www.infonebanten.my.id Open in urlscan Pro
2a00:1450:400e:810::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/qFOZGhZW1W
Effective URL:
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Submission: On September 09 via manual (September 9th 2022, 4:51:27 pm UTC) from SG — Scanned from DE

Summary HTTP 101 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 27 domains to perform 101 HTTP transactions. The main IP is 2a00:1450:400e:810::2013, located in Ireland and belongs to GOOGLE, US. The main domain is www.infonebanten.my.id.
TLS certificate: Issued by GTS CA 1D4 on September 9th 2022. Valid for: 3 months.

This is the only time www.infonebanten.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:400e:810::2013	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
1	23.6.112.33 23.6.112.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
101	29

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

antihoax.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:810::2013 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.antihoax.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.infonebanten.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.6.112.33 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-6-112-33.deploy.static.akamaitechnologies.com

cdn0-production-images-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.makintahu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

makintahu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

vdbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.42 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

o-oo.ooo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.200.127 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.8 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

ebaaa.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

ljii.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	blogger.com www.blogger.com — Cisco Umbrella Rank: 6949	899 KB
13	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12613	164 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	273 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	12 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	389 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 142 play.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 19	25 KB
4	udbaa.com udbaa.com — Cisco Umbrella Rank: 253584	6 KB
4	eu.org 2 redirects antihoax.eu.org www.antihoax.eu.org	68 KB
3	typekit.net p.typekit.net — Cisco Umbrella Rank: 1273 use.typekit.net — Cisco Umbrella Rank: 1044	37 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 10760	273 KB
3	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 127442	24 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5202	914 B
2	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 11427	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	infonebanten.my.id www.infonebanten.my.id	41 KB
2	ebaaa.xyz ebaaa.xyz — Cisco Umbrella Rank: 114877	5 KB
2	makintahu.com 1 redirects www.makintahu.com makintahu.com	525 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	476 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	28 KB
1	github.io ljii.github.io — Cisco Umbrella Rank: 151474	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
1	o-oo.ooo o-oo.ooo — Cisco Umbrella Rank: 729575	31 KB
1	vdbaa.com vdbaa.com — Cisco Umbrella Rank: 252819	2 KB
1	akamaized.net cdn0-production-images-kly.akamaized.net — Cisco Umbrella Rank: 74978	39 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3896	860 B
1	t.co t.co — Cisco Umbrella Rank: 600	622 B
0	geoplugin.net Failed www.geoplugin.net Failed
101	27

	Domain	Requested by
18	www.blogger.com	www.antihoax.eu.org www.infonebanten.my.id www.blogger.com cdnjs.cloudflare.com t.co
13	blogger.googleusercontent.com	www.antihoax.eu.org www.infonebanten.my.id
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	www.infonebanten.my.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.blogger.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	fonts.gstatic.com	www.infonebanten.my.id www.google.com
4	udbaa.com	www.antihoax.eu.org udbaa.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	pro.fontawesome.com	www.infonebanten.my.id pro.fontawesome.com
3	ylx-i.advertica-cdn2.com	www.antihoax.eu.org udbaa.com
3	www.antihoax.eu.org	1 redirects t.co www.antihoax.eu.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	4.bp.blogspot.com	www.infonebanten.my.id
2	use.typekit.net	www.infonebanten.my.id
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.infonebanten.my.id	www.infonebanten.my.id
2	ebaaa.xyz	udbaa.com ebaaa.xyz
1	play.google.com	www.blogger.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	www.infonebanten.my.id
1	ljii.github.io	www.infonebanten.my.id
1	p.typekit.net	client
1	www.googletagmanager.com	www.infonebanten.my.id
1	o-oo.ooo	vdbaa.com
1	vdbaa.com	www.antihoax.eu.org
1	makintahu.com	www.antihoax.eu.org
1	www.makintahu.com	1 redirects
1	cdn0-production-images-kly.akamaized.net	www.antihoax.eu.org
1	res.cloudinary.com	www.antihoax.eu.org
1	antihoax.eu.org	1 redirects
1	t.co
0	www.geoplugin.net Failed	ljii.github.io
101	34

This site contains links to these domains. Also see Links.

Domain
www.am2z.com
www.mrjaz.com
sohanisharma.com
blogger.googleusercontent.com
www.janda-cari-jodoh.eu.org
www.blogger.com
twitter.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.antihoax.eu.org GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
vdbaa.com R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
udbaa.com R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
o-oo.ooo R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
ebaaa.xyz R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
www.infonebanten.my.id GTS CA 1D4	`2022-09-09` - `2022-12-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Frame ID: 1250F85680A39D4410ABB88AAC64CDB8
Requests: 61 HTTP requests in this frame

Frame: https://udbaa.com/banner_show.php?section=R&pub=737457&format=728x90&ga=g&slider=91c33f742989f55a23329affe622ed66
Frame ID: 4B395768827E424867DF227E623238E6
Requests: 1 HTTP requests in this frame

Frame: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Frame ID: E87346ABD8777B97F451BDAF96E5A198
Requests: 5 HTTP requests in this frame

Frame: https://ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCdZAdrrCACrjANZriNrAANrddCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_24426&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=728&height=90&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=268916272741&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0=
Frame ID: 8A2A8206F1578B5B55067835776781DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
Frame ID: 99907D8436DEBE5BBB7DBE89BA1F8DBE
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772
Frame ID: DF6313FA7EF6F94D73C20243D666983B
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772
Frame ID: D30AADB2F8E4E5576DEFCC7273E007BA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&adk=1812271804&adf=3025194257&lmt=1662741214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742283937&bpp=2&bdt=276&idt=333&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6641012684680&frm=20&pv=2&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350
Frame ID: AB37568E362911C62CFE6D7AEE89C53D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=8969363499&adk=2761282531&adf=1983417940&pi=t.ma~as.8969363499&w=1058&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=1058x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742283939&bpp=1&bdt=278&idt=352&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hN3hzUtPbp&p=https%3A//www.infonebanten.my.id&dtd=355
Frame ID: 7AB4D1ED3C50D5EB46FDE2427532E51C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=1411217929&adk=188241918&adf=2773139456&pi=t.ma~as.1411217929&w=728&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284010&bpp=5&bdt=349&idt=290&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=e0XQRMKzt3&p=https%3A//www.infonebanten.my.id&dtd=293
Frame ID: 204B1BC3A16B3E184232EBBE0E9F4661
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=6304721807&adk=1151473238&adf=2319056852&pi=t.ma~as.6304721807&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284015&bpp=1&bdt=354&idt=291&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=C1GXqIC6Be&p=https%3A//www.infonebanten.my.id&dtd=294
Frame ID: 48352550411259179CB8516B4B3833BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=7436789971&adk=582714291&adf=1706410466&pi=t.ma~as.7436789971&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284017&bpp=1&bdt=356&idt=294&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Yy8hHB0weJ&p=https%3A//www.infonebanten.my.id&dtd=554
Frame ID: 134CF3F2E18EE887E764397DCABD05E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=1041204077&pi=t.aa~a.1381849204~i.7~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=936&idt=-M&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182&nras=2&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=pibn9srvc4&p=https%3A//www.infonebanten.my.id&dtd=11
Frame ID: A6F80F13452B517F1234AE0A2F44D29F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3131877929&pi=t.aa~a.1381849204~i.9~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=936&idt=-M&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182%2C728x280&nras=3&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=2195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8W4efttReu&p=https%3A//www.infonebanten.my.id&dtd=14
Frame ID: F1C95E1D42B1414DDF214DAC16556A27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3179669750&pi=t.aa~a.1381849204~i.17~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=935&idt=0&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182%2C728x280%2C728x280&nras=4&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=nhlrhlLM3Z&p=https%3A//www.infonebanten.my.id&dtd=17
Frame ID: C6F387DB8C7BCA624E88F141E516D6F0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=cklrx0u4w4y2
Frame ID: B83BBD7A535AA339D0BE8A91CDE95DA1
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: AD47EE8C7544A722BF9CB0EAB2FE34E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7CD66487BC8B5E39E9F241FB791F4A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33D8C5BE3EB160EA55BC7FE62458530E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Asuransi Cigna Penipuan

Page URL History Show full URLs

https://t.co/qFOZGhZW1W Page URL
http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html Page URL
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

98 %
HTTPS

77 %
IPv6

27
Domains

34
Subdomains

29
IPs

5
Countries

2380 kB
Transfer

4485 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.am2z.com/
Title: Am2z News

Search URL Search Domain Scan URL

URL: https://www.mrjaz.com/
Title: MrJaz

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/
Title: SohaniSharma

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0ngglwZYODU6WOcE_53TIkZ6ZCX2jk7ivH6Zkf_yV/s1476/Fbw5CvJUsAAWEMp.jpg

Search URL Search Domain Scan URL

URL: https://www.janda-cari-jodoh.eu.org/2022/09/cara-membuat-template-halaman-website_5.html
Title: Visit Download Video : Click Here

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772

Search URL Search Domain Scan URL

URL: https://twitter.com/Chiccaa98

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/qFOZGhZW1W Page URL
http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html Page URL
https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html HTTP 301
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Request Chain 7

https://www.makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg HTTP 301
https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 qFOZGhZW1W
t.co/ 415 B
622 B 140ms
119ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/qFOZGhZW1W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 238
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Fri, 09 Sep 2022 16:51:19 GMT
expires: Fri, 09 Sep 2022 16:56:20 GMT
referrer-policy: unsafe-url
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 5bdbb051a401870080a1b956e8a7d3b922a83fd6a81cb19205e0e7b2fe8b20d5
x-response-time: 112
x-xss-protection: 0

GET
H2

200

cara-bangunin-ayang-yang-sadang-tidur.html Show response
www.antihoax.eu.org/2022/07/
Redirect Chain

http://antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
http://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

204 KB
65 KB

474ms
436ms

Document
text/html

2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Requested by

Host: t.co
URL: https://t.co/qFOZGhZW1W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d63f3758eebeaba0dd4675178267fbfa47a2398ca687fca6f96f9c7d55cc07ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.co/qFOZGhZW1W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 65767
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:51:21 GMT
etag: W/"142427e63fea7642df95e2ccf604b9760cbfbb6e4dd80aee5699ba7446fd7bd2"
expires: Fri, 09 Sep 2022 16:51:21 GMT
last-modified: Fri, 09 Sep 2022 16:40:25 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 210
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Sep 2022 16:51:21 GMT
Expires: Fri, 09 Sep 2022 16:51:21 GMT
Location: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 264ms
154ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8540763992246928234&zx=ef2e66ad-1dbf-482c-918e-5e60b7a34e6e

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:51:21 GMT
server: GSE
date: Fri, 09 Sep 2022 16:51:21 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 327 B
396 B 1003ms
916ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w1/10.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8aa807435d2930ada74e3d8ee6ad0a61080e3d5db69906fe4f603890c548d7eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 21 KB
21 KB 1009ms
923ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e21a02db9aeb3422f7196956e7ac513ce6cb6d65e9ea370f7a2a16b5f34f5388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21776
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 400 10.jpg
res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcM... 0
860 B 268ms
200ms Image
image/gif 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
vary: Save-Data
x-cld-error: public_id (https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg) is too long
server-timing: fastly;dur=190;cpu=1;start=2022-09-09T16:51:21.878Z;desc=miss,rtt;dur=5,cloudinary;dur=94;start=2022-09-09T16:51:21.928Z,cld-error;desc="public_id (https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg) is too long"
content-length: 0
last-modified: Thu, 08 Sep 2022 18:10:22 GMT
server: Cloudinary
etag: "d41d8cd98f00b204e9800998ecf8427e"
strict-transport-security: max-age=604800
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Cld-Error,Vary
cache-control: private, no-transform, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 18:10:21 GMT

GET
H2 200 042015100_1576584434-Doa_HL1.jpg
cdn0-production-images-kly.akamaized.net/qFF8jsJb_2ZLs2vAgtfbTilYuhM=/6x0:1186x665/640x360/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2998955/original/ 38 KB
39 KB 131ms
18ms Image
image/jpeg 23.6.112.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/qFF8jsJb_2ZLs2vAgtfbTilYuhM=/6x0:1186x665/640x360/filters:quality(75):strip_icc():format(jpeg)/kly-media-production/medias/2998955/original/042015100_1576584434-Doa_HL1.jpg
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.6.112.33 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-6-112-33.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9099ab8b1851f4f073b6f50d3abd2c1010343c68642847219603cb3c4e82c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 09 Sep 2022 16:51:21 GMT
x-ttl: 300.000
etag: "58c0148930b08b78b6d40be3d22bc27590ee24c7"
x-varnish: 1704233
server-node: production-thumbor-web-ig-4j68
cache-control: public, max-age=30089483
accept-ranges: bytes
content-type: image/jpeg
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 39227
server: nginx
expires: Wed, 23 Aug 2023 23:02:44 GMT

GET
H2

200

Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
makintahu.com/wp-content/uploads/2020/06/
Redirect Chain

https://www.makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg

0
0

497ms
273ms

Image
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date: Fri, 09 Sep 2022 16:51:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3QGuWva9eRH3S%2Fw1R899IaLxfmAickIhk81VtZI8jCjCUVhC5FdMZ%2Bi9nQDMeJjMhMEmx9IjKCdgv1LaQmmjytifJ70OgTB5lTYuEew1j%2BsA9r2gZ0xzxILCMDW80oBAOxadkEa1mwPVM5kTvTHaw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://makintahu.com/wp-content/uploads/2020/06/Pengertian-Iklan-Layanan-Masyarakat-750x375.jpg
cache-control: max-age=3600
cf-ray: 74816d9dbe5b9b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 09 Sep 2022 17:51:21 GMT

GET
H2 200 pun.php Show response
vdbaa.com/ 1 KB
2 KB 87ms
26ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=737457&ga=g
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 2c25ce1ea0c582e2ff7d4760f3500c1bf9988b6c8a58a2c3aba715189befb76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:51:21 GMT
last-modified: Fri, 09 Sep 2022 16:51:21 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Fri, 09 Sep 2022 16:51:21 GMT

GET
H2 200 slider.php Show response
udbaa.com/ 2 KB
2 KB 124ms
30ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/slider.php?section=R&pub=737457&ga=g&side=random
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 4e4c868d3cfb8c9c9300c6b89343ea6a3955643e97e359e7c041f84424e7734e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:51:21 GMT
last-modified: Fri, 09 Sep 2022 16:51:21 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Fri, 09 Sep 2022 16:51:21 GMT

GET
H2 200 8.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzi_fB-WlX-T0apyEKIDqugnXIEi6XxKaUAXN6xlJSr-gjn3XJu5hnYEHpP70xAopwB9vQAg7Cgxe8L7c5y4SY_nETLFq0pA26fkHASToX_fA-IUm2FCZdXTlaPTJ0UYuJEN82iLFdQp1QbHda... 16 KB
16 KB 944ms
872ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzi_fB-WlX-T0apyEKIDqugnXIEi6XxKaUAXN6xlJSr-gjn3XJu5hnYEHpP70xAopwB9vQAg7Cgxe8L7c5y4SY_nETLFq0pA26fkHASToX_fA-IUm2FCZdXTlaPTJ0UYuJEN82iLFdQp1QbHdaTdd_8RCY9lifaXVVMDE_Njsrs1fZoJeFBJrEYntG/w300/8.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da5bf7ece2deb365b2588d498fbda7e3bd194cc4d486719f09e220dc07a90241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16694
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 10.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcR... 12 KB
12 KB 955ms
885ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99068357b8c8884b73d76f8554ae6a03af947e8c35d46fcddf1b1036d9ab737e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12650
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 11.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ_6QZRqtBWKMG0TUe-uymW6M7LQkD1hYx5KV8ReuGPSOWFd0ORAdYI0kHOIRohu6_X3_1iOh-ChVKQw9h0txtc8GiHT9oD5RlyQ1ZHNy3_LrMbhirBZXzfzRt2jZ8zWNAkKaVOETnmde-PVE7... 13 KB
13 KB 980ms
910ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJ_6QZRqtBWKMG0TUe-uymW6M7LQkD1hYx5KV8ReuGPSOWFd0ORAdYI0kHOIRohu6_X3_1iOh-ChVKQw9h0txtc8GiHT9oD5RlyQ1ZHNy3_LrMbhirBZXzfzRt2jZ8zWNAkKaVOETnmde-PVE7-nkucoh5eFmKABLrkM-I5y2AFxhNkk4319NENjmF/w300/11.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9329247d7579fbe9c42373eaa6b664b6832a14c8ed3556f31913e0d556d7401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13116
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 7.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhayQAxJcfH7w_poSVkdtXwHSaz1XM0q3D9ULSmuLcdS70CDcjWcUiwEGLB3DFPIWkWxk18hOIr4t0jDqIK7tjKu6dx6yMxbmf-iEg6ZLvb12ZGLigmTBwswZBvm92F2cPTwYvvMZ54nAH_OvE1... 9 KB
10 KB 1031ms
961ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhayQAxJcfH7w_poSVkdtXwHSaz1XM0q3D9ULSmuLcdS70CDcjWcUiwEGLB3DFPIWkWxk18hOIr4t0jDqIK7tjKu6dx6yMxbmf-iEg6ZLvb12ZGLigmTBwswZBvm92F2cPTwYvvMZ54nAH_OvE160_5slMKtvBTn0ZGkIqXvw7T6LVcCYE-bYusAjh2/w300/7.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9715
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj07qv1XS1yXOxw610UNi5TqsJ1mGGyWMb3mZ9yCXLo2RAj6tcKGW22I5pWK01JHZbbhVV5BtJBvCP87QGyRGy68pN98qCMO_Xm-pKlUrbqrgAG4VA1YMLg_NIBwYIuImuTK6tG9seYQ_tLsOVX... 11 KB
11 KB 611ms
610ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj07qv1XS1yXOxw610UNi5TqsJ1mGGyWMb3mZ9yCXLo2RAj6tcKGW22I5pWK01JHZbbhVV5BtJBvCP87QGyRGy68pN98qCMO_Xm-pKlUrbqrgAG4VA1YMLg_NIBwYIuImuTK6tG9seYQ_tLsOVXkwp5fytq37KJOj4nXYh1lhyWGxY-6kDqMrKWBudp/w300/1.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

edbe2344be729226132e108cb538f4d34b1db8090504a666f911fdc457461026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11310
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 9.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHUv6iT46GNBjlhxyb9flDPlvx7UUCU-XiICFTZdnJyx6in4qo-oGvePgN-iFQNIVtfz0i5fxfrlQOC9IrFDEWpO9osQT_8gio77y0C-SC6Iby5DCvYtf0LK816zoB_sljzpp64RFqv1BmWxVz... 9 KB
9 KB 880ms
879ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHUv6iT46GNBjlhxyb9flDPlvx7UUCU-XiICFTZdnJyx6in4qo-oGvePgN-iFQNIVtfz0i5fxfrlQOC9IrFDEWpO9osQT_8gio77y0C-SC6Iby5DCvYtf0LK816zoB_sljzpp64RFqv1BmWxVzITtNtrsDixyR9S94cHVLOKKHw2HkXlxMU9UCqszr/w300/9.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b3da44d857203f85057f23eb25629c3c39344d3486fef9c66b6ee96b4e7667d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="9.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9085
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 12.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUgk9d_VirTU3HDoDAANLoGK46zVqIDBzZ9Ldglv9Xu3i1YHROSv2ck8LddIcbieollTOy70wN7X7s8dHO5kzPs1UTnIaitYQ-zFaeukqp6oWCCb8SMSkxRGcZT3whSt45TJJj3gQyfr5cu6C9... 10 KB
10 KB 954ms
953ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUgk9d_VirTU3HDoDAANLoGK46zVqIDBzZ9Ldglv9Xu3i1YHROSv2ck8LddIcbieollTOy70wN7X7s8dHO5kzPs1UTnIaitYQ-zFaeukqp6oWCCb8SMSkxRGcZT3whSt45TJJj3gQyfr5cu6C9AmPzZriRDzO0hRzbg0ZiGZWXfnoCPQwtPvtw9WXA/w300/12.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5bc"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="12.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10619
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 6.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhBJftc9ZiQKZ7g5n4VSK0NrJoZN8IMKR_fzZX6L4CR3j-l7pc832RhfE51CD2klV7lnhNc7iw7AzuTRJC3ozwag5xTQ-MbopcHkaJuuJIxNit_8RJqEhC33vbt_-0y67aWq2-u6DuD9xryTZ9... 12 KB
13 KB 903ms
902ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhBJftc9ZiQKZ7g5n4VSK0NrJoZN8IMKR_fzZX6L4CR3j-l7pc832RhfE51CD2klV7lnhNc7iw7AzuTRJC3ozwag5xTQ-MbopcHkaJuuJIxNit_8RJqEhC33vbt_-0y67aWq2-u6DuD9xryTZ9_Va4FcyPjhIN949CKVwIMg9-HefbyE_yGUpIzX2r/w300/6.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

136b905622a1b3eb6896ccc85b31fd621d8241d9700955c10fd350fe0b4d31d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12725
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjghEK2RpWabiGJGB5zszVmEmBnyrDKzBH07BIhwaFYVY8u20zW3_JISfYbEnGXtd3zQzIVr9P3fTBWbCdXuiCmACSDqFHPMn64pN2GqtSQLgUZBi1Vqi8Yx0RCBhYoCHkKjdg10p0kZNwkMBXy... 11 KB
11 KB 824ms
824ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjghEK2RpWabiGJGB5zszVmEmBnyrDKzBH07BIhwaFYVY8u20zW3_JISfYbEnGXtd3zQzIVr9P3fTBWbCdXuiCmACSDqFHPMn64pN2GqtSQLgUZBi1Vqi8Yx0RCBhYoCHkKjdg10p0kZNwkMBXyt9U4HaO9pS2D2CJHqNMHs1y7HJumcK4PhzRnGrYG/w300/2.jpg

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6be41599b415300e4e5dfdb3c50d390c6acf888f2373860e2c8e555ff542941f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:22 GMT

GET
H2 200 cookienotice.js Show response
www.antihoax.eu.org/js/ 6 KB
2 KB 19ms
18ms Script
text/javascript 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.antihoax.eu.org/js/cookienotice.js

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 15:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Sep 2022 16:51:21 GMT

GET
H2 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
155 KB 107ms
40ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
x-content-type-options: nosniff
age: 1513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157917
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H2 200 yxpup.js Show response
o-oo.ooo/js/ 86 KB
31 KB 95ms
27ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://o-oo.ooo/js/yxpup.js
Requested by: Host: vdbaa.com
URL: https://vdbaa.com/pun.php?section=General&pt=6&pub=737457&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 0a0e8af7418e275aa4ff02da453731a8d58c2e453f615f5e46d97d2a1c4b6aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 07:40:48 GMT
server: nginx
etag: W/"62d7b180-15963"
content-type: application/javascript

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
111 B 454ms
453ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8540763992246928234&zx=ef2e66ad-1dbf-482c-918e-5e60b7a34e6e

Requested by

Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:51:22 GMT
server: GSE
date: Fri, 09 Sep 2022 16:51:22 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner_show.php Show response
udbaa.com/ Frame 4B39 1 KB
2 KB 124ms
124ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/banner_show.php?section=R&pub=737457&format=728x90&ga=g&slider=91c33f742989f55a23329affe622ed66
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: a369fd1fea9d0211346a670c2c9216bfe7da8528a3d6444e5fc13b45be7847a0

Request headers

Referer: https://www.antihoax.eu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:51:22 GMT
expires: Fri, 09 Sep 2022 16:51:22 GMT
last-modified: Fri, 09 Sep 2022 16:51:22 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 but_close.png
ylx-i.advertica-cdn2.com/ 664 B
922 B 123ms
26ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Requested by: Host: www.antihoax.eu.org
URL: https://www.antihoax.eu.org/2022/07/cara-bangunin-ayang-yang-sadang-tidur.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.antihoax.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
content-encoding: gzip
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
server: nginx
etag: W/"511166af-298"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:51:22 GMT

GET
H2 200 show.php Show response
udbaa.com/ Frame E873 2 KB
2 KB 33ms
32ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Requested by: Host: udbaa.com
URL: https://udbaa.com/banner_show.php?section=R&pub=737457&format=728x90&ga=g&slider=91c33f742989f55a23329affe622ed66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 36a94df34d6f6c924a16396b73d919386f429a33ab54d7e9287944dc7595d477

Request headers

Referer: https://udbaa.com/banner_show.php?section=R&pub=737457&format=728x90&ga=g&slider=91c33f742989f55a23329affe622ed66
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:51:22 GMT
expires: Fri, 09 Sep 2022 16:51:22 GMT
last-modified: Fri, 09 Sep 2022 16:51:22 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
ebaaa.xyz/08c73116f6/82b174e040/ Frame E873 1 KB
946 B 97ms
27ms Script
application/javascript 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCdZAdrrCACrjANZriNrAANrddCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_24426&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=728&height=90&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.8 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.8.skhosting.eu
Software: nginx /
Resource Hash: eef37f0d7bebd6205c4e9cfac5931d95dd747ecd2d467e6d5b47a21bbd8dca54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:51:22 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_upk7x1.png
ylx-i.advertica-cdn2.com/aff/ Frame E873 22 KB
22 KB 52ms
52ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:05 GMT
server: nginx
etag: W/"583d6825-5642"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:51:22 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame E873 2 KB
1 KB 52ms
51ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:22 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Sun, 09 Oct 2022 16:51:22 GMT

GET
H2 200 /
udbaa.com/trk/ Frame E873 43 B
268 B 31ms
30ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udbaa.com/trk/?dad4066ee6c95d948b61040caadc1d01
Requested by: Host: udbaa.com
URL: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://udbaa.com/show.php?u20011662742282=true&ad=673873&f=728x90&a=625611&cri=0&s=YmUxZmU5Y2NiZGEyMWEwNThkMjgyNDA5YzZiM2M4Mzc=&u=737457&si=464641917&di=45557528&ci=16&h=dad4066ee6c95d948b61040caadc1d01&cc=DE&slider=91c33f742989f55a23329affe622ed66&https=1&useAf=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&ar=aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:51:22 GMT
last-modified: Fri, 09 Sep 2022 16:51:22 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
ebaaa.xyz/08c73116f6/82b174e040/ Frame 8A2A 19 KB
4 KB 40ms
40ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCdZAdrrCACrjANZriNrAANrddCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_24426&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=728&height=90&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5&randomA=268916272741&realRef=TmY3dEpYWDhCM011NVVHNHFDcHFoMzVyK1BGVGVraU1QelJPZTZSa0s0MD0=
Requested by: Host: ebaaa.xyz
URL: https://ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCpdpdprkrGCdZAdrrCACrjANZriNrAANrddCrCZZZCCrixCrxACrCrGCxCZZZZrdxjjCCrxi_24426&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1MTg1Mw==&adApiR=loaded_string_37019599232968e17aafe8a20a937736a604d_2633176_1662742282.1841_65467&refferer=3488878835_aHR0cHM6Ly93d3cuYW50aWhvYXguZXUub3JnLw==&width=728&height=90&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.8 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.8.skhosting.eu
Software: nginx /
Resource Hash: 667cf188cf657d3721b06e84b18696de4585b4116ad268cf1e6c3522b109aa97

Request headers

Referer: https://udbaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:51:22 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

GET
H2 200 Primary Request asuransi-cigna-penipuan.html Show response
www.infonebanten.my.id/2022/09/ 182 KB
39 KB 711ms
162ms Document
text/html 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e174c29106250d2e1a7af2cc2c8f2f97d88356032682228e669d04750a0aaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.antihoax.eu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 39684
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 16:51:23 GMT
etag: W/"f59dd8d6e354b49f3dc26dea92520ceeb1fb29673ca704d8029d8ede6a2df015"
expires: Fri, 09 Sep 2022 16:51:23 GMT
last-modified: Fri, 09 Sep 2022 16:33:34 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
57 KB 195ms
95ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

524bd2c4385237dc0acc107e5732f4f3efa71a9159b90507fd8e48ce700145fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57479
x-xss-protection: 0
server: cafe
etag: 9542548477931286209
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:51:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 143ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237981127-1

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae50dbfc681e970b33bc5e68e97d2e30d2888c68ed17d1c16d9863e781754e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41970
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Sep 2022 16:51:23 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.3/css/ 170 KB
32 KB 62ms
29ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:21:37 GMT
server: cloudflare
age: 31241052
etag: W/"a28e912c1a41becec7f68848d739d5c0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 74816da91b6768e5-FRA
x-amz-request-id: N0PKCPQ3PM6RBAKC
x-amz-id-2: aw82ywh73IhwmplNnVd7b/nDyVQAVGqcyke+YhYpb/IPlIs5X/3FQDESsKxQEcR4urJjHIigMtM=

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 41ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=byr0bra&ht=tk&f=6846.15528.15529.15530&a=4009364&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 179ms
95ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fff2ea693e57dfbc6442ded96e6a1849833e29113dce5a9f61c10340c6d18589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57499
x-xss-protection: 0
server: cafe
etag: 10573584613682297736
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:51:23 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 142ms
141ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4645151496582844783&zx=a8e39b32-b2ae-4b91-9fdd-c9bdb71a4bcc

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:51:23 GMT
server: GSE
date: Fri, 09 Sep 2022 16:51:23 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m.js Show response
ljii.github.io/m/ 1 KB
1 KB 207ms
48ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ljii.github.io/m/m.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

c0d9fd1bfddc007e2f2bc3d190d17d142a600a6f963ef4ff6e26cc50c5df4bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-fastly-request-id: 8125fe22305dd2f4078d532fd9bd7f8b739f62f9
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"63186898-45d"
age: 326
x-cache: HIT
content-length: 609
x-served-by: cache-hhn4067-HHN
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 09:47:04 GMT
server: GitHub.com
x-github-request-id: 8E70:D160:4B57BD:4E01BA:631AACA0
x-timer: S1662742284.936559,VS0,VE39
date: Fri, 09 Sep 2022 16:51:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 09 Sep 2022 03:09:27 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 3

GET
H3 200 Fbw5CvJUsAAWEMp.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0... 32 KB
32 KB 489ms
408ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0ngglwZYODU6WOcE_53TIkZ6ZCX2jk7ivH6Zkf_yV/w301-h400/Fbw5CvJUsAAWEMp.jpg

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bd5bdfa8634ec0d60a77535f55cb94db515dcb3f5c9c89747ae90182d2ed736e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Fbw5CvJUsAAWEMp.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33221
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:24 GMT

GET
H3 200 3262169375-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
6 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6499
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 150ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 81940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7ku2OrD8qyBzZQVr%2B0xx8ZMXYqMjZcdMibV%2F6xTOqC5IMEJTweOyugUJ2GRyHzrvJtMvYXt0D%2BSTUpQqGNUAdAt0W%2FJk0ADAHPvcnkEkhMcaDQE5bdGTEpfEfSHxgMTCElCDye857E%2FhzlO3aNhodYD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74816daa9d4f917c-FRA
expires: Wed, 30 Aug 2023 16:51:23 GMT

GET
H2 200 cookienotice.js Show response
www.infonebanten.my.id/js/ 6 KB
2 KB 20ms
18ms Script
text/javascript 2a00:1450:400e:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infonebanten.my.id/js/cookienotice.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2013 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 15:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Sep 2022 16:51:23 GMT

GET
H3 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:26:08 GMT
x-content-type-options: nosniff
age: 1515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157917
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Sep 2023 16:26:08 GMT

GET
H2 200 6xKudSxYI9__J9CYLUv0BnYASA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
11 KB 156ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 10:38:33 GMT
x-content-type-options: nosniff
age: 108770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:38:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 08 Sep 2023 10:38:33 GMT

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 165 KB
165 KB 437ms
416ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: 2E970BFN28B6MHPB
content-length: 168768
x-amz-id-2: SkJLv+J1bcAFKmD5S8c/ozcq4aosoNfFy4DG4QNl5TjaRRKmlGDyp+vZRQYKxcbxyXg8T5byn2I=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "d8689b99dce7c881d3130f3c91cfefdf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74816daa0fcc8ff2-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237981127-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6563
date: Fri, 09 Sep 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 09 Sep 2022 17:02:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 177ms
98ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4202890101473870&plah=www.infonebanten.my.id&bust=31069448

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5acb94f3885e7f1ac0ec8bda6fe688d08f0a77b35502f7fdd99a7d297e29e070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 8465102085676509956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Sep 2022 16:51:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/ Frame 9990 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4202890101473870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 06:12:26 GMT
etag: 8616628553774171045
expires: Fri, 23 Sep 2022 06:12:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKjdSxYI9_3nPWNAGn5LA.woff2
fonts.gstatic.com/s/sen/v2/ 10 KB
10 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:59:28 GMT
x-content-type-options: nosniff
age: 435115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10108
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:43:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 15:59:28 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 678ms
678ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4645151496582844783&zx=a8e39b32-b2ae-4b91-9fdd-c9bdb71a4bcc

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 16:51:24 GMT
server: GSE
date: Fri, 09 Sep 2022 16:51:24 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET json.gp
www.geoplugin.net/ 0
0

GET
H2 200 l
use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/ 18 KB
18 KB 41ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
server: nginx
etag: "e2418760f00448874f89ae40256bf9d1d180c197"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18512

GET
H3 200 4645151496582844783
www.blogger.com/comment/frame/ Frame DF63 0
0 67ms
67ms Document
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-ykmKgrs_9VvWSobe-fv8DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-ykmKgrs_9VvWSobe-fv8DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
cross-origin-resource-policy: same-site
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
75 KB 410ms
410ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.3/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: ZTC6J9RAEWAFCETD
content-length: 76740
x-amz-id-2: PCZx6QZwCuh9GkfZWhVx8/ucA0Zk5voj7TTHkz/dBCHyoV40Q4tjwcATUA/ONAeSNXXUvD44YdM=
last-modified: Mon, 28 Jun 2021 17:23:20 GMT
server: cloudflare
etag: "0511670fe2f5405105a6760294c5c51d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 74816dab49a38ff2-FRA

GET
H2 200 l
use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/ 18 KB
18 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4eabcf/00000000000000003b9b12fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 562d57eeeab997966c8fbcdeddabca46c21bad20ee3091b39990923a4d434398

Request headers

Referer: https://www.infonebanten.my.id/
Origin: https://www.infonebanten.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
server: nginx
etag: "6a1b2c6b2a7103117fa02281727f5fc20dc57661"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18424

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 118ms
44ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=108294487&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&dr=https%3A%2F%2Fwww.antihoax.eu.org%2F&ul=en-us&de=UTF-8&dt=Asuransi%20Cigna%20Penipuan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1948355926&gjid=661110186&cid=1962467757.1662742284&tid=UA-237981127-1&_gid=1493458701.1662742284&_r=1&gtm=2ou970&z=1792098985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infonebanten.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Sep 2022 16:51:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.infonebanten.my.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4645151496582844783 Show response
www.blogger.com/comment/frame/ Frame D30A 73 KB
18 KB 69ms
68ms Document
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4871aa2cc4b6a6e1621b628fd261b127b5228700e9ce0cdd2ec4979d0ad440

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-fjMkU-TTmP1Vw9MlpJrOYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-fjMkU-TTmP1Vw9MlpJrOYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
cross-origin-resource-policy: same-site
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 avatar.jpg
4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w29-h29-p-k-no-nu/ 586 B
981 B 149ms
39ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w29-h29-p-k-no-nu/avatar.jpg

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00346c05e34ea5f5b3f4f14f2b7788c0e7edc734a77b9b98d8c53db8f66e8513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 13:57:32 GMT
x-content-type-options: nosniff
age: 10432
content-disposition: inline;filename="avatar.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 0
server: fife
etag: "v85e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:38:11 GMT

GET
H3 200 Fbw5CvJUsAAWEMp.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqAoIqO8FnaJKdyyENVHQLMD__qKTD_6Jq4fUOkoGVDxvNrv2xKk7RIAeSBSXlcqm0-GDVT2UtQmdSvCmTUsuXqUSxmjLGPho-jdvC3RSaexrn2xe8c8p4bdL_WK32Xfzkhg4W6R-53bBJHCm0... 4 KB
4 KB 787ms
786ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cf8916ecba2ef756099d2940f30210ed53e63ae1a885130683e75909d7c3e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v4"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Fbw5CvJUsAAWEMp.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3873
x-xss-protection: 0
expires: Sat, 10 Sep 2022 16:51:24 GMT

GET
H2 200 nth-ify.png
4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w108-h72-p-k-no-nu/ 858 B
987 B 149ms
40ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-eALXtf-Ljts/WrQYAbzcPUI/AAAAAAAABjY/vptx-N2H46oFbiCqbSe2JgVSlHhyl0MwQCK4BGAYYCw/w108-h72-p-k-no-nu/nth-ify.png

Requested by

Host: www.infonebanten.my.id
URL: https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78b93b31063c4d239c9139bd0ad0e3ef7a700c12ba47e9fe60db64f373c4aae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 13:48:32 GMT
x-content-type-options: nosniff
age: 10972
content-disposition: inline;filename="nth-ify.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 858
x-xss-protection: 0
server: fife
etag: "v638"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 18:32:01 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame D30A 0
26 B 58ms
58ms Other
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: t.co
URL: https://t.co/qFOZGhZW1W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-hluCjB_uCxsh617KJpUkZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-hluCjB_uCxsh617KJpUkZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=6gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP1MmdJVso1NX3PA2PwIFtecvZme5A/ Frame D30A 175 KB
62 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=6gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP1MmdJVso1NX3PA2PwIFtecvZme5A/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4645151496582844783?po=3405901145878451363&hl=en&skin=soho&blogspotRpcToken=3643772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cebc607cd344f5f654d4e4b829d961ef3377dba1fc8c68c6da792b7bd8d4122c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63161
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 05:30:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:42 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 161ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.infonebanten.my.id&callback=_gfp_s_&client=ca-pub-4202890101473870

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4202890101473870&plah=www.infonebanten.my.id&bust=31069448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 131ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB37 20 KB
5 KB 279ms
200ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&adk=1812271804&adf=3025194257&lmt=1662741214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742283937&bpp=2&bdt=276&idt=333&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6641012684680&frm=20&pv=2&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b3ac31b686fee9aef781c50a70b79b3801d0d407fe32cff6338f786a8952e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AB4 436 B
236 B 261ms
188ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=8969363499&adk=2761282531&adf=1983417940&pi=t.ma~as.8969363499&w=1058&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=1058x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742283939&bpp=1&bdt=278&idt=352&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hN3hzUtPbp&p=https%3A//www.infonebanten.my.id&dtd=355

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48b492ea5ae1022a15284b5c801e7cd038f99d82acbc68de9aa1529fb646fb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 204B 436 B
236 B 364ms
300ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&slotname=1411217929&adk=188241918&adf=2773139456&pi=t.ma~as.1411217929&w=728&fwrn=4&fwrnh=100&lmt=1662741214&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284010&bpp=5&bdt=349&idt=290&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=e0XQRMKzt3&p=https%3A//www.infonebanten.my.id&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28b5ac66edc0f596df38c20a428059bb1fc07a4de415f17160a783ccc92081ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4835 436 B
236 B 228ms
169ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=6304721807&adk=1151473238&adf=2319056852&pi=t.ma~as.6304721807&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284015&bpp=1&bdt=354&idt=291&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=C1GXqIC6Be&p=https%3A//www.infonebanten.my.id&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fab9f17b7d879e68ba7ba4f71540308888ccb19e8ecd38d8d09e734fe53f05a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformif... Frame D30A 282 KB
100 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0t-zAF6MFyQAX_KhlvlQkwXW3fxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/am=6gAEAg/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP1MmdJVso1NX3PA2PwIFtecvZme5A/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36ec61974a9615a02983bc6003de6a93f0ba3d665c99c99320db10fab577902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102323
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:43 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRi... Frame D30A 6 KB
3 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0t-zAF6MFyQAX_KhlvlQkwXW3fxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e01199aab38fbfbf8d44284e7973f8789d99faa40bf00d47ef6be2bfe2ee79d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2801
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:43 GMT

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame D30A 74 KB
25 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0t-zAF6MFyQAX_KhlvlQkwXW3fxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4aa53396a5b9ef1fe7f7b5089984225b76cc25f6352a0efb488cb385ce1e971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25871
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:43 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame D30A 1 KB
699 B 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mpq4Ee,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0t-zAF6MFyQAX_KhlvlQkwXW3fxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13147fbd2f77826f658f3a10622f0e15d0cf8420ee9579d2afeb103182591b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 03:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 673
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 11:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 03:12:43 GMT

POST
H2 200 log Show response
play.google.com/ Frame D30A 131 B
673 B 134ms
48ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 09 Sep 2022 16:51:24 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame D30A 1 KB
1 KB 130ms
46ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.22L9TH_m0ZQ.es5.O/ck=boq-blogger.BloggerCommentUi.tR-CPGdNZ9I.L.B1.O/am=6gAEAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP0t-zAF6MFyQAX_KhlvlQkwXW3fxQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,Mpq4Ee,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b12abad86f96e2ffe9a00a1ca10f94999cc6f9abb4344d9c16af259e465aedc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 1; mode=block
expires: Fri, 09 Sep 2022 16:51:24 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 128ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 119ms
45ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infonebanten.my.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 134C 436 B
237 B 128ms
128ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=182&slotname=7436789971&adk=582714291&adf=1706410466&pi=t.ma~as.7436789971&w=728&fwrn=4&lmt=1662741214&rafmt=11&psa=0&format=728x182&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284017&bpp=1&bdt=356&idt=294&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182&nras=1&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=4746&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Yy8hHB0weJ&p=https%3A//www.infonebanten.my.id&dtd=554

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1732035abc1980fcf11e095c33e039b9c18c7e46673c72274c9e21f902791088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6F8 436 B
237 B 206ms
205ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=1041204077&pi=t.aa~a.1381849204~i.7~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=936&idt=-M&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182&nras=2&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=pibn9srvc4&p=https%3A//www.infonebanten.my.id&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3678af7c03f998b9c2f7ff8274ee21aaeb3a1e29fc37628175e7bcd7dccb4bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1C9 436 B
236 B 176ms
175ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3131877929&pi=t.aa~a.1381849204~i.9~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=936&idt=-M&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182%2C728x280&nras=3&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=2195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=8W4efttReu&p=https%3A//www.infonebanten.my.id&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff442cdf59d82fc232605e504ef4a335bf22de71b0d301db32673a9784192e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6F3 436 B
237 B 210ms
209ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4202890101473870&output=html&h=280&adk=689432304&adf=3179669750&pi=t.aa~a.1381849204~i.17~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1662741214&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9292805111&psa=1&ad_type=text_image&format=728x280&url=https%3A%2F%2Fwww.infonebanten.my.id%2F2022%2F09%2Fasuransi-cigna-penipuan.html&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662742284597&bpp=1&bdt=935&idt=0&shv=r20220907&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1058x280%2C728x280%2C728x182%2C728x182%2C728x280%2C728x280&nras=4&correlator=6641012684680&frm=20&pv=1&ga_vid=1962467757.1662742284&ga_sid=1662742284&ga_hid=108294487&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=271&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069448%2C44772922%2C21065724&oid=2&pvsid=3811636312117047&tmod=1998269112&uas=0&nvt=1&ref=https%3A%2F%2Fwww.antihoax.eu.org%2F&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=nhlrhlLM3Z&p=https%3A//www.infonebanten.my.id&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f5be0479506ff8cc4aca5a197826bbeb0e5fc72c015ca8af74631c90f66682d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:24 GMT
expires: Fri, 09 Sep 2022 16:51:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame D30A 392 KB
157 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 14:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 14:38:04 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B83B 42 KB
22 KB 137ms
56ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=cklrx0u4w4y2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1403b3d6d99b70c569c197bab31a0f4cac43c4f342ad90fc40518f9ae3eb72fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2B2J9pl0jZCcclKOmOyCOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22135
content-security-policy: script-src 'report-sample' 'nonce-2B2J9pl0jZCcclKOmOyCOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame B83B 52 KB
24 KB 117ms
38ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=cklrx0u4w4y2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 14:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 14:37:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame B83B 392 KB
156 KB 137ms
59ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 14:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159560
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 14:38:04 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B83B 2 KB
2 KB 38ms
38ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 251497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Sep 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B83B 15 KB
15 KB 110ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 258284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B83B 15 KB
15 KB 112ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 325806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B83B 102 B
134 B 47ms
47ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=cklrx0u4w4y2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 09 Sep 2022 16:51:25 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame AD47 0
27 B 65ms
64ms Other
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: t.co
URL: https://t.co/qFOZGhZW1W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jarvy6m8cVxrkutEQtA1QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 09 Sep 2022 16:51:25 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-Jarvy6m8cVxrkutEQtA1QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3523451998-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3523451998-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 23:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 01:13:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 23:19:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 157ms
83ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220907&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b93ca915a5375cf16ce45073e7ff62405aac96e55e97d4951cbd5575450ce5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 09 Sep 2022 16:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11127
x-xss-protection: 0

GET
H3 200 3304157118-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 367 KB
368 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3304157118-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7662448ba6067f51224370d99ef4bc77addbfa0e4539f3ba74cc60ed090d027e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 01:52:54 GMT
x-content-type-options: nosniff
age: 140311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376269
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 22:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Sep 2023 01:52:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 193ms
81ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Sep 2022 16:51:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7CD 13 KB
5 KB 121ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 14:57:52 GMT
expires: Sat, 09 Sep 2023 14:57:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 33D8 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d35935806a1b3505f491bb285e7d741ead3f54a4aa0c1142c3f228423d4b53a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RIZkfOq_sJ9kvdQp5Y-98A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infonebanten.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-RIZkfOq_sJ9kvdQp5Y-98A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 16:51:25 GMT
expires: Fri, 09 Sep 2022 16:51:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33D8 0
0 73ms
72ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220907&jk=3811636312117047&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame D7CD 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 15:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15929
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 15:50:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7CD 0
10 B 45ms
45ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YagJ2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220907&jk=3811636312117047&bg=!JiWlJWHNAAZTikH4c4o7ACkAdvg8WtxgZgdZivW7lmo5Q1XKlhROkqD9FrujO2B1i2R35vxbMEk92QIAAABIUgAAAAJoAQeZAvClaEsGoICqgycOo0VTMm9S15fkI1zUv2vgywLJs0w4d154iPcsaPRaWljwamxtNpXzrvJAyW50JKWQ8gfZfGtuDlvz_NBmUHuheAGzk7hswgtPwnmc_Ir9XVkvaINuNnYw54LDnMNQi4J_tCZp1dQjQsMmmf-TzfGC7SySAeEqZmBGANbQjENZUxPIOPufFpDjsUiXylRYJz4XrSioygZ-8DUlaLgBnkavqcJ_CCmCVpane04PMHjmcO1y-5JdGPCJTNlxSp4du-QeZ5AxeJ7tXagTDrn-LGwgQxD3baIg4mUf5hSl0zl91-Mf2eaU7MhbDwQDEPI_YaRc_lYaRsz3uk8enGIAvl_byrz9OCFKbc_T4M3TrT9XClvpyvErQleEZ8QYRJOea9dKh4KNWUTehvSzz7kksm_azO7ARKDfIOnRwPljT18l138m2EbPXdPqx3gZmlrds-GWDjQ3_qb8-aH5B7Lcus5IxWCirZJ82dN8WaeqdAalu3ALLkOknGR4oL6mvjG8yAdMkd432zB34s5E3u0UrP2EZeMbnouDV1p9m7qvr8to3v6SQrR6ZgUJB4wZgi-D0DN9hmKx_Flwfg66lOxWFsj09j5PWNYOc28qHgaFPGhy5RGrRJVDJluKoYDSCrHP7x3WLwHsSK5DRdNU95f7mi0pB6kNLhyvqRclpGouSeXVZrOgg_7u3_HuwJfM8qE4KG0IO3rw4vdnfl7suHxWD8uuJ5m0KxRJmleno9gY9BdZx8oUYQEb5-9asNknq9ErYRDumFU3XDIRQDdQExu7G2AJ22xr5hH2cuJ3fSY946LFJFUcA7A9yTgUICQ2xPfkeMlEPMEQJLgsE4Ac3JlseJGnbECzlDE7DMcKYjQ7G279nmIb1lYQVRW6fioUzsQoCCPkgX7H9_19nx8Aje460NRsfzoCB6grRPSW1TfMEITF_uC6NAS-U3m7GmVJwtHyX199lTxlznNApQF6Vi9H48GITYcKbu8elA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.infonebanten.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.geoplugin.net
URL: http://www.geoplugin.net/json.gp

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 15:22:36	Name: muc Value: db7a13e1-f5ce-463c-ad4a-a79b09132a82
.udbaa.com/	1970-01-20 05:53:02	Name: used_ad2633176 Value: 1
.udbaa.com/	1970-01-20 05:53:02	Name: total_impressions Value: 1
.udbaa.com/	1970-01-20 06:35:34	Name: cpa_673873 Value: 728x90_464641917_5
.infonebanten.my.id/	1970-01-20 15:28:22	Name: _ga Value: GA1.3.1962467757.1662742284
.infonebanten.my.id/	1970-01-20 05:53:48	Name: _gid Value: GA1.3.1493458701.1662742284
.infonebanten.my.id/	1970-01-20 05:52:22	Name: _gat_gtag_UA_237981127_1 Value: 1
.doubleclick.net/	1970-01-20 15:13:58	Name: IDE Value: AHWqTUlbGjJKqTtZaw5cQlhcA4g48p2kJ1iYgLBdLj4EU08Q5pSGAeCq3x6GFWc8kHI

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/qFOZGhZW1W Message: Unrecognized Content-Security-Policy directive 'referrer'.
network	error	URL: https://res.cloudinary.com/practicaldev/image/fetch/s--DIr6g6vv--/f_auto,fl_progressive,q_auto,w_10/https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhW_SD910yw8ZmBYYvqVWvRIXDoE9nqkVhn6H0Rv6UVMvcMeC_ECk39Pw3IgJh9xAb2ZwYoQLoZUYrPs3u9XB5aKUujhr_Dlf5y28wCucGIabX7O1wzrb5-azM-EW8KdXgLMEOjCzTX2BLSRRcRTd_l5HWePgdw2fZUDJzOCKY_s4d_vcgIt6fnx7En/w409-h256/10.jpg Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://ljii.github.io/m/m.js(Line 4) Message: Mixed Content: The page at 'https://www.infonebanten.my.id/2022/09/asuransi-cigna-penipuan.html' was loaded over HTTPS, but requested an insecure resource 'http://www.geoplugin.net/json.gp'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
adservice.google.com
adservice.google.de
antihoax.eu.org
blogger.googleusercontent.com
cdn0-production-images-kly.akamaized.net
cdnjs.cloudflare.com
ebaaa.xyz
fonts.gstatic.com
googleads.g.doubleclick.net
ljii.github.io
makintahu.com
o-oo.ooo
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
pro.fontawesome.com
res.cloudinary.com
t.co
tpc.googlesyndication.com
udbaa.com
use.typekit.net
vdbaa.com
www.antihoax.eu.org
www.blogger.com
www.geoplugin.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.infonebanten.my.id
www.makintahu.com
ylx-i.advertica-cdn2.com
www.geoplugin.net
104.244.42.197
185.66.200.127
185.66.200.220
185.66.201.42
185.66.201.8
216.239.32.21
23.6.112.33
2606:4700::6811:190e
2606:4700::6812:1634
2606:50c0:8000::153
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2009
2a00:1450:4001:831::2003
2a00:1450:400e:810::2013
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:14a0
2a04:4e42:400::393
2a06:98c1:3120::3
2a06:98c1:3121::c
00346c05e34ea5f5b3f4f14f2b7788c0e7edc734a77b9b98d8c53db8f66e8513
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0a0e8af7418e275aa4ff02da453731a8d58c2e453f615f5e46d97d2a1c4b6aa6
136b905622a1b3eb6896ccc85b31fd621d8241d9700955c10fd350fe0b4d31d6
1403b3d6d99b70c569c197bab31a0f4cac43c4f342ad90fc40518f9ae3eb72fe
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
1732035abc1980fcf11e095c33e039b9c18c7e46673c72274c9e21f902791088
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
28b5ac66edc0f596df38c20a428059bb1fc07a4de415f17160a783ccc92081ff
28fdda1121b007f5a8046e069c155aea681e7a77be87ead36bb46f5f518584a8
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
2c25ce1ea0c582e2ff7d4760f3500c1bf9988b6c8a58a2c3aba715189befb76f
3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d
3678af7c03f998b9c2f7ff8274ee21aaeb3a1e29fc37628175e7bcd7dccb4bf7
36a94df34d6f6c924a16396b73d919386f429a33ab54d7e9287944dc7595d477
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
48b492ea5ae1022a15284b5c801e7cd038f99d82acbc68de9aa1529fb646fb74
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
4e174c29106250d2e1a7af2cc2c8f2f97d88356032682228e669d04750a0aaa5
4e4c868d3cfb8c9c9300c6b89343ea6a3955643e97e359e7c041f84424e7734e
4f5be0479506ff8cc4aca5a197826bbeb0e5fc72c015ca8af74631c90f66682d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
524bd2c4385237dc0acc107e5732f4f3efa71a9159b90507fd8e48ce700145fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562d57eeeab997966c8fbcdeddabca46c21bad20ee3091b39990923a4d434398
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5acb94f3885e7f1ac0ec8bda6fe688d08f0a77b35502f7fdd99a7d297e29e070
5b3ac31b686fee9aef781c50a70b79b3801d0d407fe32cff6338f786a8952e18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667cf188cf657d3721b06e84b18696de4585b4116ad268cf1e6c3522b109aa97
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be41599b415300e4e5dfdb3c50d390c6acf888f2373860e2c8e555ff542941f
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
7662448ba6067f51224370d99ef4bc77addbfa0e4539f3ba74cc60ed090d027e
78b93b31063c4d239c9139bd0ad0e3ef7a700c12ba47e9fe60db64f373c4aae2
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
8aa807435d2930ada74e3d8ee6ad0a61080e3d5db69906fe4f603890c548d7eb
8b93ca915a5375cf16ce45073e7ff62405aac96e55e97d4951cbd5575450ce5d
8cf8916ecba2ef756099d2940f30210ed53e63ae1a885130683e75909d7c3e2c
99068357b8c8884b73d76f8554ae6a03af947e8c35d46fcddf1b1036d9ab737e
9b3da44d857203f85057f23eb25629c3c39344d3486fef9c66b6ee96b4e7667d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a369fd1fea9d0211346a670c2c9216bfe7da8528a3d6444e5fc13b45be7847a0
a36ec61974a9615a02983bc6003de6a93f0ba3d665c99c99320db10fab577902
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9099ab8b1851f4f073b6f50d3abd2c1010343c68642847219603cb3c4e82c43
a9329247d7579fbe9c42373eaa6b664b6832a14c8ed3556f31913e0d556d7401
ae50dbfc681e970b33bc5e68e97d2e30d2888c68ed17d1c16d9863e781754e35
b12abad86f96e2ffe9a00a1ca10f94999cc6f9abb4344d9c16af259e465aedc9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4aa53396a5b9ef1fe7f7b5089984225b76cc25f6352a0efb488cb385ce1e971
bd5bdfa8634ec0d60a77535f55cb94db515dcb3f5c9c89747ae90182d2ed736e
c0d9fd1bfddc007e2f2bc3d190d17d142a600a6f963ef4ff6e26cc50c5df4bc0
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
cebc607cd344f5f654d4e4b829d961ef3377dba1fc8c68c6da792b7bd8d4122c
cf4871aa2cc4b6a6e1621b628fd261b127b5228700e9ce0cdd2ec4979d0ad440
d35935806a1b3505f491bb285e7d741ead3f54a4aa0c1142c3f228423d4b53a7
d63f3758eebeaba0dd4675178267fbfa47a2398ca687fca6f96f9c7d55cc07ee
d954556a9ec67e4ce63d993d026abf4b6cab1fdd80d3df2d55a76f8c8aaef415
da5bf7ece2deb365b2588d498fbda7e3bd194cc4d486719f09e220dc07a90241
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e01199aab38fbfbf8d44284e7973f8789d99faa40bf00d47ef6be2bfe2ee79d3
e13147fbd2f77826f658f3a10622f0e15d0cf8420ee9579d2afeb103182591b1
e21a02db9aeb3422f7196956e7ac513ce6cb6d65e9ea370f7a2a16b5f34f5388
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbe2344be729226132e108cb538f4d34b1db8090504a666f911fdc457461026
eef37f0d7bebd6205c4e9cfac5931d95dd747ecd2d467e6d5b47a21bbd8dca54
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fab9f17b7d879e68ba7ba4f71540308888ccb19e8ecd38d8d09e734fe53f05a2
ff442cdf59d82fc232605e504ef4a335bf22de71b0d301db32673a9784192e7b
fff2ea693e57dfbc6442ded96e6a1849833e29113dce5a9f61c10340c6d18589

www.infonebanten.my.id Open in urlscan Pro 2a00:1450:400e:810::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

77 %IPv6

27 Domains

34 Subdomains

29 IPs

5 Countries

2380 kBTransfer

4485 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infonebanten.my.id Open in urlscan Pro
2a00:1450:400e:810::2013 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

77 %
IPv6

27
Domains

34
Subdomains

29
IPs

5
Countries

2380 kB
Transfer

4485 kB
Size

8
Cookies

101 HTTP transactions
0 data transactions