaOE_YsfZIwCgdzaRlpo8Q_Pte0hE4KMfL5-seh4Elvg
Requested by: Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 250ms
249ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/jakartadaily_id.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 21:51:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Fri, 11 Mar 2022 22:51:13 GMT

GET
H/1.1 200 recommend Show response
id.popin.cc/popin_discovery/ 30 KB
6 KB 1090ms
307ms Script
application/javascript 119.63.197.150
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://id.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&&device=pc&media=www.jakartadaily.id&extra=windows&agency=nanyangbridge_id&topn=50&ad=10&r_category=all&country=id&redirect=true&uid=5969c74f6c5f0eb3f531647035473343&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTkuMC40ODQ0IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9saWZlc3R5bGUvcHItMTYyMjc2NzMyMC9pbmRvbmVzaWFuLWluZmx1ZW5jZXItaW5kcmEta2Vuei1vZmZpY2lhbGx5LWRldGFpbmVkLWZvci1iaW5vbW8tZnJhdWQtY2FzZSIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiJJbmRvbmVzaWFuJTIwSW5mbHVlbmNlciUyMEluZHJhJTIwS2VueiUyME9mZmljaWFsbHklMjBEZXRhaW5lZCUyMGZvciUyMEJpbm9tbyUyMEZyYXVkJTIwQ2FzZSUyMC0lMjBKYWthcnRhJTIwRGFpbHkiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vd3d3Lmpha2FydGFkYWlseS5pZC9saWZlc3R5bGUvcHItMTYyMjc2NzMyMC9pbmRvbmVzaWFuLWluZmx1ZW5jZXItaW5kcmEta2Vuei1vZmZpY2lhbGx5LWRldGFpbmVkLWZvci1iaW5vbW8tZnJhdWQtY2FzZSIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJ3d3cuamFrYXJ0YWRhaWx5LmlkIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY0NzAzNTQ3MzM0NCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&callback=_p6_95cc086ea020
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/jakartadaily_id.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 2c9bcf70d9b1d652d2e3160ad6a91e8f17877281baaea841394ea9fb0025838b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 21:51:14 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 154 KB
42 KB 506ms
506ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/jakartadaily_id.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6350ff27bc9ba187110dc7cdb20519d9da366e61528c5b944a7cdf1bc84541ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 11 Mar 2022 21:51:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 11:59:59 GMT
Server: nginx
ETag: W/"be38e10521ab8b59e5ec576d2473bd7f"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: 0zRQXTPzpaFCWAqCOSH6KgDYA7ZCF9Zy
Expires: Fri, 11 Mar 2022 22:51:13 GMT

GET
DATA 200
OK truncated
/ Frame DA58 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a64bbd9d2960e6bb96140f9df3d3b77f402c7e6170380397cc05f8496acb50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2AB7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

65ms
65ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Mar 2022 21:51:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Mar 2022 21:51:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1065 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A18 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

GET
DATA 200
OK truncated
/ Frame 9081 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78dbe5a97d9e024328ce59e47e1f3de63ac2d9d21e992730756acb81633a82b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame DB15 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
URL: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 11:55:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Mar 2023 11:55:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74E0 42 B
64 B 44ms
27ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNXT7D2dFewQWQ7hKJWXawofNh0rbdqFuu_BsoYGb07mjpbzahMEB29mshT6gJK4kT2_qBvQDaTSvVtkY0rDy-&sig=Cg0ArKJSzJlguHgoY4biEAE&id=lidar2&mcvt=1006&p=119,1350,719,1510&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3069493291&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472459&rpt=310&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9AA 42 B
64 B 32ms
32ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBayFTTXFmx44HQOJdhC5y7-ObwDNDOAun0iyL6rlBAuMpRpQj9fYWavjVu2rlQeybIJkvE_M73bfdEGEqT8WUtxiMBTjHT-4DWW_bsZYEl9WoqwBGNw&sai=AMfl-YQzgTojJ7M9PWYeUaHALthesFKzQmvFGzesv-dxmQ_4D1ppYNGPnujTHiUfZCoQMAj3rhibrcZlvsPXjuah8dhHfYtmnQCARqBLt6vDxCpx8HnOyKk7VWrUMu6dz5Up&sig=Cg0ArKJSzFpp7kjdrMamEAE&id=lidar2&mcvt=1001&p=119,90,719,250&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=81895508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472457&rpt=432&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9966 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQYXiY3sut2sZHCK3bWWpVM6FW4roj_OkiKKU0Ri6ahuYxCwMKnjXeJNgrlFebwgIdwaMenGCWshDM5kVptGB0&sig=Cg0ArKJSzIj-UQF3CCxHEAE&id=lidar2&mcvt=1003&p=1110,315,1200,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=523465871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472464&rpt=382&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FD7 42 B
64 B 37ms
36ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSIqMIGV-oKGSuE8Vvb3dzPgONNS71IHh_zzQktb0QZ-PD8cY5N2DECD4GbWLtk7almN0YouQPk_Qg-DwKVtiqkNdaLF8khsg0YdtWINz6XhMUXc5h6cXJ5fOt_sK_lnL-t1L-OMezKtN4&sai=AMfl-YQYhoWroyWIhjqdRMj8GD0WWooHThIpz3k928d_cxtl_1bM05k4Ha8Sk2_dpX30tjiNYBOs_rJ3Y6koFSZPdJEkdXB5NFseRXfzehqAEMHy_Sam5-d_hAbwpHwwBpSu&sig=Cg0ArKJSzCEviOy4QZDBEAE&id=lidar2&mcvt=1002&p=419,1035,1019,1335&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1590741703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472451&rpt=514&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 066D 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUARG2KHVKzz0T__th58spFpVe50zdfwvjrZJXlSUYj5fhsy6PL41A4nmzyCoOwEvwDTb1OjGu5WqBUXQCp_GSQK_XrLxA_L8pJ6fX6Q4bITaa-6GVAA&sai=AMfl-YTff7HsS8szqtXIBJHHEBH0bf3Ienz2bYNRlp42Uaj7wQSUZqsZpxC0nDg7D8o0h02YGX4bg6qUBtaiuQW1nivLMfR4ZS7ELvoBf7Eu-kMHu2KXEKNV0T3r1S9dZO5G&sig=Cg0ArKJSzKFTSBmsUqqEEAE&id=lidar2&mcvt=1020&p=139,315,389,1285&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4047974359&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472445&rpt=550&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AB5F 0
127 B 12ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 2218 0
127 B 12ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9081 42 B
64 B 37ms
36ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8z6JJkibi_eftXTgHHMXhNDyZXggm6-jdXJCoFLlF5vpWcVB7IL7PE_aMuSzxTCqV9J80HjSdifiuey1yJzjnVhPklIBiZSpYH2VLmydrccXwiNLRagxxnRLNoSj2i_tx8RlXi7EsQgin&sai=AMfl-YRZYWAgpgOudVIF0SFTY3sqZo-5e0qCssC75HxgdTKfE06UkRE_EtceygbVsWIycGag2rHzUd0Eoacx2hSfWiawfGdnfmvgTDjbzT_bISUTLskhWjV1yJOhFDOvJ7s8&sig=Cg0ArKJSzJ_eR7Mpvri1EAE&id=lidar2&mcvt=1000&p=1123,271,1213,999&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=0.86&if=1&app=0&itpl=21&adk=591077246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647035472493&rpt=756&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Mar 2022 21:51:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 770ms
252ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-th&uid=5969c74f6c5f0eb3f531647035473343&url=https%3A%2F%2Fwww.jakartadaily.id%2Flifestyle%2Fpr-1622767320%2Findonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case&t=1647035474440
Requested by: Host: www.jakartadaily.id
URL: https://www.jakartadaily.id/lifestyle/pr-1622767320/indonesian-influencer-indra-kenz-officially-detained-for-binomo-fraud-case
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.jakartadaily.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 21:51:15 GMT
last-modified: Tue, 10 Sep 2019 08:00:29 GMT
server: nginx
etag: "5d77581d-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 all
csm.eu.criteo.net/ Frame 2218 0
127 B 13ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:19 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame C871 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Mar 2022 21:51:19 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.promediateknologi.com
URL: https://assets.promediateknologi.com/crop/0x0:0x0/100x100/photo/2022/02/16/1084431991.jpg

Domain: www.jakartadaily.id
URL: https://www.jakartadaily.id/sw/firebase-messaging-sw.js?v=1

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 01:30:37	Name: __cf_bm Value: bl325fXbAME3.3j3zCwDRDcYIX2Scru9hf7q.lT1cas-1647035471-0-AfT8JuHS8DRDRiMu+f5wGqjVQAD4JTahR6kIavyCIDwwFPqSQOnl8HGwEdIhbPhH8tdoVNMkp76d0Xzse2SJoEc=
.jakartadaily.id/	1970-01-20 19:01:47	Name: _ga Value: GA1.2.1927111635.1647035472
.jakartadaily.id/	1970-01-20 01:32:01	Name: _gid Value: GA1.2.1718961336.1647035472
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-195466154-23 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-195466154-34 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-195466154-39 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-195466154-56 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-1 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-2 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-3 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-4 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-5 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-6 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-7 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-8 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-9 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-10 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-11 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-12 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-13 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-14 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-15 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-45 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-57 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-82 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_UA-207405423-93 Value: 1
.jakartadaily.id/	1970-01-20 01:30:35	Name: _gat_gtag_UA_207405423_45 Value: 1
servicer.mgid.com/	1970-01-20 01:30:36	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m2bcUSIH42Pd
www.jakartadaily.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1212591%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647035472370%7D%7D
.jakartadaily.id/	1970-01-20 10:52:11	Name: __gads Value: ID=d3b6ba6803e1ce80-22fb40325acd00f1:T=1647035471:S=ALNI_Mb1KoiTNC-HyG6u2lbP3i5dq3hPEg
.doubleclick.net/	1970-01-20 10:52:11	Name: IDE Value: AHWqTUntIRcrin6mec_NLIdp3Ma8zhI5p4bk7xsB1W_4VW3jlf7YECGOrN62uNusllA
.doubleclick.net/	1970-01-20 01:30:39	Name: DSID Value: NO_DATA
.jakartadaily.id/	1970-01-20 10:16:11	Name: _ss_pp_id Value: 5969c74f6c5f0eb3f531647035473343
.jakartadaily.id/	1970-01-20 19:01:47	Name: _td Value: 7b4354bd-324b-49d8-8851-f7e73d5803cb
.popin.cc/	1970-01-20 10:16:11	Name: uid Value: 5969c74f6c5f0eb3f531647035473343

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://assets.promediateknologi.com/promedia/en-news/desktop/js/share.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
advertnative.com
api.popin.cc
assets.promediateknologi.com
c.mgid.com
cat.fr.eu.criteo.com
cdn.mgid.com
certify-js.alexametrics.com
certify.alexametrics.com
click.advertnative.com
cm.mgid.com
csm.eu.criteo.net
f67ce115860f7aba297ed76ec8406b8a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.popin.cc
js.rfp.fout.jp
jsc.mgid.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.popin.cc
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jakartadaily.id
assets.promediateknologi.com
www.jakartadaily.id
104.19.133.78
108.138.17.48
108.138.7.54
108.157.4.99
119.63.193.220
119.63.197.150
119.63.198.188
139.99.126.163
139.99.126.164
142.250.184.226
178.250.0.160
178.250.2.150
18.66.97.10
2600:1f13:57e:7b01:d9ee:110c:8cd3:e01f
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2006
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:26f0:6c00:2b4::7ca
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a38cf7423f9f7060c66183e74e7e138bed849de551199c490e3a1e97ce291e7
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0df032d58291a1bae4451d9bea4d904d6f16d7cc9e14b6b6e25e9507f5098447
1018ad022ebd3bbd31a9ea049c1f683346d3353792ba123fa1a7d2abbb0788ce
101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6
101e7099d24cd8231adec207260393eb4d49c92ac92dea66260002a5e8882107
13f0b80a8475a6640df435d02f8a886afbe2c41fc07925f2fc7b0e5de586ece5
1517b5246f24efd5abf47f90c676a2e70fc62d28fb0f7e199e249111d4450a21
15c7fc754bf6e848a2f3ef252b7e8028396ce83576bebaf577567ffdaecf79be
164e2138d0556b2c2ac5cb48355f2978debd2e1fd3df53697bb293815391a6b3
172882d5a20c196baf58b880cc6b5738b3ab6873c6d9cc40c1aed133387add35
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184d7b69a4ae85335f5d821663de528937724fbf1be05c414d3c7b0ff81e9eee
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1c2484ebe98b1aecfd9700c2697abc4cc2f77fc6f530bd776d68b37fc1880506
22d575d259b402bffabc1ed0d7ea15cd6733a374c231c60e120a2f71bf04f240
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
241c01dfc1093b17ed1917cf7dd3467d71d05c78fd25395a080c9ed61235f10d
27a8517fc3c6d5644cdeab2b6bc74d1189d5dd81c66a4726b500a52a144c83cd
2c9bcf70d9b1d652d2e3160ad6a91e8f17877281baaea841394ea9fb0025838b
2d65ac4cc00c6155f10471dec6dca0cde27e4c1993188d79e5df79a04e1840f7
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
33a2bc5bcb6704606e1369c473fafc072c6d8875278955bb4a847553f1eca306
34a5b78ad822b53b004ccf50ed056a74bc7a3a2a59b722394ca0238616eef9c7
3a8717b1c866759c800df22bdc5b34545730d2790473892a4cf31dce49bf1170
3dd82cc65f43c6486b5addb55a6f78be56e93c44423a88fa8de9372f5e7714b2
3df788c46c6342c3384392c52837e0ab6a6850e4d1bb1ecdc569ae4a293821fd
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
3ee05805308fdad500dabaf05253a642ffa630a55fd62aee1ef224f5d64f28b4
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
42b06f7d0d47dd13f3b3143098f7b51b4397461ae7ad4c78effa3ba9d8c53011
42d2d2f5ca7d4a74d4cec7eb892236bd4ca4790ef0446d15a1cde9d1e1d555d0
43a18abd021bbfa07c6eaabda2779b46a7ebc64abce60bde1ef84ba673586eb5
44a64bbd9d2960e6bb96140f9df3d3b77f402c7e6170380397cc05f8496acb50
45fea3d07ac063218ccba9f040db167bf979a8b4cb097e287d4c1b229794da7f
486cc27a1c91b138c3fc2179fbfc87cb4a3736a4c075a605869c7c7b67db2cf1
4dbe09ec6efde29125d423af71847b0d9560025aeb3c81d02131641d63cf1a26
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
524160e936b37ca64801d1925674fa3482f398ee0a03af068ac4ad330167b15c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57bbaf73a7225679e0ad7cd598c788c5531e070de1ab4411cea5898e448017af
5800d9df874a9bd5f39924a5c0eda6053b20c0940d9b01328ca04328f7d2a130
58dac5fa8f9190cb483ae7c411bea3fce68d6bd24d2a7a204561e0d6e15f045b
5a62250ead86dfaf0b8bc63b79aae8933ce6ed88c781ff1aab3c7b100045df9a
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
6350ff27bc9ba187110dc7cdb20519d9da366e61528c5b944a7cdf1bc84541ac
65786836c3f8e2948f0071123afe0e6504e3014a3a02b20014133c232f6301cb
6673a83e214096b51efd267c0d7dca63606bf4b058c6132d3cd81d15b476106b
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7140652a9c0fc05f7bc567243697ad95af7d2e238c5ffbaba9e240db5058da03
72a213da5d5c10e5b53e1855bb706df4810295f001d789978026139e76976d57
783643f063d31a55f7333f09e8689532393e30862d54587592bf83e493cc2fe5
78dbe5a97d9e024328ce59e47e1f3de63ac2d9d21e992730756acb81633a82b4
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
80e36e33159acbfada1e6c674d92f93e1d74ca920e610e1a18ef142727dae8b1
82a47360f1cbacadbf98e8a5b2355eabc9f44ab440d82fc8966b36324510846c
82d7646a36f7edfa35f4308f6150a5a6524198872b24f8c1b2e4997bc09b63d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c7bf11d7b48a7f3d16ce2455a56209355827fee434af0d30aeeea8704ed2c5
893272f386161bc5de59f161622195fa4cc580b63e4f49d21d495394a3e09972
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
93cd65ce3662c6cffe32a75f5b4ef49159b801036ba9728b9983c052940eddfa
977257b795b7ddf199f35302823f3ec50279cc9d0a7f525f804af3c62f9827f2
97b78ad799f6a38c07afa4857123ec6fde0ed179e4bbb8ab82a31341fe0fbf28
9b2768ec59412bbaf92b5ce4405dff00a4e08af74a4226ff5d930d5816d48310
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9db819fcacffaf3e9d603f594ce05f8594bcbb8389c59e687c97c26966c2d850
9de5a9ee5dc9d4ca558268b7bcd6ead5eaff468a4a13f526738b4e5f65b32855
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3c6e6e278c8858e9d350e96a8dda97f14826c630a7094791e19d1ea4c35a2eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa14a6eb8beb28a9968184eb3cd61f8b13b15063afcd54cdd1bc840aa0ef1293
add450a57df7c9b0b2310e2b0eb5e1c3866f18314f427e1dfaeb263a70ae8607
b8812482a38d462b6765c0524a8f49fcf26e45da890ae549eb08e792a8f5e6fa
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb8835160abf4453ebfc2e50964546420cb3164ed2cbe1cc05e7952cfebb17cb
bd5235072e7eaccce2644acadbc2780addcdcd14d4a2668c965c1213e143955e
c38cc327ff4aa4487c7a7c1d003067f1452ba73d881d7914bbe366d7e016f568
c6109468b04c8076cb9fbbe002b0f5382f34a4c68bc024523c1bff5187de9efb
c658f20651c3a6a332b13ef3a91abbb6bbbaa1926236a6591ca701f986eb3505
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c7b314bede193e724fbaddea45d80bdd780ce70251905b7c5fb3f745567c4d87
c98c37237f53887b38b43b163f6e675ce03796b0706d66f356c534017006a5b5
ca0006de845ba56e09fbe0981e899ece15c1f6a6da4cd3fb994a8b568f0cd82f
cbd2bf7997d46cd084ab99419191c274c50f42e6bd616afea5a7ae09336bd5b5
cceb4bd359e63a9dd19b81e82fb7c55bc4e8b837e1a2e1931b2550ad27b579ce
ce246b13a7f316521adad2d9a6af151a26d5d8ba56628b82b6afcb44ae4b2cc3
ce705e1084a274b55ab1d612972fca089b15d4f653e29c1d26a7002be54ab3c6
d11b010cedf3a5ff81a1cf7a79b50f6606ac6eddb6f9047bedb421e033b6c602
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de33fe1ba0d81147fc56ff19149e85914d13c4c4d7a5969aeda463d9f4787848
debd606134571219c6a7d017dc6da9ba6336bbfb21823ea0b14d1718a0a5e43e
df704fb6d7071326232c9b23e97f4bac7747a1c37c7749d0a925ccfc0ef2a032
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b45d42d9c5907d3f8257c6c9dbfb93738efaafaea53281e14d4f53383d9fb9
e5f348c6629908a514ee54c3f6e08d6b2ddc8d683f9ec2bdcb91688a718cf7f2
e62de225ff3660330f60d604129ca5b27c3cf127da21b3676593befe7b0e0e3e
e76d31525f3b16f946d3f0188e62b5e97da4b6f06569616fe502d47bfee75e44
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ee95844d1142db0076b04a802dd0784aa3243704b2ca5f22d7b5f9fd6e643042
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7eabc5a8dbf79dfe9d11939423c2151dc190314306aef614b363f1c2c0396
f38409ad7eb862f703a924dba77ee7c718d3023c8de907a95fbf3aaa9dc08ebe
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
fae7a9dc1c620f3613dcd561a150ad78ce1859869cef940030f4c7c5682d7b22
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fdaeb32f2f2b026d74b2e820d614241b2354687e456819ece14659f8d8511dc0
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7

www.jakartadaily.id Open in urlscan Pro 18.66.97.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

290 Requests

98 %HTTPS

61 %IPv6

19 Domains

39 Subdomains

34 IPs

7 Countries

3401 kBTransfer

7312 kBSize

36 Cookies

12 Outgoing links

Redirected requests

290 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jakartadaily.id Open in urlscan Pro
18.66.97.10 Public Scan

Screenshot
Live screenshot

Full Image

290
Requests

98 %
HTTPS

61 %
IPv6

19
Domains

39
Subdomains

34
IPs

7
Countries

3401 kB
Transfer

7312 kB
Size

36
Cookies

290 HTTP transactions
15 data transactions